DNS Configuration

The implementation of claims based authentication for both internal and external access to a CRM server requires the following URLs:

Security Token Service(STS) URL, e.g. sts.yourdomain.com
External URL,e.g. external.yourdomain.com
Internal URL, e.g. internal.yourdomain.com
Internet Facing Deployment(IFD) URL, e.g. auth.yourdomain.com
Discovery Service URL, e.g. dev.yourdomain.com

The Security Token Service URL is the URL of your ADFS server, and the other URLs should all resolve to your CRM server.

Certificate

Claims based authentication is enabled, HTTPS must be used for both internal and external access. As stated above, your CRM server has to bind to various URL. Therefore, you will need a wild card certificate, e.g. *.yourdomain.com

You will also need an encryption certificate to be used by ADFS to encrypt claims.

Demo System

In this guide, we use a demo system with the following settings:

Domain Name: qadomain.com
Security Token Service(STS) URL: sts.qadomain.com
External URL: deepnetcrm.qadomain.com
Internal URL: crm.qadomain.com
Internet Facing Deployment(IFD) URL: auth.qadomain.com
Discovery Service URL: dev.qadomain.com

Page tree

Preparation [CRM]

DNS Configuration

Certificate

Demo System