DNS configuration

Article
05/10/2013

Before configuring Microsoft Dynamics CRM Server 2011 for claims-based authentication, you should configure your internal and public domain records so the various Microsoft Dynamics CRM Server 2011 and AD FS endpoints resolve correctly. If you are setting up Microsoft Dynamics CRM Server 2011 in a test lab, you can configure internal records in the hosts file instead of DNS. Hosts use is not recommended for a production environment.

You will create DNS records for the following domain names:

Internal URL used to access Microsoft Dynamics (for example, internalcrm.contoso.local).
External URL used to access Microsoft Dynamics - Web Application Server domain (for example, orgname.contoso.com).
Microsoft Dynamics CRM Organization Web Service domain. Differs from the record used for external access if you have separate domains (for example, orgname.subdm.contoso.com).
Microsoft Dynamics CRM Discovery Web Service domain (for example, dev.contoso.com).
AD FS 2.0 server (for example, sts1.contoso.com).
External IFD URL - Microsoft Dynamics CRM IFD federation endpoint (for example, auth.contoso.com). This record will be used by the AD FS 2.0 server when retrieving the Microsoft Dynamics CRM IFD federationmetadata.xml file.

Important

There are several names that cannot be used for host records, for example: support, help, and home. To view a complete list of reserved names, open the dbo.ReservedNames table in the MSCRM_CONFIG database on the Microsoft Dynamics CRM server and review the names in the ReservedName column.

Example DNS Settings – AD FS and Microsoft Dynamics CRM on the same server

The following are example DNS settings for a single-server deployment. A single domain – contoso.local – is used for internal access. A publicly registered domain – contoso.com – is used for external Microsoft Dynamics CRM access. Contoso.com can also be used for internal access. A single public IP address is required for external access to Microsoft Dynamics CRM.

The following table contains records configured in the Internal DNS Zone: contoso.local.

Name	Type	Data	Comment
Internal DNS Zone: contoso.local			The following record is configured in DNS on your internal server.
crmserver	Host (A)	The IP address of the server where Microsoft Dynamics CRM and AD FS 2.0 are installed.	Configured in DNS on your internal server.

The following table contains records configured in the Internal DNS Zone: contoso.com.

Name	Type	Data	Comment
Internal DNS Zone: contoso.com			The following record is configured in DNS on your internal server.
internalcrm	Alias (CNAME)	crmserver.contoso.local	Configured in DNS on your internal server. Used in the internal URL to access Microsoft Dynamics CRM. Internal URL: https://internalcrm.contoso.com:444

Internal DNS Zone: contoso.com

The following record is configured in DNS on your internal server.

internalcrm

Alias (CNAME)

crmserver.contoso.local

Configured in DNS on your internal server.

Used in the internal URL to access Microsoft Dynamics CRM. Internal URL: https://internalcrm.contoso.com:444

The following table contains records that must be created with your public host domain service.

Name	Type	Data	Comment
Public DNS: contoso.com			The following records must be created with your public host domain service. For performance and redundancy purposes you could also create these records in the contoso.com zone on your internal DNS server.
orgname	Host (A)	IP address of your Microsoft Dynamics CRM public-facing internet connection	Used in the external URL to access Microsoft Dynamics CRM. External URL: https://orgname.contoso.com:444
dev	Host (A)	IP address of your Microsoft Dynamics CRM public-facing internet connection	The Microsoft Dynamics CRMDiscovery Web Service.
sts1	Host (A)	IP address of your Microsoft Dynamics CRM public-facing internet connection	The AD FS 2.0 server.
auth	Host (A)	IP address of your Microsoft Dynamics CRM public-facing internet connection	The Microsoft Dynamics CRM IFD federation endpoint. This record will be used by the AD FS 2.0 server when retrieving the Microsoft Dynamics CRM IFD federationmetadata.xml file.

Example DNS Settings – AD FS and Microsoft Dynamics CRM on separate servers

The following are example DNS settings for a two-server deployment. Two public IP addresses are required for external access to Microsoft Dynamics CRM – one for the Microsoft Dynamics CRM server and one for the AD FS server. Two internally hosted DNS zones are required: contoso.local and contoso.com.

Important

If you would rather not have a public connection for your AD FS 2.0 server, you can use an AD FS proxy server. For more information, see Deploying Federation Server Proxies.

The following table contains records configured in the Internal DNS Zone: contoso.local.

Name	Type	Data	Comment
Internal DNS Zone: contoso.local			The following record is configured in DNS on your internal server.
crmserver	Host (A)	The IP address of the server where Microsoft Dynamics CRM is installed.	Configured in DNS on your internal server.

The following table contains records configured in the Internal DNS Zone: contoso.com.

Name	Type	Data	Comment
Internal DNS Zone: contoso.com			The following record is configured in DNS on your internal server.
sts1		IP address of your AD FS server.	This record is only needed if you use an AD FS proxy server.
internalcrm	Alias (CNAME)	crmserver.contoso.local	Configured in DNS on your internal server. Used in the internal URL to access Microsoft Dynamics CRM. Internal URL: https://internalcrm.contoso.com

Internal DNS Zone: contoso.com

The following record is configured in DNS on your internal server.

sts1

IP address of your AD FS server.

This record is only needed if you use an AD FS proxy server.

internalcrm

Alias (CNAME)

crmserver.contoso.local

Configured in DNS on your internal server.

Used in the internal URL to access Microsoft Dynamics CRM. Internal URL: https://internalcrm.contoso.com

The following table contains records that must be created with your public host domain service.

Name	Type	Data	Comment
Public DNS: contoso.com			The following records are created with your public host domain service. For performance and redundancy purposes you could also create these records in the contoso.com zone on your internal DNS server.
orgname	Host (A)	IP address of your Microsoft Dynamics CRM public-facing internet connection.	Used in the external URL to access Microsoft Dynamics CRM. External URL: https://orgname.contoso.com
dev	Host (A)	IP address of your Microsoft Dynamics CRM public-facing internet connection.	The Microsoft Dynamics CRMDiscovery Web Service.
sts1	Host (A)	IP address of your AD FS server public-facing internet connection. If you use an AD FS proxy server, this would be the IP address of the public-facing internet connection of the proxy server.	The AD FS 2.0 server or AD FS proxy server.
auth	Host (A)	IP address of your Microsoft Dynamics CRM public-facing internet connection.	The Microsoft Dynamics CRM IFD federation endpoint. This record will be used by the AD FS 2.0 server when retrieving the Microsoft Dynamics CRM IFD federationmetadata.xml file.

Add a forward lookup zone in DNS

Open DNS Manager by clicking Start, pointing to Administrative Tools, and then clicking DNS.
In the console tree, right-click a DNS server, and then click New Zone to open the New Zone Wizard.
Follow the instructions in the wizard to create a forward lookup zone of type: primary zone, secondary zone, or stub zone.

Send comments about this article to Microsoft.

DNS configuration

Example DNS Settings – AD FS and Microsoft Dynamics CRM on the same server

Example DNS Settings – AD FS and Microsoft Dynamics CRM on separate servers

Add a forward lookup zone in DNS

Additional resources