Can someone explain to me why one would use IFD (Internet Facing Deployment) to access Microsoft CRM vs. just using Windows Authentication? They seem equivalent to me in their features. Not sure of the benefits of IFD over Windows auth however.
Thanks!
Take a look at this previous answer for some discussion on this topic: Exposed onsite vs IFD deployments for MS Dynamics CRM
I would say from my standpoint the biggest issue with using Windows Auth over the internet for CRM is the issue of Outlook integration. The second point I would make is that Windows Auth can present issues to people accessing CRM from a non-domain computer when outside the domain - i.e., their home computer. Not always but I have seen issues pop-up (not very often) that are avoided in a forms based configuration.
As a reminder in 2011 the IFD feature has been changed signficantly so that you must use Active Directory Federation Service which is claims-based. I recommend reading over http://blogs.msdn.com/b/crm/archive/2011/01/13/configuring-ifd-with-microsoft-dynamics-crm-2011.aspx and watching the video at http://www.youtube.com/watch?v=ZD5qaa-G99E.
You can certainly go with Windows Auth but if you are willing to put in the extra work go with the Internet Facing setups for a more robust and better supported install.
I want to add to privious answer. Integrating Outlook client from outside the domain can be done by reseting windows credential in the control panel from time to time. another complication is SharePoint integration which can't be used outside the domain with SSO. If you do use IFD, I recommand on this blog: http://dynamics.co.il/configuring-crm-2011-ifd
