Claims-based authentication

Claims-based authentication is required for Microsoft Dynamics 365 Internet-facing deployment (IFD) access.

Set Microsoft Dynamics 365 Server binding to HTTPS and configure the root domain web addresses:

1: On the Microsoft Dynamics 365 server, start the Deployment Manager.

2: In the Actions pane, click Properties.

3: Click the Web Address tab.

4: Under Binding Type, select HTTPS.

5: Verify that the web addresses are valid for given TLS/SSL certificate and the TLS/SSL port bound to the Microsoft Dynamics 365 website.


6: Click OK.


The CRMAppPool account and the Microsoft Dynamics CRM encryption certificate:

1: On the Microsoft Dynamics 365 server, create a Microsoft Management Console (MMC) with the Certificates snap-in console that targets the Local computer certificate store.

2: In the console tree, expand the Certificates (Local Computer) node, expand the Personal store, and then click Certificates.

3: In the details pane, right-click the encryption certificate specified in the Configure Claims-Based Authentication Wizard, point to All Tasks, and then click Manage Private Keys.

4: Click Add, add the CRMAppPool account, and then grant Read permissions.

5: Click OK.


Configuring claims-based authentication using the Configure Claims-Based Authentication Wizard:

1: On the Microsoft Dynamics 365 server, start the Deployment Manager.

2: In the Deployment Manager console tree, right-click Microsoft Dynamics 365, and then click Configure Claims-Based Authentication.

3: Review the contents of the page, and then click Next.

4: On the Specify the security token service page, enter the federation metadata URL.

5: Click Next.

6: On the Specify the encryption certificate page, specify the encryption certificate.

7: Click Next.

8: On the System Checks page, review the results, perform any steps required to fix problems, and then click Next.

9: On the Review your selections verify your selections, and then click Apply.

10: Click Finish.

Hence you done with setup, now you can use claim based authentication.

Was this article helpful?

No 0