I'm facing a problem during a cross tenant/pubblic domain migration of an organizzation in Dynamics 2015.
We actualy had 2 VNET in peering with DC in replica and we manage to isolate the ambients closing the peering, manteining 2 isolate but same local domain.
Now we have a adfs farm that serves CBA for internal / IFD https pubblication of the sites, where the local and pubblic domain are both contoso.com and we use *.contoso.com like ssl wildcard.
In the new reality we will have a new adfs farm that asnwer to the new pubblic domain crmnew.com and same local domain contoso.com.
The user will continue to log in with old credential.
Considered that in the future we canno't dispose of the wild card the cover *.ocropoid.com, wich is the correct way to manage a situation where:
actualy for testing purpose recreating the CRM ambient whe have published internal crm using a address that goes on internet and a cname in pubblic DNS the route that on the same IP of the IFD one.