Asked by:
After deploying claims based authentication outlook crm 2015 addin stops working

Question
-
Hi there.
We went from HTTP deployment to HTTPS and deploying CRM onpremisis 2015 server with claims based auth.
Outlook adding for CRM now is not working even if we put in configuration wizard https://dynamics-new-address-on-https/our-organization
We use exchange 2013 and outlook 2016.
Please advise
14:41:22|Verbose| Method entry: Microsoft.Crm.Application.Outlook.Config.ConfigInfo.ConfigInfo
14:41:22|Verbose| Method entry: Microsoft.Crm.Application.Outlook.Config.OutlookCRMDatastoreInstaller.GetAllCRMOrgsInOutlookProfile
14:41:22| Info| Logon mapi store
14:41:22| Info| Logon admin service
14:41:22|Verbose| Method entry: Microsoft.Crm.Application.Outlook.Config.OutlookCRMDatastoreInstaller.GetServiceIds
14:41:22| Info| Query all rows in msg service table
14:41:22|Verbose| Method exit: Microsoft.Crm.Application.Outlook.Config.OutlookCRMDatastoreInstaller.GetServiceIds
14:41:22|Verbose| Method entry: Microsoft.Crm.Application.Outlook.Config.ConfigInfo.CleanUpDatastoreIfNeeded
14:41:22|Verbose| Method exit: Microsoft.Crm.Application.Outlook.Config.ConfigInfo.CleanUpDatastoreIfNeeded
14:41:22|Verbose| Method exit: Microsoft.Crm.Application.Outlook.Config.ConfigInfo.ConfigInfo
14:41:33|Verbose| Method entry: Microsoft.Crm.Application.Outlook.Config.ServerForm._serverUrlConnectButton_Click
14:41:33|Verbose| Method entry: Microsoft.Crm.Application.Outlook.Config.ServerForm.TestConnection
14:41:33|Verbose| Method exit: Microsoft.Crm.Application.Outlook.Config.ServerForm.TestConnection
14:41:33|Verbose| Method exit: Microsoft.Crm.Application.Outlook.Config.ServerForm._serverUrlConnectButton_Click
14:41:33|Verbose| Method entry: Microsoft.Crm.Application.Outlook.Config.ServerForm.RunEnvironmentDiagnostics
14:41:33|Verbose| Method entry: Microsoft.Crm.Application.Outlook.ConfigDiagnostics.DiagnosticEngine.Run(Environment)
14:41:33|Verbose| Method entry: Microsoft.Crm.Application.Outlook.ConfigDiagnostics.LocalTimeDiagnostic.ExecuteInternal
14:41:33| Info| Current UTC date/time from halcom.local: 11/06/2016 13:41:33
14:41:33| Info| NetApiStatus for NetApiBufferFree: 0
14:41:33| Info| Client UTC Date/Time: 11/06/2016 13:41:33
14:41:33| Info| Difference (in minutes) between client time and actual time: 5.07466666666667E-05
14:41:33|Verbose| Method exit: Microsoft.Crm.Application.Outlook.ConfigDiagnostics.LocalTimeDiagnostic.ExecuteInternal
14:41:33|Verbose| Method exit: Microsoft.Crm.Application.Outlook.ConfigDiagnostics.DiagnosticEngine.Run(Environment)
14:41:33|Verbose| Method exit: Microsoft.Crm.Application.Outlook.Config.ServerForm.RunEnvironmentDiagnostics
14:41:33| Info| Attempting {0} ({1}) org service connection.| AD, https
14:41:42| Info| Fill organization comboBox with server information.
14:41:42|Verbose| Method entry: Microsoft.Crm.Application.Outlook.Config.ServerForm._okButton_Click
14:41:42|Verbose| Method exit: Microsoft.Crm.Application.Outlook.Config.ServerForm._okButton_Click
14:41:42| Error| Exception : An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail.
Server stack trace:
at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.ProcessReply(Message reply, SecurityProtocolCorrelationState correlationState, TimeSpan timeout)
at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at Microsoft.Xrm.Sdk.IOrganizationService.Execute(OrganizationRequest request)
at Microsoft.Xrm.Sdk.Client.OrganizationServiceProxy.ExecuteCore(OrganizationRequest request)
at Microsoft.Crm.Application.SMWrappers.ClientOrganizationServiceProxyBase.Execute(OrganizationRequest request)
at Microsoft.Crm.Outlook.ClientAuth.ClientAuthProviderBase`1.VerifyUser(IClientOrganizationContext context)
at Microsoft.Crm.Outlook.ClientAuth.ClientAuthProvider`1.SignIn(AuthUIMode uiMode, IClientOrganizationContext context, Control parentWindow, Boolean retryOnError)
at Microsoft.Crm.Application.Outlook.Config.DeploymentsInfo`1.GetAuthenticatedProvider(OrganizationDetail orgDetail, Control parentWindow)
at Microsoft.Crm.Application.Outlook.Config.ServerForm.LoadDataToServerInfo()
at Microsoft.Crm.Application.Outlook.Config.ServerForm.<InitializeBackgroundWorkers>b__3(Object sender, DoWorkEventArgs e)
at System.ComponentModel.BackgroundWorker.WorkerThreadStart(Object argument)
14:41:42| Error| Exception : ID3242: The security token could not be authenticated or authorized.
bostjanc
Sunday, November 6, 2016 1:42 PM
All replies
-
Anyone?
bostjanc
Monday, November 7, 2016 9:26 AM -
Hiya,
Time sync issue?
"Difference (in minutes) between client time and actual time: 5.07466666666667E-05"
Could you make sure your clients, ADFS and CRM servers are running with the same time or within 1 minute.
Monday, November 7, 2016 9:32 AM -
Thanks for the reply.
Time is correct, double checked, time and time zone on client, adfs server, and crm serverbostjanc
Monday, November 7, 2016 9:35 AM -
And you still get same error?
The reason I pointing at time sync is this:
"Microsoft.Crm.Application.Outlook.ConfigDiagnostics.LocalTimeDiagnostic.ExecuteInternal
14:41:33| Info| Current UTC date/time from halcom.local: 11/06/2016 13:41:33
14:41:33| Info| NetApiStatus for NetApiBufferFree: 0
14:41:33| Info| Client UTC Date/Time: 11/06/2016 13:41:33
14:41:33| Info| Difference (in minutes) between client time and actual time: 5.07466666666667E-0"Which indicates an time skew of more than 5 minutes..
Monday, November 7, 2016 4:40 PM -
Thanks for the suggestion, will try to recheck all the timings on CRM server, Domain Controller, Client PC and keep this post updated.
bostjanc
Tuesday, November 8, 2016 6:39 AM -
One dumb question... is it enough to trigger net time command on CRM, ADFS, DC, and CLIENT and compare it?
Because if I run it on all four of them the time seems ok to me
DC:
net time
Current time at \\DC is 8. 11. 2016 07:47:50
The command completed successfully.ADFS:
net time
Current time at \\DC is 8. 11. 2016 07:47:59
The command completed successfully.DynamicsCRM
Current time at \\DC is 8.11.2016 7:48:12CLIENT
C:\Users\bostjanc.HALCOM>net time
Current time at \\DC is 8.11.2016 07:48:28
bostjanc
Tuesday, November 8, 2016 6:50 AM -
Ok, this is the latest error we receive at the configuration phase:
08:00:25| Info| Error connecting to URL: https://dynamicscrm.domain.si/XRMServices/2011/Organization.svc Exception: Microsoft.Crm.CrmException: Authentication failed
at System.Windows.Forms.Control.MarshaledInvoke(Control caller, Delegate method, Object[] args, Boolean synchronous)
at System.Windows.Forms.Control.Invoke(Delegate method, Object[] args)
at Microsoft.Crm.Outlook.ClientAuth.ClientAuthProvider`1.SignIn(AuthUIMode uiMode, IClientOrganizationContext context, Control parentWindow, Boolean retryOnError)
at Microsoft.Crm.Application.Outlook.Config.DeploymentsInfo`1.DeploymentInfo`1.LoadOrganizationsInternal(AuthUIMode uiMode, Control parentWindow)
at Microsoft.Crm.Application.Outlook.Config.DeploymentsInfo`1.InternalLoadOrganizations(DataCollection`1 orgs, AuthUIMode uiMode, Control parentWindow)
08:00:25| Error| Dynamic Help Link: http://go.microsoft.com/fwlink/?LinkID=398563&lcid=409&cv=8.1.0.371&opsys=10.0.14393.0&cid=c53cd147-db95-4260-92c7-15e56b65939a&client=Outlook&error=Microsoft.Crm.CrmException%3a80044311&method=MarshaledInvoke&st= at System.Windows.Forms.Control.MarshaledInvoke(Control caller, Delegate method, Object[] args, Boolean synchronous)
at System.Windows.Forms.Control.Invoke(Delegate method, Object[] args)
at Microsoft.Crm.Outlook.ClientAuth.ClientAuthProvider`1.SignIn(AuthUIMode uiMode, IClientOrganizationContext context, Control parentWindow, Boolean retryOnError)
at Microsoft.Crm.Application.Outlook.Config.DeploymentsInfo`1.DeploymentInfo`1.LoadOrganizationsInternal(AuthUIMode uiMode, Control parentWindow)
at Microsoft.Crm.Application.Outlook.Config.DeploymentsInfo`1.InternalLoadOrganizations(DataCollection`1 orgs, AuthUIMode uiMode, Control parentWindow)&orgType=CRM On-Premisebostjanc
Tuesday, November 8, 2016 7:01 AM