Sign in
Microsoft.com
 
Microsoft
 
 
 

locked
federation metadata not present for use with IFD crm RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    I am trying to get a running version of Dynamics CRM 2011, and I am stuck on Claims Based Authentication.

    With Claims Based Authentication disabled, I am able to navigate to Microsoft Dynamics CRM using the http or https address.  I can access the ADFS federationmetadata at https://crmserver/federationmetadata/2007-06/federationmetadata.xml but I cannot access the internalcrm federationmetadata at https://crmserver:444/federationmetadata/2007-06/federationmetadata.xml.   When browsing to the site with the :444 port included I receive a generic error: "An error has occurred.  Try this action again. If the problem continues, check the Microsoft Dynamics CRM Community for solutions or contact your oganization's Microsoft Dynamics CRM Administrator.  Finally, you can contact Microsoft Support."

    I've gone through the configuration for claims based configuration and IFD in the deployment manager.  Any help is appreciated.

     

    Thanks!

    Tuesday, August 9, 2011 4:04 PM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote

    Solution to this problem in this case was no access to the certificate.  In my case the 'network service' was running the application pool for my websites, so this user needed access to the certificate.

    Go to MMC, add the certificate snap-in.  Add the local computer snap in for certificates.  My certificate was located under Personal, Certificates.  Go to your certificate, right click, select all tasks, then manage private keys.  add the user running the app pool for the website.

    • Marked as answer by tlachaussie Tuesday, August 16, 2011 5:55 PM
    Tuesday, August 16, 2011 5:55 PM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote

    I had a problem similar to this and Microsoft support had me replace the URL with https://crmserver:444/Handlers/FederationMetadata.ashx/FederationMetadata/2007-06/FederationMetadata.xml

    Give that a shot.

    Brian Bewley
    Wednesday, August 10, 2011 4:41 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    That didn't work...

     

    One thing that I've gathered is that when I run the command "netsh http show urlacl" I don't get a reserved url for anything referencing port :444.  

     

    Wednesday, August 10, 2011 1:17 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    Any other ideas?
    Thursday, August 11, 2011 12:15 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi,

    Could you provide some more info? (maybe event logs, Deployment Manager logs, etc.)

    Did you get any errors when running through the claims wizard?

    I assume you have the ADFS 2.0 site on the default site and then had CRM server setup create a new site for CRM to use?

    Thanks,
    Michael

    Monday, August 15, 2011 5:48 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    Claims wizard was successful.  Correct, ADFS 2.0 is set on the default website, and CRM server is setup using the defaults (5555) for http.  changed to 444 for https.  No errors or warnings are posted to the event logs.  How would you like me to send them if you are still interested in looking?
    Monday, August 15, 2011 11:56 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Solution to this problem in this case was no access to the certificate.  In my case the 'network service' was running the application pool for my websites, so this user needed access to the certificate.

    Go to MMC, add the certificate snap-in.  Add the local computer snap in for certificates.  My certificate was located under Personal, Certificates.  Go to your certificate, right click, select all tasks, then manage private keys.  add the user running the app pool for the website.

    • Marked as answer by tlachaussie Tuesday, August 16, 2011 5:55 PM
    Tuesday, August 16, 2011 5:55 PM