Software requirements for Microsoft Dynamics 365 Server
This article lists the software and application requirements for this version of Dynamics 365 Server.
Windows Server operating system
This version of Dynamics 365 Server can be installed only on Windows Server 64-bit-based computers. The specific versions and editions of Windows Server that are supported for installing and running this version of Dynamics 365 Server are listed in the following sections.
Important
The following Windows Server versions are not supported for installing and running this version of Dynamics 365 Server:
- Windows Server 2016 Essentials
- Windows Server 2012 family of operating systems
- Windows Server 2012 R2 family of operating systems
- The Windows Server 2008 family of operating systems
Supported Windows Server editions
The following versions and editions of the Windows Server operating system are supported for installing and running Dynamics 365 Server, version 9.1:
- Windows Server 2022 Standard 1
- Windows Server 2022 Datacenter 1
- Windows Server 2019 Standard
- Windows Server 2019 Datacenter
- Windows Server 2016 Standard
- Windows Server 2016 Datacenter
1Requires Service Update 1.25 for Microsoft Dynamics Customer Engagement v9 (on-premises)
Server Core installations
With the exception of the Dynamics 365 Customer Engagement (on-premises) Help Server and Microsoft Dynamics 365 Reporting Extensions roles, you can install any Dynamics 365 Server server role on a Server Core installation of Windows Server. Server Core is a minimal server installation option for the Windows Server family of operating systems. Server Core provides a low-maintenance server environment with limited functionality. For more information about Server Core as implemented on Windows Server 2016, see Server Core for Windows Server 2016
Important
To install Dynamics 365 Server on a Server Core Windows Server, you must run Setup in silent mode from the command line.
The Help Server role cannot be installed on a Windows Server running as Server Core.
Microsoft Dynamics 365 Reporting Extensions for SQL Server Reporting Services cannot be installed on Server Core. This is because SQL Server Reporting Services, which is required by Microsoft Dynamics 365 Reporting Extensions for SQL Server Reporting Services, cannot be installed on a Windows Server running Server Core.
Server virtualization
Dynamics 365 Customer Engagement (on-premises) servers can be deployed in a virtualized environment by using Windows Server with Hyper-V or virtualization solutions from vendors who participate in the Microsoft Windows Server Virtualization Validation Program (SVVP). You must understand the limitations and best practices of server virtualization before you try to virtualize your deployment of Dynamics 365 Customer Engagement (on-premises).
Active Directory modes
The computer that Dynamics 365 Server is running on must be a member of a domain that is running in one of the following Active Directory directory service forest and domain functional levels:
Windows Server 2008
Windows Server 2008 R2
Windows Server 2012
Windows Server 2012 R2
Windows Server 2016
For more information about Active Directory domain and forest functional levels, see Forest and Domain Functional Levels.
Important
- The computer that Dynamics 365 Customer Engagement (on-premises) Server is running on shouldn’t function as an Active Directory domain controller.
- When you use the Add Users Wizard, only users from trusted domains in the current forest will be displayed. Users from trusted external forests aren’t supported and don’t appear in the wizard.
Federation with Microsoft Entra ID
To integrate Dynamics 365 Customer Engagement (on-premises) with Microsoft Entra ID (formerly Azure Active Directory), an Active Directory Federation Service is required. Direct federation isn't supported. An Active Directory Federation Service offers several benefits, such as:
- Simplified and secured identity federation.
- Compatibility with a large set of authentication protocols.
- Ability to federate with external partners.
- Ability to add various claims providers, such as Microsoft Entra ID.
SQL Server editions
Any one of the following SQL Server editions is required, running, and available for Dynamics 365 Customer Engagement (on-premises):
- Microsoft SQL Server 2022 Enterprise1
- Microsoft SQL Server 2022 Standard1
- Microsoft SQL Server 2022 Developer (for nonproduction use only)1
- Microsoft SQL Server 2019 Enterprise
- Microsoft SQL Server 2019 Standard
- Microsoft SQL Server 2019 Developer (for nonproduction use only)
- Microsoft SQL Server 2017 Enterprise
- Microsoft SQL Server 2017 Standard
- Microsoft SQL Server 2017 Developer (for nonproduction use only)
- Microsoft SQL Server 2016 Enterprise, with Service Pack 2 or Service Pack 3
- Microsoft SQL Server 2016 Standard, with Service Pack 2 or Service Pack 3
- Microsoft SQL Server 2016 Developer, with Service Pack 2 or Service Pack 3 (for nonproduction use only)
1Requires Service Update 1.25 for Microsoft Dynamics Customer Engagement v9 (on-premises)
Important
- SQL Server Express editions are not supported for use with this version of Dynamics 365 Server.
- An Azure SQL Managed instance is not supported for use with this version of Dynamics 365 Server.
Accessing Microsoft Dynamics 365 Customer Engagement (on-premises) from the internet - Claims-based authentication and IFD requirements
The following items are required or recommended for Internet-facing deployment (IFD). This article assumes you'll be using Active Directory Federation Services (AD FS) as the security token service (STS).
Important
Exposing the Dynamics 365 Customer Engagement (on-premises) website to the internet is not supported unless claims-based authentication is used and Dynamics 365 Customer Engagement (on-premises) is configured for IFD.
Similarly, Outlook Anywhere (RPC over HTTP) is not supported as a solution to connect Dynamics 365 for Outlook to an on-premises deployment of Dynamics 365 Server over the internet. The on-premises deployment of Dynamics 365 Server must be configured for IFD.
In order for Dynamics 365 for tablets to successfully connect to a new deployment of Dynamics 365 Server, you must run a Repair of Dynamics 365 Server on the server running IIS where the Web Application Server role is installed after the Internet-Facing Deployment Configuration Wizard is successfully completed.
The computer where Dynamics 365 Server is installed must have access to Active Directory Federation Services (AD FS) federation server. Dynamics 365 Server supports the following Active Directory Federation Services (AD FS) versions:
- Active Directory Federation Services (AD FS) Windows Server 2012 R2 AD FS (Windows Server 2012 R2)
- Active Directory Federation Services (AD FS) Windows Server 2016 AD FS.
- Active Directory Federation Services for Windows Server 2019 (Windows Server 2019 AD FS).
Note the following conditions for the web components before you configure IFD:
If you're installing Dynamics 365 Customer Engagement (on-premises) in a single server configuration, be aware that Active Directory Federation Services 2.0 installs on the default website and default port 443(HTTPS). Therefore, you must create a new website for Dynamics 365 Customer Engagement (on-premises) on a new port other than port 443(HTTPS). We recommend deploying AD FS on a separate server.
When you run the Internet-Facing Deployment Configuration Wizard, Dynamics 365 Server must be running on a website that is configured to use Transport Layer Security (TLS) or Secure Sockets Layer (SSL). Microsoft Dynamics 365 Server Setup won't configure the website for TLS/SSL.
We recommend that the IIS website where the Dynamics 365 Customer Engagement (on-premises) web application will be installed requires TLS/SSL.
The website should have a single binding. Multiple IIS bindings, such as a website with an HTTPS and an HTTP binding or two HTTPS or two HTTP bindings, aren't supported for running Dynamics 365 Customer Engagement (on-premises).
Access to the Active Directory Federation Services (AD FS) federation metadata file from the computer where the Configure Claims-Based Authentication Wizard is run. Note the following:
- The federation metadata endpoint must use the web services trust model (WS-Trust) 1.3 standard. Endpoints that use a previous standard, such as the WS-Trust 2005 standard, aren't supported. In Active Directory Federation Services 2.0, all WS-Trust 1.3 endpoints contain /trust/13/ in the URL path.
Encryption certificates. The following encryption certificates are required. You can use the same encryption certificate for both purposes, such as when you use a wildcard certificate:
Important
If you use a certificate that is created by using a custom certificate request, the template that was used must be the Legacy key template. Custom certificate requests created by using the CNG key template are incompatible with Dynamics 365 Customer Engagement (on-premises). For more information about custom certificate request templates, go to Create a Custom Certificate Request for Microsoft Dynamics.
Claims encryption. Claims-based authentication requires identities to provide an encryption certificate for authentication. This certificate should be trusted by the computer where you're installing Dynamics 365 Server so it must be located in the local Personal store where the Configure Claims-Based Authentication Wizard is running.
TLS/SSL (HTTPS) encryption. The certificates for TLS/SSL encryption should be valid for host names similar to org.contoso.com, auth.contoso.com, and dev.contoso.com. To satisfy this requirement, you can use a single wildcard certificate (*.contoso.com), a certificate that supports Subject Alternative Names, or individual certificates for each name. Individual certificates for each host name are only valid if you use different servers for each web server role. Multiple IIS bindings, such as a website with two HTTPS or two HTTP bindings, aren’t supported for running Dynamics 365 Customer Engagement (on-premises). For more information about available options, contact your certification authority service company or your certification authority administrator.
The CRMAppPool account of each Microsoft Dynamics 365 Customer Engagement (on-premises) website must have read permission to the private key of the encryption certificate specified when configuring claims-based authentication. You can use the Certificates Microsoft Management Console (MMC) snap-in to edit permissions for the encryption certificate found in the Personal store of the local computer account.
See also
Microsoft SQL Server hardware requirements for Microsoft Dynamics 365 Server
Microsoft Dynamics 365 Customer Engagement (on-premises) reporting requirements
Windows Server operating system
This version of Dynamics 365 Server can be installed only on Windows Server 64-bit-based computers. The specific versions and editions of Windows Server that are supported for installing and running this version of Dynamics 365 Server are listed in the following sections.
Important
The following Windows Server versions are not supported for installing and running this version of Dynamics 365 Server:
- Windows Server 2016 Essentials
- Windows Server 2012 family of operating systems
- Windows Server 2012 R2 family of operating systems
- The Windows Server 2008 family of operating systems
Supported Windows Server 2016 editions
The following editions of the Windows Server 2016 operating system are supported for installing and running Dynamics 365 Server:
Windows Server 2016 Standard
Windows Server 2016 Datacenter
Server Core installations
With the exception of the Dynamics 365 Customer Engagement (on-premises) Help Server and Microsoft Dynamics 365 Reporting Extensions roles, you can install any Dynamics 365 Server server role on a Server Core installation of Windows Server. Server Core is a minimal server installation option for the Windows Server family of operating systems. Server Core provides a low-maintenance server environment with limited functionality. For more information about Server Core as implemented on Windows Server 2016, see Server Core for Windows Server 2016
Important
To install Dynamics 365 Server on a Server Core Windows Server, you must run Setup in silent mode from the command line.
The Help Server role cannot be installed on a Windows Server running as Server Core.
Microsoft Dynamics 365 Reporting Extensions for SQL Server Reporting Services cannot be installed on Server Core. This is because SQL Server Reporting Services, which is required by Microsoft Dynamics 365 Reporting Extensions for SQL Server Reporting Services, cannot be installed on a Windows Server running Server Core.
Server virtualization
Dynamics 365 Customer Engagement (on-premises) servers can be deployed in a virtualized environment by using Windows Server 2016 with Hyper-V or virtualization solutions from vendors who participate in the Microsoft Windows Server Virtualization Validation Program (SVVP). You must understand the limitations and best practices of server virtualization before you try to virtualize your installation of Dynamics 365 Customer Engagement (on-premises).
Active Directory modes
The computer that Dynamics 365 Server is running on must be a member of a domain that is running in one of the following Active Directory directory service forest and domain functional levels:
Windows Server 2008
Windows Server 2008 R2
Windows Server 2012
Windows Server 2012 R2
Windows Server 2016
For more information about Active Directory domain and forest functional levels, see Forest and Domain Functional Levels.
Important
- The computer that Dynamics 365 Customer Engagement (on-premises) Server is running on shouldn’t function as an Active Directory domain controller.
- When you use the Add Users Wizard, only users from trusted domains in the current forest will be displayed. Users from trusted external forests aren’t supported and don’t appear in the wizard.
- Installing Dynamics 365 Server in an LDAP directory that is running in Active Directory Application Mode (ADAM) is not supported.
Internet Information Services (IIS)
This version of Dynamics 365 Server supports Internet Information Services (IIS) version 10.
We recommend that you install and run IIS in Native Mode before you install Dynamics 365 Server. However, if IIS isn't installed and it's required for a Dynamics 365 Customer Engagement (on-premises) server role, Microsoft Dynamics 365 Server Setup will install it.
Important
Dynamics 365 Customer Engagement (on-premises) can’t use a website that has more than one HTTP or HTTPS binding. Although IIS supports multiple HTTP and HTTPS bindings, there is a limitation in using additional bindings with Windows Communication Foundation (WCF). WCF is required when you use Microsoft Dynamics 365 for Outlook. Before you install or upgrade, you must remove the additional bindings from the website used for Dynamics 365 Customer Engagement (on-premises) or select a different website.
SQL Server editions
Any one of the following SQL Server editions is required, running, and available for Dynamics 365 Customer Engagement (on-premises):
- Microsoft SQL Server 2017 Enterprise1
- Microsoft SQL Server 2017 Standard1
- Microsoft SQL Server 2017 Developer (for nonproduction use only)1
- Microsoft SQL Server 2016 Enterprise, with Service Pack 2 or Service Pack 3
- Microsoft SQL Server 2016 Standard, with Service Pack 2 or Service Pack 3
- Microsoft SQL Server 2016 Developer, with Service Pack 2 or Service Pack 3 (for nonproduction use only)
Important
- 1Requires Microsoft Dynamics 365 Server, v9.0 (on-premises) Update 0.3.
- SQL Server Express editions are not supported for use with this version of Dynamics 365 Server.
Accessing Microsoft Dynamics 365 Customer Engagement (on-premises) from the internet - Claims-based authentication and IFD requirements
The following items are required or recommended for Internet-facing deployment (IFD). This article assumes you'll be using Active Directory Federation Services (AD FS) as the security token service (STS).
Important
Exposing the Dynamics 365 Customer Engagement (on-premises) website to the internet is not supported unless claims-based authentication is used and Dynamics 365 Customer Engagement (on-premises) is configured for IFD.
Similarly, Outlook Anywhere (RPC over HTTP) is not supported as a solution to connect Dynamics 365 for Outlook to an on-premises deployment of Dynamics 365 Server over the internet. The on-premises deployment of Dynamics 365 Server must be configured for IFD.
In order for Dynamics 365 for tablets to successfully connect to a new deployment of Dynamics 365 Server, you must run a Repair of Dynamics 365 Server on the server running IIS where the Web Application Server role is installed after the Internet-Facing Deployment Configuration Wizard is successfully completed.
The computer where Dynamics 365 Server is installed must have access to a security token service (STS) service, such as Active Directory Federation Services (AD FS) federation server. Dynamics 365 Server supports the following Active Directory Federation Services (AD FS) versions:
- Active Directory Federation Services (AD FS) 2.1 (Windows Server 2012)
- Active Directory Federation Services (AD FS) Windows Server 2012 R2 AD FS (Windows Server 2012 R2)
- Active Directory Federation Services (AD FS) Windows Server 2016 AD FS.
Note the following conditions for the web components before you configure IFD:
If you're installing Dynamics 365 Customer Engagement (on-premises) in a single server configuration, be aware that Active Directory Federation Services 2.0 installs on the default website. Therefore, you must create a new website for Dynamics 365 Customer Engagement (on-premises).
When you run the Internet-Facing Deployment Configuration Wizard, Dynamics 365 Server must be running on a website that is configured to use Transport Layer Security (TLS) or Secure Sockets Layer (SSL). Microsoft Dynamics 365 Server Setup won't configure the website for TLS/SSL.
We recommend that the IIS website where the Dynamics 365 Customer Engagement (on-premises) web application will be installed requires TLS/SSL.
The website should have a single binding. Multiple IIS bindings, such as a website with an HTTPS and an HTTP binding or two HTTPS or two HTTP bindings, aren't supported for running Dynamics 365 Customer Engagement (on-premises).
Access to the Active Directory Federation Services (AD FS) federation metadata file from the computer where the Configure Claims-Based Authentication Wizard is run. Note the following:
- The federation metadata endpoint must use the web services trust model (WS-Trust) 1.3 standard. Endpoints that use a previous standard, such as the WS-Trust 2005 standard, aren't supported. In Active Directory Federation Services 2.0, all WS-Trust 1.3 endpoints contain /trust/13/ in the URL path.
Encryption certificates. The following encryption certificates are required. You can use the same encryption certificate for both purposes, such as when you use a wildcard certificate:
Important
If you use a certificate that is created by using a custom certificate request, the template that was used must be the Legacy key template. Custom certificate requests created by using the CNG key template are incompatible with Dynamics 365 Customer Engagement (on-premises). For more information about custom certificate request templates, see Create a Custom Certificate Request.
Claims encryption. Claims-based authentication requires identities to provide an encryption certificate for authentication. This certificate should be trusted by the computer where you're installing Dynamics 365 Server so it must be located in the local Personal store where the Configure Claims-Based Authentication Wizard is running.
TLS/SSL (HTTPS) encryption. The certificates for TLS/SSL encryption should be valid for host names similar to org.contoso.com, auth.contoso.com, and dev.contoso.com. To satisfy this requirement, you can use a single wildcard certificate (*.contoso.com), a certificate that supports Subject Alternative Names, or individual certificates for each name. Individual certificates for each host name are only valid if you use different servers for each web server role. Multiple IIS bindings, such as a website with two HTTPS or two HTTP bindings, aren’t supported for running Dynamics 365 Customer Engagement (on-premises). For more information about available options, contact your certification authority service company or your certification authority administrator.
The CRMAppPool account of each Microsoft Dynamics 365 Customer Engagement (on-premises) website must have read permission to the private key of the encryption certificate specified when configuring claims-based authentication. You can use the Certificates Microsoft Management Console (MMC) snap-in to edit permissions for the encryption certificate found in the Personal store of the local computer account.
Software component prerequisites
The following SQL Server components must be installed and running on the computer that is running SQL Server before you install Dynamics 365 Server:
SQL word breakers
This is only required for some Dynamics 365 Customer Engagement (on-premises) language editions. For more information about word breaker versions for languages supported by SQL Server, see Configure and Manage Word Breakers and Stemmers for Search.
SQL Server Agent service
SQL Server full-text indexing
The following components must be installed and running on the computer where Dynamics 365 Server will be installed:
Services
Indexing Service
To install this service, see the Windows Server documentation.
IIS Admin
World Wide Web Publishing
Net.Tcp Port Sharing Service
Windows Data Access Components (MDAC)
Microsoft ASP.NET (Must be registered, but doesn't have to be running.)
Verify prerequisites
Before you install Dynamics 365 Server, you should understand the following:
SQL Server can be, but isn't required to be, installed on the same computer as Dynamics 365 Server.
If Dynamics 365 Server and SQL Server are installed on different computers, both computers must be in the same Active Directory directory service domain.
SQL Server can be installed by using either Windows Authentication or mixed-mode authentication. (Windows Authentication is recommended for increased security and Dynamics 365 Customer Engagement (on-premises) will use only Windows Authentication).
The service account that SQL Server uses to log on to the network must be either a domain user account (recommended) or one of the built-in system accounts supported by SQL Server (Network Service, Local Service, or Local System). Installation of Dynamics 365 Server will fail if the SQL Server service account is the local administrator.
The SQL Server service must be started and can be configured to automatically start when the computer is started.
The SQL Server Reporting Services service must be started and configured to automatically start when the computer is started.
The SQL Server Agent service must be started. This service can be configured to automatically start when the computer is started.
Although it's optional, we recommend that you accept the SQL Server default settings for Collation Designator, Sort Order, and SQL Collation. Dynamics 365 Customer Engagement (on-premises) supports both case-sensitive and case-insensitive sort orders.
Microsoft Dynamics 365 Server Setup requires at least one network protocol to be enabled to authenticate by using SQL Server. By default, TCP/IP protocol is enabled when you install SQL Server. You can view network protocols in SQL Server Configuration Manager.
See also
Microsoft SQL Server hardware requirements for Microsoft Dynamics 365 Server
Microsoft Dynamics 365 Customer Engagement (on-premises) reporting requirements
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for