We're currently setting up an CRM environment. We are using ADFS for authentication. The CRM project folks feel that ADFS should not be presenting a login form because Kerberos authentication should be used. I'm not sure how to give them what they're asking for, any assistance would be helpful.

What version of ADFS? Are you using an ADFS proxy server? ADFS should be using integrated auth on the back end (ultimately kerberos) to auth the user and get attributes for the account before building the SAML token. If you want to keep a logon page from displaying at all, then you'll need to configure IE to present the users creds automatically. Internet Options\Security Tab\Trusted Sites <or other applicable zone>\Custom Level\Automatic logon with current user name and password (at the bottom). That will automatically present the user's credentials to the logon page if you're doing integrated auth. It's been so long since I've messed with ADFS though, I could be off :(

ADFS 2.0

If that's the case I doubt I'll be able to help much more. Consider opening a case with MS if it's something you need to get deeper into. In ADFSv1 you'd get an integrated auth cred window to authenticate with. Making the change I suggested would cause it to automatically send a users credentials. If you used a proxy in ADFSv1 though you got forms auth. I think this is the case in ADFSv2 regardless so I'm not sure what options you have. Thanks!