locked
Federation Services Single Sign-on with SharePoint not Working if I log into CRM First RRS feed

  • Question

  • I have both Dynamics CRM 2011 and SharePoint 2010 using ADFS 2.0 for claims authentication integrated together using the CRM List Component. If I visit SharePoint first, then visit CRM, I am not prompted to log in again. However, if I log into CRM first then I visit SharePoint or have an iframe into SharePoint on a CRM form, I am redirected to the ADFS log in form by SharePoint. Are there additional requirements for ADFS to provide a single sign-on instead of prompting for credentials twice or ways that I could diagnose the issue? 
    Tuesday, January 17, 2012 3:02 PM

Answers

All replies

  • I don't know if this is related but performing an IIS reset on the SharePoint server causes me to get redirected to the ADFS sign in form again. An IIS reset on the CRM server doesn't cause me to have to log in again. 
    Tuesday, January 17, 2012 4:15 PM
  • In addition, if I log into one SharePoint site, I don't have to log the second SharePoint site that I visit but only if I haven't logged into CRM yet. 

    Scenario A:
    SP1 - Requires Login
    CRM1 - Requires Login
    SP2 - No login

    Scenario B:
    CRM1 - Request Login
    SP1 - Requires Login
    SP2 - Requires Login
    CRM2 - No Login

    Scenario C:
    SP1 - Requires Login
    SP2 - No Login
    CRM1 - Requires Login
    SP3 - Requires Login

     

    So it seems that authenticating to CRM using ADFS adversely affects authentication to the SharePoint sites. 

    Tuesday, January 17, 2012 5:34 PM
  • Hi Chris,

     

    Maybe u want to check this blog, maybe some claims or pass-throughs are missing.

    Havent installed Claims and IFD yet but i am middle in the planning to do it.

     

    Hope you find something usefull in the blog and u can find a solution for your problem.

     

    http://support.risualblogs.com/blog/2011/11/01/how-to-set-up-crm-2011-ifd-and-publishing-via-tmg-or-uag/

     

    Kind regards,

     

    Hurrikane

    Wednesday, January 18, 2012 12:08 PM
  • As we just confirmed the WS-Fed SSO behavior you described here is still a bug in CRM 2015 IFD with SharePoint 2013 and ADFS 3.0.  Microsoft is going to address this in CRM 2016.  See this article for fix/workaround:

    https://support.microsoft.com/en-us/kb/3045286


    -- Ilya


    • Edited by Ilya Oussov Wednesday, December 2, 2015 10:35 AM
    Wednesday, December 2, 2015 10:33 AM