Just as a FYI for those CRM admins that don’t deal with infrastructure issues a lot, or have to request from a different group firewall changes, when setting up IFD for external users, with CRM 2011 on a box, and ADFS on a different one, both machines have to expose port 443 through the firewall (AD FS 2.0 binds to port 443, and assuming you set-up CRM on 443 also). Do not forget about the ADFS box, or you’ll be pulling your hair out trying to figure out what’s going on!


Check out the white paper from Microsoft Download Center.