Memorise

An error occurs in Microsoft Dynamics CRM using Claims Based Authentication

In ADFS Management Console update the Federation metadata URLs and do an IIS reset on CRM server. Next, restart the ADFS service.

If above steps do not resolve the issue please follow below steps:-

1. On the Microsoft Dynamics CRM server, go to Deployment Manager and disable the Claims Based Authentication

2. On the Microsoft Dynamics CRM server, click the Start menu, select Run and type iisreset to complete an IIS reset

3. Re-configure Claims-Based Authentication from Deployment Manager keeping all the settings same

4. Re-configure IFD through the Microsoft Dynamics CRM Deployment Manager

5. On the Microsoft Dynamics CRM server, click the Start menu, select Run and type iisreset to complete an IIS reset

6. In ADFS Management Console on the ADFS server, update the corresponding Federation Metadata URLs

a. Go to the ADFS Server and open the ADFS management Console

b. Click Relying Party Trusts to display the internal and external relying party trusts

c. Right-click each and select Update Federation Metadata

d. Go to the Microsoft Dynamics CRM server, click the Start menu, select Run and type iisreset to complete an IIS reset

e. Next, browse to Service on the ADFS server and restart the ADFS service

This also resolved few other issue below.

High CPU Usage on Microsoft CRM 2015 and Microsoft CRM 2015 Email Router Server

When renewing Expired AD FS 2.0 Token Signing Certificates, Depending on your AD FS configuration you may have automatic certificate rollover enabled.  This can be checked via Get-ADFSProperties

To configure automatic rollover:

Set-ADFSProperties -AutoCertificateRollover $true

reboot the server.


Categorised as: Microsoft, Networking, Outlook, Server OS


Leave a Reply