locked
After deploying claims based authentication outlook crm 2015 addin stops working RRS feed

  • Question

  • Hi there.

    We went from HTTP deployment to HTTPS and deploying CRM onpremisis 2015 server with claims based auth.

    Outlook adding for CRM now is not working even if we put in configuration wizard https://dynamics-new-address-on-https/our-organization

    We use exchange 2013 and outlook 2016.

    Please advise

    14:41:22|Verbose| Method entry: Microsoft.Crm.Application.Outlook.Config.ConfigInfo.ConfigInfo
    14:41:22|Verbose| Method entry: Microsoft.Crm.Application.Outlook.Config.OutlookCRMDatastoreInstaller.GetAllCRMOrgsInOutlookProfile
    14:41:22|   Info| Logon mapi store
    14:41:22|   Info| Logon admin service
    14:41:22|Verbose| Method entry: Microsoft.Crm.Application.Outlook.Config.OutlookCRMDatastoreInstaller.GetServiceIds
    14:41:22|   Info| Query all rows in msg service table
    14:41:22|Verbose| Method exit: Microsoft.Crm.Application.Outlook.Config.OutlookCRMDatastoreInstaller.GetServiceIds
    14:41:22|Verbose| Method entry: Microsoft.Crm.Application.Outlook.Config.ConfigInfo.CleanUpDatastoreIfNeeded
    14:41:22|Verbose| Method exit: Microsoft.Crm.Application.Outlook.Config.ConfigInfo.CleanUpDatastoreIfNeeded
    14:41:22|Verbose| Method exit: Microsoft.Crm.Application.Outlook.Config.ConfigInfo.ConfigInfo
    14:41:33|Verbose| Method entry: Microsoft.Crm.Application.Outlook.Config.ServerForm._serverUrlConnectButton_Click
    14:41:33|Verbose| Method entry: Microsoft.Crm.Application.Outlook.Config.ServerForm.TestConnection
    14:41:33|Verbose| Method exit: Microsoft.Crm.Application.Outlook.Config.ServerForm.TestConnection
    14:41:33|Verbose| Method exit: Microsoft.Crm.Application.Outlook.Config.ServerForm._serverUrlConnectButton_Click
    14:41:33|Verbose| Method entry: Microsoft.Crm.Application.Outlook.Config.ServerForm.RunEnvironmentDiagnostics
    14:41:33|Verbose| Method entry: Microsoft.Crm.Application.Outlook.ConfigDiagnostics.DiagnosticEngine.Run(Environment)
    14:41:33|Verbose| Method entry: Microsoft.Crm.Application.Outlook.ConfigDiagnostics.LocalTimeDiagnostic.ExecuteInternal
    14:41:33|   Info| Current UTC date/time from halcom.local: 11/06/2016 13:41:33
    14:41:33|   Info| NetApiStatus for NetApiBufferFree: 0
    14:41:33|   Info| Client UTC Date/Time: 11/06/2016 13:41:33
    14:41:33|   Info| Difference (in minutes) between client time and actual time: 5.07466666666667E-05
    14:41:33|Verbose| Method exit: Microsoft.Crm.Application.Outlook.ConfigDiagnostics.LocalTimeDiagnostic.ExecuteInternal
    14:41:33|Verbose| Method exit: Microsoft.Crm.Application.Outlook.ConfigDiagnostics.DiagnosticEngine.Run(Environment)
    14:41:33|Verbose| Method exit: Microsoft.Crm.Application.Outlook.Config.ServerForm.RunEnvironmentDiagnostics
    14:41:33|   Info| Attempting {0} ({1}) org service connection.| AD, https
    14:41:42|   Info| Fill organization comboBox with server information.
    14:41:42|Verbose| Method entry: Microsoft.Crm.Application.Outlook.Config.ServerForm._okButton_Click
    14:41:42|Verbose| Method exit: Microsoft.Crm.Application.Outlook.Config.ServerForm._okButton_Click
    14:41:42|  Error| Exception : An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail.
    Server stack trace:
       at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.ProcessReply(Message reply, SecurityProtocolCorrelationState correlationState, TimeSpan timeout)
       at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
       at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)

    Exception rethrown at [0]:
       at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
       at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
       at Microsoft.Xrm.Sdk.IOrganizationService.Execute(OrganizationRequest request)
       at Microsoft.Xrm.Sdk.Client.OrganizationServiceProxy.ExecuteCore(OrganizationRequest request)
       at Microsoft.Crm.Application.SMWrappers.ClientOrganizationServiceProxyBase.Execute(OrganizationRequest request)
       at Microsoft.Crm.Outlook.ClientAuth.ClientAuthProviderBase`1.VerifyUser(IClientOrganizationContext context)
       at Microsoft.Crm.Outlook.ClientAuth.ClientAuthProvider`1.SignIn(AuthUIMode uiMode, IClientOrganizationContext context, Control parentWindow, Boolean retryOnError)
       at Microsoft.Crm.Application.Outlook.Config.DeploymentsInfo`1.GetAuthenticatedProvider(OrganizationDetail orgDetail, Control parentWindow)
       at Microsoft.Crm.Application.Outlook.Config.ServerForm.LoadDataToServerInfo()
       at Microsoft.Crm.Application.Outlook.Config.ServerForm.<InitializeBackgroundWorkers>b__3(Object sender, DoWorkEventArgs e)
       at System.ComponentModel.BackgroundWorker.WorkerThreadStart(Object argument)
    14:41:42|  Error| Exception : ID3242: The security token could not be authenticated or authorized.


    bostjanc

    Sunday, November 6, 2016 1:42 PM

All replies

  • Anyone?

    bostjanc

    Monday, November 7, 2016 9:26 AM
  • Hiya,

    Time sync issue?

    "Difference (in minutes) between client time and actual time: 5.07466666666667E-05"

    Could you make sure your clients, ADFS and CRM servers are running with the same time or within 1 minute.

    Monday, November 7, 2016 9:32 AM
  • Thanks for the reply.
    Time is correct, double checked, time and time zone on client, adfs server, and crm server


    bostjanc

    Monday, November 7, 2016 9:35 AM
  • And you still get same error?

    The reason I pointing at time sync is this:

    "Microsoft.Crm.Application.Outlook.ConfigDiagnostics.LocalTimeDiagnostic.ExecuteInternal
    14:41:33|   Info| Current UTC date/time from halcom.local: 11/06/2016 13:41:33
    14:41:33|   Info| NetApiStatus for NetApiBufferFree: 0
    14:41:33|   Info| Client UTC Date/Time: 11/06/2016 13:41:33
    14:41:33|   Info| Difference (in minutes) between client time and actual time: 5.07466666666667E-0"

    Which indicates an time skew of more than 5 minutes..

    Monday, November 7, 2016 4:40 PM
  • Thanks for the suggestion, will try to recheck all the timings on CRM server, Domain Controller, Client PC and keep this post updated.

    bostjanc

    Tuesday, November 8, 2016 6:39 AM
  • One dumb question... is it enough to trigger net time command on CRM, ADFS, DC, and CLIENT and compare it?

    Because if I run it on all four of them the time seems ok to me

    DC:
    net time
    Current time at \\DC is 8. 11. 2016 07:47:50
    The command completed successfully.

    ADFS:
    net time
    Current time at \\DC is 8. 11. 2016 07:47:59
    The command completed successfully.

    DynamicsCRM
    Current time at \\DC is 8.11.2016 7:48:12

    CLIENT
    C:\Users\bostjanc.HALCOM>net time
    Current time at \\DC is 8.11.2016 07:48:28


    bostjanc

    Tuesday, November 8, 2016 6:50 AM
  • Ok, this is the latest error we receive at the configuration phase:
    08:00:25|   Info| Error connecting to URL: https://dynamicscrm.domain.si/XRMServices/2011/Organization.svc Exception: Microsoft.Crm.CrmException: Authentication failed
       at System.Windows.Forms.Control.MarshaledInvoke(Control caller, Delegate method, Object[] args, Boolean synchronous)
       at System.Windows.Forms.Control.Invoke(Delegate method, Object[] args)
       at Microsoft.Crm.Outlook.ClientAuth.ClientAuthProvider`1.SignIn(AuthUIMode uiMode, IClientOrganizationContext context, Control parentWindow, Boolean retryOnError)
       at Microsoft.Crm.Application.Outlook.Config.DeploymentsInfo`1.DeploymentInfo`1.LoadOrganizationsInternal(AuthUIMode uiMode, Control parentWindow)
       at Microsoft.Crm.Application.Outlook.Config.DeploymentsInfo`1.InternalLoadOrganizations(DataCollection`1 orgs, AuthUIMode uiMode, Control parentWindow)
    08:00:25|  Error| Dynamic Help Link: http://go.microsoft.com/fwlink/?LinkID=398563&lcid=409&cv=8.1.0.371&opsys=10.0.14393.0&cid=c53cd147-db95-4260-92c7-15e56b65939a&client=Outlook&error=Microsoft.Crm.CrmException%3a80044311&method=MarshaledInvoke&st=   at System.Windows.Forms.Control.MarshaledInvoke(Control caller, Delegate method, Object[] args, Boolean synchronous)
       at System.Windows.Forms.Control.Invoke(Delegate method, Object[] args)
       at Microsoft.Crm.Outlook.ClientAuth.ClientAuthProvider`1.SignIn(AuthUIMode uiMode, IClientOrganizationContext context, Control parentWindow, Boolean retryOnError)
       at Microsoft.Crm.Application.Outlook.Config.DeploymentsInfo`1.DeploymentInfo`1.LoadOrganizationsInternal(AuthUIMode uiMode, Control parentWindow)
       at Microsoft.Crm.Application.Outlook.Config.DeploymentsInfo`1.InternalLoadOrganizations(DataCollection`1 orgs, AuthUIMode uiMode, Control parentWindow)&orgType=CRM On-Premise

    bostjanc

    Tuesday, November 8, 2016 7:01 AM