Skip to main content

Notifications

Announcements

No record found.

Community site session details

Community site session details

Session Id :
Customer experience | Sales, Customer Insights,...
Answered

Single Sign On with ADFS Implementation

(0) ShareShare
ReportReport
Posted on by 30

Hi CRM Experts,

Is there any way to achieve Microsoft Dynamics CRM 2013 claim base authentication with single sign on for on-premise version? We have configured claim base authentication but it requires entering user and password. But the user don't want to enter their credentials and wants to login to CRM automatically. 

Best regards,

Pyae Phyo

  • Suggested answer
    RE: Single Sign On with ADFS Implementation

    Apart from using the internal URL, also ensure that Windows-Integrated authentication, also known as Windows NT Challenge/Response, must be enabled in the Web site properties in IIS. Anonymous authentication is attempted first, followed by Windows-Integrated authentication, Digest authentication (if applicable), and finally Basic (clear text) authentication.

    docs.microsoft.com/.../prompt-for-username-and-password

    Additionally, enable windows integrated auth for IE and ensure that the web addreses are added in the Local Intranet.

    In IE -> Settings -> Internet Options -> Security -> Local intranet -> Sites -> Advanced -> Add

    https://answers.microsoft.com/en-us/edge/forum/edge_other-edge_win10/how-do-i-enable-integrated-windows-authentication/5668886b-659f-4fec-97b5-db68593235b9

    Configuring Chrome and Firefox for Windows Integrated Authentication

    specopssoft.com/.../

  • Alan Ericson Profile Picture
    Alan Ericson on at
    RE: Single Sign On with ADFS Implementation

    With Dynamics CRM and claims-based authentication, there is the concept of the external and internal URL. If user logs into the internal URL, they should be redirected to AD FS using Windows Internal Authentication and not experience a sign-in prompt.

    The internal URL is defined on the web address tab for Dynamics CRM within the properties of the deployment in the deployment manager.

    1. On the CRM server > start > search for deployment manager > open the application
    2. Select CRM in the left hand navigation > select properties in the actions pane > web address tab
    3. Specify an alias to access the site that matches the certificate subject and resolves to the CRM web front end server(s) in DNS

    Internal URL will have the format of the address you enter for web application in the web address tab with the organization name at the end. For example:

    https://crminternal.contoso.com/ContosoCRM

    The external URL for CRM should contain the organization name in the beginning:

    https://ContosoCRM.contoso.com

    There are other factors such as SPN configured for AD FS and placing the AD FS URL in the local intranet zone for the automatic login to complete.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Announcing Our 2025 Season 1 Super Users!

A new season of Super Users has arrived, and we are so grateful for the daily…

Vahid Ghafarpour – Community Spotlight

We are excited to recognize Vahid Ghafarpour as our February 2025 Community…

Tip: Become a User Group leader!

Join the ranks of valued community UG leaders

Leaderboard

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 292,468 Super User 2025 Season 1

#2
Martin Dráb Profile Picture

Martin Dráb 231,289 Most Valuable Professional

#3
nmaenpaa Profile Picture

nmaenpaa 101,156

Leaderboard

Featured topics

Product updates

Dynamics 365 release plans