1

Suggested by Surendra Dalbanjan New 

We have a customer and they want to configure Azure SSO for Dynamics 365 On-Premise. Currently our Dynamics 365 On-Premise is authenticated with ADFS and has Dynamics 365 mobile/Outlook applications. We need to federate this with Azure without dependency on ADFS.


Symptom:

To migrating ADFS to Azure active directory for running Dynamics 365 application.

 

Resolution:

Researched on the ask and found migrating ADFS to Azure active directory for running Dynamics 365 application is not yet supported. 


SSO on Dynamics 365 on premise needs ADFS to work. Unfortunately, SSO with Azure AD without ADFS is not supported at the moment. Currently it is only supported to sync on premise AD with Azure AD but the authentication must go through ADFS.

 

I checked the documentation you shared and as you mentioned they are not recommending for this configuration, also it may not work with Mobile applications. As this has been not tested by our engineering team, we would not recommend this for Dynamics 365 On-premises.

 

If you want to migrate ADFS to Azure active directory then you can refer to the documents below, but if this is solely for running Dynamics CRM application then this is not yet supported for running Dynamics CRM application as it is not yet tested by our backend team.


Create or edit a dynamic group and get status - Azure AD - Microsoft Entra | Microsoft Learn [nam06.safelinks.protection.outlook.com]

 

https://learn.microsoft.com/en-us/azure/active-directory/manage-apps/migrate-application-authentication-to-azure-active-directory [nam06.safelinks.protection.outlook.com] [nam06.safelinks.protection.outlook.com]


Customer has the following questions and would like to set up a call to discuss these and some other questions too. Let me know your availability so that we can set up a call accordingly to get a better understanding.

·         Is it possible to set up Azure SSO for Dynamics 365 on Prem without dependency on ADFS?

·         Will this still support Dynamics 365 mobile/Outlook applications?

·         Found this article https://blog.thenetw.org/2018/04/03/using-azure-active-directory-for-sso-with-dynamics-365-on-premise/ [nam06.safelinks.protection.outlook.com] that has the explanation of Azure SSO setup for Dynamics 365 on Prem without ADFS dependency but they are not recommending it for production environment and looks like it doesn’t support Dynamics 365 mobile/Outlook applications – wanted more clarity/details on this.

<div>Please <a id="idea-signin-link" href="/SignIn?returnUrl=%2Finsider%2Fpublic-profile%2Fideas%2FPPAdminCenter%2FID0150673">sign in</a> to Vote and Comment on Idea.</div>

Search Ideas