Solved

Dynamics CRM 2011 - TMG Publishing without claims authentication and IFD

Posted on 2013-02-01
10
1,524 Views
Last Modified: 2013-02-07
Since it is very tricky to setup claims authentication and Internet facing deployment (IFD) with Dynamics CRM Server 2011 (see this question for details) I have following question:
Is it possible (and how) to publish Dynamics CRM 2011 with TMG without configuring claims authentication and IFD? Of course CRM should be available from browsers and Outlook clients through the Internet.
Thanks
0
Comment
Question by:fd4u
  • 5
  • 4
10 Comments
 
LVL 27

Assisted Solution

by:Chinmay Patel
Chinmay Patel earned 150 total points
ID: 38846465
Hi fd4u,

I dont think that it is possible to expose CRM to internet[Web might work via port forwarding and using hostheaders] without using IFD.

Regards,
Chinmay.
0
 
LVL 29

Accepted Solution

by:
Feridun Kadir earned 150 total points
ID: 38846537
I think it can work for just the web application but not the CRM client for OUtlook.

You need to get IFD working. IFD really does work. If I get a moment next week I'll have another look at your other question.
0
 

Assisted Solution

by:fd4u
fd4u earned 0 total points
ID: 38847838
Thanks for the answers! I haven't found a way to publish it externally for Outlook without IFD, so I guess you are right.
Meanwhile I've resolved the original issue with IFD (simply - by reinstalling everything, and changing something in topology). Now I have problems with publishing everything on TMG, but I'll create the new question with this issue.
Since your answers are simply it-can't-be-done answers, I think that it is fair to give you 150 points each. (If it is possible this way - I still don't know how everything with points work.)
Thanks for helping!
0
SharePoint Admin?

Enable Your Employees To Focus On The Core With Intuitive Onscreen Guidance That is With You At The Moment of Need.

 

Author Comment

by:fd4u
ID: 38847870
Just one more comment: I'm very disappointed with the fact that Dynamics CRM requires claims authentication and IFD. Is there any meaningful reason for avoiding usual authentication / publishing mechanisms used with SharePoint, Exchange, TFS, etc???
0
 
LVL 29

Expert Comment

by:Feridun Kadir
ID: 38848124
I think some of the reasons CRM requires Claims and IFD include:
connecting to CRM is more complex than SharePoint. CRM has several web services and a server can host multiple organization database. Each database is independent of each other
Claims is used because it is a standard and allows for authentication mechanisms other than Active Directory to be used to authenticate users - perhaps partner companies
However, I do agree it is daunting and time consuming to set up.
0
 

Author Comment

by:fd4u
ID: 38848443
@feridun
With all respect I can't agree with your explanation. First, I don't think that authentication type and background complexity are corelated so tightly. Second, if we are talking about complexity I think that SharePoint can be much more complex than Dynamics CRM in number of databases, services (dozens of them), with enterprise search which includes no just SP resources but also Exchange e-discovery and any other external resources, with filtering results acording to user privilegies.....

Finally, if federation is the reason, they could add claims as an option, but remain other ones also. It would be stupid to make life so complicated for 99% percent of users just to enable feature that will be used in no more than 1% deployments. (I'm not sure if my estimations are correct, but I haven't saw CRM for federated users yet.)
0
 
LVL 29

Expert Comment

by:Feridun Kadir
ID: 38848751
Fair enough. Your comments are valid.  Configuring IFD for CRM 4.0 was considerably simpler and did not involve claims at all.
0
 

Author Comment

by:fd4u
ID: 38849677
After many troubles with configuring IFD I've finally succeeded (details).
But immediately after that I've ran into different problem - publishing IFD on TMG 2010 SP2. After publishing ADFS and IFD, I've got access in browser, but again I was unable to connect Outlook client (???#%$*&@$???). Again I've lost two days in trying different publishing settings (overriding host header or not, changing ports, rechecking certificates, requests from original sender or from TMG, link rewriting or not...) and again with no luck...
Finally I've found this article which states that rollup 2 for TMG 2010 SP2 is needed. I haven't heard about those rollups before because I'm relying on WSUS to get me all new stuff. But rollups 1 - 3 for TMG 2010 SP2 are special, and you need to create an order to get download links to e-mail...
Why everything needs to be so complicated with this Dynamics CRM??? I've spent so much time and energy in setting it up that I doubt I'll ever actually use it.
Thanks
0
 
LVL 29

Expert Comment

by:Feridun Kadir
ID: 38850249
I wish I'd remembered to point out this Microsoft document to you,
http://www.microsoft.com/en-us/download/details.aspx?id=3621

It might have helped you.
0
 

Author Closing Comment

by:fd4u
ID: 38863294
I've grade the answers with "Good" just because these were disappointing for me. But as far as I know at the moment - they are correct.
0

Featured Post

Instantly Create Instructional Tutorials

Contextual Guidance at the moment of need helps your employees adopt to new software or processes instantly. Boost knowledge retention and employee engagement step-by-step with one easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Having trouble getting your hands on Dynamics 365 Field Service or Project Service trial? Worry No More!!!
Desired Skill Set for Microsoft Dynamics CRM Technical Resources – Part I
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question