Sign in
Microsoft.com
 
Microsoft
 
 
 

locked
Can installing user be in different OU than CRM? RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote
    We installed CRM 4.0 on a Windows Server 2003. 
    OrganizationalUnit is "OU=DEP1,OU=DEPARTMENTS,DC=ONECOMPANY,DC=DE"

    Installation user is domain administrator (ActiveDirectory-path ONECOMPANY.DE/IT)

    When domain administrator tries to start CRM in browser, to following error message comes up:
      
    Error: 0x80041D2A / 80041D2A 

    You are attempting to create a user with a domain logon 
that does not exist. Select another domain logon and try again.

    The users to use CRM are located in

    ONECOMPANY.DE/DEPARTMENTS/DEP1/GRP1
    ONECOMPANY.DE/DEPARTMENTS/DEP1/GRP2
    ONECOMPANY.DE/DEPARTMENTS/DEP1/GRP3


    Because the administrator gets the error message, he cannot add any users to crm.

    My questions:

    Can the user who is installing crm be in another path (ONECOMPANY.DE/IT) than the choosen OU (ONECOMPANY.DE/DEPARTMENTS/DEP1) during installation?

    Do we run into any problems if users exists in subfolders (GRP1 GRP2 GRP3) of the choosen OU during installation?

    Tuesday, June 2, 2009 8:37 AM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote
    The OU that is used during CRM installation is where a number of security groups are created. These security groups are used by CRM to control access to SQL and SQL Reporting Services.

    CRM administrators and CRM Users can be in any OU in any domain in your Active Directory forest. So am I fairly sure that the error you are getting has nothing to do with OUs.

    When you add a single user to CRM you need to provide the NetBios domain name followed by the user account name e.g. ONECOMPANY\user. Instead try using the Add Multiple Users wizard which allows you to search for users.
    Tuesday, June 2, 2009 9:34 PM
    Moderator

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote
    The OU that is used during CRM installation is where a number of security groups are created. These security groups are used by CRM to control access to SQL and SQL Reporting Services.

    CRM administrators and CRM Users can be in any OU in any domain in your Active Directory forest. So am I fairly sure that the error you are getting has nothing to do with OUs.

    When you add a single user to CRM you need to provide the NetBios domain name followed by the user account name e.g. ONECOMPANY\user. Instead try using the Add Multiple Users wizard which allows you to search for users.
    Tuesday, June 2, 2009 9:34 PM
    Moderator
  • Question
    Sign in to vote
    0
    Sign in to vote

    Thanks a lot.
    It's good to know: "CRM administrators and CRM Users can be in any OU in any domain in your Active Directory forest."

    However, after installation the installing user was not able to open CRM in browser. When trying to logon, he gets the error message. Do you know another way to add users. I am wondering if this problem exists with a regular user.

    Wednesday, June 3, 2009 7:42 AM
  • Question
    Sign in to vote
    0
    Sign in to vote
    What is the error messaqge when the installing tried to open crm in the browser?

    The message in your first post seems to be an error when creating users.
    Wednesday, June 3, 2009 8:28 AM
    Moderator
  • Question
    Sign in to vote
    0
    Sign in to vote

    That's the message the installing user receives! We couldn't create any other users yet.

    Wednesday, June 3, 2009 9:23 AM
  • Question
    Sign in to vote
    0
    Sign in to vote
    That is very strange!  I would have expected a message that said the user is not a licenced user.

    Anyway, I'm not sure that I can help with this. But you might try running a query on the CRM database in SQL. The database will be called organisation_MSCRM where organisation is the name used during installation.

    Have a look at entries in the systemuserbase table. This contains a list of users that have been added to the CRM system, check the DomainName column matches what you expect.

    The other thing to check is, run the CRM Deployment Manager tool on the CRM server to confirm who installed CRM.

    Wednesday, June 3, 2009 9:40 AM
    Moderator
  • Question
    Sign in to vote
    0
    Sign in to vote

    The initial error message was misleading. I enabled trace and checked the log.
    I already checked if server is registered in AD.

    >Crm Exception: Message: Could not find GUID for server: MSCRMSERVER$, ErrorCode: -2147214038
[2009-06-03 13:35:21.0] Process: w3wp |Organization:00000000-0000-0000-0000-000000000000 |Thread:    8 |Category: Application |User: 00000000-0000-0000-0000-000000000000 |Level: Error | ErrorInformation.LogError
>MSCRM Error Report:
--------------------------------------------------------------------------------------------------------
Error: Could not find GUID for server: MSCRMSERVER$

Error Number: 0x80041D2A

Error Message: Could not find GUID for server: MSCRMSERVER$

Error Details: Could not find GUID for server: MSCRMSERVER$

Source File: Not available

Line Number: Not available

Request URL: http://localhost/default.aspx

Stack Trace Info: [CrmSecurityException: Could not find GUID for server: MSCRMSERVER$]
   at Microsoft.Crm.BusinessEntities.SecurityUtils.GetGuidFromServerName(String serverName)
   at Microsoft.Crm.BusinessEntities.SecurityUtils.GetLocalSystemGuid()
   at Microsoft.Crm.Caching.OrganizationSettingsCacheLoader.LoadCacheData(Guid key, ExecutionContext context)
   at Microsoft.Crm.Caching.ObjectModelCacheLoader`2.LoadCacheData(TKey key, IOrganizationContext context)
   at Microsoft.Crm.Caching.BasicCrmCache`2.CreateEntry(TKey key, IOrganizationContext context)
   at Microsoft.Crm.Caching.BasicCrmCache`2.LookupEntry(TKey key, IOrganizationContext context)
   at Microsoft.Crm.BusinessEntities.SecurityLibrary.IsOrganizationSpecialUser(Guid organizationId, Guid userId, ExecutionContext context)
   at Microsoft.Crm.Caching.UserDataCacheLoader.LoadCacheData(Guid key, ExecutionContext context)
   at Microsoft.Crm.Caching.ObjectModelCacheLoader`2.LoadCacheData(TKey key, IOrganizationContext context)
   at Microsoft.Crm.Caching.BasicCrmCache`2.CreateEntry(TKey key, IOrganizationContext context)
   at Microsoft.Crm.Caching.BasicCrmCache`2.LookupEntry(TKey key, IOrganizationContext context)
   at Microsoft.Crm.BusinessEntities.SecurityLibrary.GetUserInfoInternal(WindowsIdentity identity, IOrganizationContext context, UserAuth& userInfo)
   at Microsoft.Crm.BusinessEntities.SecurityLibrary.GetCallerAndBusinessGuidsFromThread(WindowsIdentity identity, Guid organizationId)
   at Microsoft.Crm.Authentication.CrmWindowsIdentity..ctor(WindowsIdentity innerIdentity, Boolean publishCrmUser, Guid organizationId)
   at Microsoft.Crm.Authentication.WindowAuthenticationProviderBase.Authenticate(HttpApplication application)
   at Microsoft.Crm.Authentication.AuthenticationStep.Authenticate(HttpApplication application)
   at Microsoft.Crm.Authentication.AuthenticationPipeline.Authenticate(HttpApplication application)
   at Microsoft.Crm.Authentication.AuthenticationEngine.Execute(Object sender, EventArgs e)
   at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
    Wednesday, June 3, 2009 1:06 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    I think it might be quicker for you to remove CRM and reinstall.

    I can't add anything more without connecting to your system.
    Wednesday, June 3, 2009 4:54 PM
    Moderator
  • Question
    Sign in to vote
    0
    Sign in to vote
    Thanks for your help.
    I will try to reinstall.
    I'll let you know about the result.
    Thursday, June 4, 2009 7:22 AM