CRM 2011, 404 error with ADFS and IFD.

All replies

• 

  

  1

  Sign in to vote

  Hi Andrew,

  This is DNS issue, i was having the same problem.

  when i login with my credentials i will get 404 page with https://auth.blahblah.com/default.asps

  and again when i change the URL to proper organization URL it works fine.

  So i have created a separate web publishing rule(TMG) for auth.domain.com later it works perfect.

  so please check your external dns enties. 

   

  Regards,

  ---

  Khaja Mohiddin

  • Proposed as answer by Paul Conroy Thursday, October 13, 2011 12:41 AM

  Tuesday, June 21, 2011 10:30 AM
• 

  

  0

  Sign in to vote

  This only doesn't work for 1 out of 10 users.  The other 9 can get to the site just fine.  That tells me that the external DNS entries work just fine.

   

  Still having this issue - anyone else run into this?

   

  thanks,

  Andrew

  Tuesday, June 21, 2011 3:52 PM
• 

  

  0

  Sign in to vote

  Are internal claims working ?

  check for any kerberos failures on the client that is failing.

  That would indicate SPN reading failure due to DNS/Kerberos failures.  In the field we have seen certain client machines that have issues with their machine accounts in AD.

   

  ---

  Curtis J Spanburgh

  Wednesday, June 22, 2011 7:33 PM

  Moderator
• 

  

  0

  Sign in to vote

  Ugh, what an ugly problem.  Got a solution, finally.

  Somehow, I have no idea how, the user's account was missing from the Config database, while being present in the main database.  This caused the user to appear everywhere it should, be able to be assigned to teams, and be able to athenticate successfully against AD - but not view any CRM components.

  The remedy was to create a brand new domain account, associate the user with that account, and then associate the user back with their old domain account.  They can now log in just fine.

  ~Andrew

   

   

  • Marked as answer by Andrew Ornatov Thursday, June 23, 2011 6:09 AM

  Thursday, June 23, 2011 6:09 AM
• 

  

  0

  Sign in to vote

  Thanks Khaja

  This is a real sticky one and I wouldn't have thought to create a new publishing rule for the auth URL !  :)

  ---

  Paul Conroy

  Thursday, October 13, 2011 12:42 AM
• 

  

  0

  Sign in to vote

  Hi,

  Issue has been fixed in RU6 http://support.microsoft.com/kb/2600640.

  
  

  
  

  ---

  ja

  Saturday, March 10, 2012 6:01 PM
• 

  

  1

  Sign in to vote

  This happens in RU 6 too!!!!!!  Microsoft should be embrassed releasing this product.

  Tuesday, April 24, 2012 6:03 PM
• 

  

  1

  Sign in to vote

  Hi Khaja,

  I am also using TMG and was getting the 404 on auth.mycompany.com and not redirecting to orgname.mycompany.com.

  Creating a seperate Publishing Rule on TMG for auth fixed the issue, so thank you for your post.

  On further investigation, you can keep it all in the one Publishing Rule on TMG.  On the properties of the rule in the "To" tab, the "This rule applies to this published site" field must be "auth.mycompany.com".

  You can then list your other dns entries - dev.mycompany.com, orgname.mycompany.com, orgname2.mycompany.com, etc under the Public Name tab of the publishing rule.

  Wednesday, December 5, 2012 1:00 PM