Views:

If you want to allow auto login for https://internalcrm.domain.com on non ie browsers, you have to disable extended protection.

To turn Extended Protection off, on the AD FS server, launch IIS Manager, then, on the left side tree view, access Sites -> Default Web Site -> adfs -> click the Authentication icon, then right-click Windows Authentication and select …On the Advanced Settings dialog, choose Off for Extended Protection