Remove From My Forums

Internal Sites Asks for Password

Question
0

Sign in to vote

I did setup CRM and ADFS2. When I go to internalcrm.[domain].com on the server (single server deployment) I get a "Connect to [servername].[domain].local" login screen. I understand that this should not happen. When I click on cancel I get "http error 401.2 - unauthorized, Requested URL https://sts.[domain].com:444/adfs/ls/auth/integrated/?wa=wsignin1.0&wtrealm=https://internalcrm.[domain].com/..."

How can I find out what goes wrong? What should I check where?

Here is some background information:

Default Website (ADFS) is on port *:81, *:444
Microsoft Dynamics CRM is on port *:80, *:443
* Web addresses in MS Dynamics CRM Deployment Manager are internal.[domain].com:443
* https://sts.[domain].com:444/federationmetadata/2007-06/federationmetadata.xml in IE shows entityID = http://sts.[domain].com:444/adfs/services/trust (note the http rather than https)
* https://internalcrm.[domain].com/FederationMetadata/2007-06/FederationMetadata.xml in IE shows entityID = https://internalcrm.[domain].com
* In ADFS-->Relying Party Trust-->Properties-->Monitoring-->Test URL --> ...validated successfully
*netsh http show urlacl does not return and issues. Some URLs listed are
- https://+:443/sra_{BA....}
- http://+:80/adfs/services/
- https://+:444/adfs/services
- https://+:444/FederationMetadata/2007-06/
- https://+:444/adfs/fs/federationserverservice.asmx
* After configuring ADFS the Federation Service identifier did not show any port number so I added it, i.e. http://sts.[domain].com:444/adfs/services/trust

Wednesday, March 7, 2012 5:07 AM

Answers

0

Sign in to vote
Hi,

You need to add internal site in Local Intranet zone.

Then you need to change the User Authentication for Local Intranet zone.

Restart the IE and try to open the CRM again.

Regards,
Khaja Mohiddin
http://www.dynamicsexchange.com
http://about.me/KhajaMohiddin
- Proposed as answer by Khaja Mohiddin Wednesday, March 7, 2012 1:32 PM
- Marked as answer by hfaun Thursday, March 8, 2012 3:28 PM
Wednesday, March 7, 2012 7:24 AM

All replies

0

Sign in to vote
Hi,

You need to add internal site in Local Intranet zone.

Then you need to change the User Authentication for Local Intranet zone.

Restart the IE and try to open the CRM again.

Regards,
Khaja Mohiddin
http://www.dynamicsexchange.com
http://about.me/KhajaMohiddin
- Proposed as answer by Khaja Mohiddin Wednesday, March 7, 2012 1:32 PM
- Marked as answer by hfaun Thursday, March 8, 2012 3:28 PM
Wednesday, March 7, 2012 7:24 AM
0

Sign in to vote

Hi,

Did you resolved this issue?

Regards,
Khaja Mohiddin
http://www.dynamicsexchange.com
http://about.me/KhajaMohiddin

Thursday, March 8, 2012 1:41 AM
0

Sign in to vote

Thanks. It did answer my question. I wasn't quite sure first as it suddenly stopped working. That seems to be related to http://tinyurl.com/7jz3l2c though.

Thursday, March 8, 2012 3:31 PM

Answered by:

Internal Sites Asks for Password

Question

Answers

All replies