locked
CRM 2011 URL Mapping Issue RRS feed

  • Question

  • Hi

    We have a CRM 2011 deployment where ajax (json) web service calls to the organization service are not working due to cross domain issues.  When on the CRM server using the server name in the URL the script will work, when using localhost it will not...

     

    http://abcapts01/abc-DEV/main.aspx - script will work

    http://localhost/abc-DEV/main.aspx - script will not work due to security restrictions – traversing domains.


    Problem is that the customer's requests are coming in as abcapts01.abccrm.co.uk which means the scripts do not work for them

    e.g. http://abcapts01.abccrm.co.uk/abc-DEV/main.aspx

     

    What's the best way to approach this?

     

    1. Url Rewriting/Routing in IIS so that abcapts01.abccrm.co.uk requests are mapped to abcapts01

    2. Rename the CRM instance and web service urls to be abcapts01.abccrm.co.uk rather than abcapts01?

     

    I've tried using

    jQuery.support.cors = true;
    

    in the web service call and while this does work, it also gives a security warning in IE which will not be acceptable in a production system.

     

    Any ideas gratefully received

     

     

     

    Friday, February 3, 2012 3:25 PM

Answers

  • So if the issue is that you can't access from the FQDN but only on the server, you may need to disable loopback checks.


    www.develop1.net
    If this post answers your question, please click "Mark As Answer" on the post and "Mark as Helpful"
    • Marked as answer by Col Lowe Tuesday, February 7, 2012 8:49 AM
    Monday, February 6, 2012 9:31 PM
    Answerer

All replies

  • So as I understand it, you have ajax calls to http://abcapts01/abc-DEV/main.aspx, but the browser url is http://abcapts01.abccrm.co.uk/abc-DEV/main.aspx

    I presume this is because you are picking up the Url from the CRM Global Context which is different from the url being used to access CRM?

    In this situation, you should re-point your CRM Server Urls so that they are the fully qualified ones and always use those to access your CRM instance.

    hth,

    Scott


    www.develop1.net
    If this post answers your question, please click "Mark As Answer" on the post and "Mark as Helpful"
    Friday, February 3, 2012 3:59 PM
    Answerer
  • Thanks Scott

     

    Your explanation was a lot more concise than mine...

     

    So I've changed the URLs in Deployment Manager but I am still seeing the same issue.  When I try to access CRM using the fully qualified url I get a username / password challenge which will not accept my credentials. 

    Restart required?

     

    Colin.

    Friday, February 3, 2012 4:42 PM
  • Is this an IFD on OnPrem deployment?

    You'll also need to make sure that the FQDM is in the trusted/local intranet.


    www.develop1.net
    If this post answers your question, please click "Mark As Answer" on the post and "Mark as Helpful"
    Friday, February 3, 2012 5:27 PM
    Answerer
  •  

    It's an on-premise deployment (hosted at a datacentre, accessed via leased line)

     

    Have tried adding the FQDN to trusted sites, same security challenge when accessing using the FQDN on the server,  giving a 401 Unauthorized error.

     

    Thanks for your help

    Friday, February 3, 2012 5:33 PM
  • Do the customer requests still work?

    Are you trying to access it from the server it's self? 

    Can you still access it from the non-FQDN?


    www.develop1.net
    If this post answers your question, please click "Mark As Answer" on the post and "Mark as Helpful"
    Friday, February 3, 2012 6:07 PM
    Answerer
  • Hello

     

    Yes, customer requests still work.

    Yes, I am accessing it on the server itself.  I can access on abcapts01 but not abcapts.abccrm.co.uk, so can only access from the non-FQDN rather than the FQDN on the server.  

    • Marked as answer by Col Lowe Tuesday, February 7, 2012 8:48 AM
    • Unmarked as answer by Col Lowe Tuesday, February 7, 2012 8:48 AM
    Monday, February 6, 2012 9:17 AM
  • So if the issue is that you can't access from the FQDN but only on the server, you may need to disable loopback checks.


    www.develop1.net
    If this post answers your question, please click "Mark As Answer" on the post and "Mark as Helpful"
    • Marked as answer by Col Lowe Tuesday, February 7, 2012 8:49 AM
    Monday, February 6, 2012 9:31 PM
    Answerer
  • Hi Scott

    Yes, was playing around with this setting yesterday and it does indeed fix the issue.  I did go down the route of creating Local Security Authority host names as in this post rather than disabling the loopback checks

    http://support.microsoft.com/kb/887993  (method 1)

    Many thanks for your help.

    Tuesday, February 7, 2012 8:48 AM