Active Directory Federation Services (ADFS) is a common part of Dynamics CRM implementations because it allows for secure, supported, and efficient claims-based authentication into Dynamics CRM environments, as well as a secure SSL encrypted Internet Facing Deployment. It is also required for many of our most popular PowerPack add-on components for Dynamics CRM.
The most common ADFS deployments have been of the ADFS 2.x variety, and once the configuration principles are understood, it is a lot less daunting to set up. Now, with the release of ADFS 3.0, there are some new things to keep in mind when implementing ADFS with CRM/Office 365.
- First and foremost, you might hop over to your favorite search engine and look for the ADFS 3.0 download. You won’t have any such luck here! ADFS 3.0 is now embedded in Windows Server 2012 R2 as a server role (in Roles and Features on Windows Server). In order to install ADFS 3.0, you must open your server manager, go to Roles, and install the ADFS 3.0 role.
- The next big change is that the ADFS proxy is done for. It has been replaced by something titled Web Application Proxy (WAP), which is actually part of the remote access role in Roles on Windows Server 2012 R2. The WAP component is much more robust and configurable than the ADFS proxy of old, and of course can be used for other applications like SharePoint or Office 365.
- A huge change is that ADFS no longer runs on Internet Information Services (IIS). This was done improve performance, allow for more configurations that what IIS was limited to, and to also allow for ADFS deployments on servers where Active Directory Domain Services is present, as we would typically steer clear of deploying IIS on a domain controller.
- There is also a new Multi-Factor Authentication (MFA) adapter for ADFS 3.0 that will allow integrations into Azure Active Authentication among others.
The AFDS configuration process for CRM more or less the same as it stands now, with a few tweaks here and there. More updates and findings will inevitably follow as ADFS 3.0 and its new features are used with Dynamics CRM, and your friendly neighborhood CRM experts at PowerObjects will be here to explain them for you!
Happy authenticating and CRM’ing!