Answered by:
Internal Sites Asks for Password

Question
-
I did setup CRM and ADFS2. When I go to internalcrm.[domain].com on the server (single server deployment) I get a "Connect to [servername].[domain].local" login screen. I understand that this should not happen. When I click on cancel I get "http error 401.2 - unauthorized, Requested URL https://sts.[domain].com:444/adfs/ls/auth/integrated/?wa=wsignin1.0&wtrealm=https://internalcrm.[domain].com/..."
How can I find out what goes wrong? What should I check where?
Here is some background information:
Default Website (ADFS) is on port *:81, *:444
Microsoft Dynamics CRM is on port *:80, *:443
* Web addresses in MS Dynamics CRM Deployment Manager are internal.[domain].com:443
* https://sts.[domain].com:444/federationmetadata/2007-06/federationmetadata.xml in IE shows entityID = http://sts.[domain].com:444/adfs/services/trust (note the http rather than https)
* https://internalcrm.[domain].com/FederationMetadata/2007-06/FederationMetadata.xml in IE shows entityID = https://internalcrm.[domain].com
* In ADFS-->Relying Party Trust-->Properties-->Monitoring-->Test URL --> ...validated successfully
*netsh http show urlacl does not return and issues. Some URLs listed are
- https://+:443/sra_{BA....}
- http://+:80/adfs/services/
- https://+:444/adfs/services
- https://+:444/FederationMetadata/2007-06/
- https://+:444/adfs/fs/federationserverservice.asmx
* After configuring ADFS the Federation Service identifier did not show any port number so I added it, i.e. http://sts.[domain].com:444/adfs/services/trust
Wednesday, March 7, 2012 5:07 AM
Answers
-
Hi,
You need to add internal site in Local Intranet zone.
Then you need to change the User Authentication for Local Intranet zone.
Restart the IE and try to open the CRM again.
Regards,
Khaja Mohiddin
http://www.dynamicsexchange.com
http://about.me/KhajaMohiddin- Proposed as answer by Khaja Mohiddin Wednesday, March 7, 2012 1:32 PM
- Marked as answer by hfaun Thursday, March 8, 2012 3:28 PM
Wednesday, March 7, 2012 7:24 AM
All replies
-
Hi,
You need to add internal site in Local Intranet zone.
Then you need to change the User Authentication for Local Intranet zone.
Restart the IE and try to open the CRM again.
Regards,
Khaja Mohiddin
http://www.dynamicsexchange.com
http://about.me/KhajaMohiddin- Proposed as answer by Khaja Mohiddin Wednesday, March 7, 2012 1:32 PM
- Marked as answer by hfaun Thursday, March 8, 2012 3:28 PM
Wednesday, March 7, 2012 7:24 AM -
Hi,
Did you resolved this issue?
Regards,
Khaja Mohiddin
http://www.dynamicsexchange.com
http://about.me/KhajaMohiddinThursday, March 8, 2012 1:41 AM -
Thanks. It did answer my question. I wasn't quite sure first as it suddenly stopped working. That seems to be related to http://tinyurl.com/7jz3l2c though.Thursday, March 8, 2012 3:31 PM