locked
Plugin Registration Tool Failing RRS feed

  • Question

  • When I try to establish a connection in the Plugin Registration Tool I get the error:

    Unable to retrieve the organizations from the Discovery Service.

    Unhandled Exception: System.ServiceModel.ProtocolException: The content type text/html; charset=utf-8 of the response message does not match the content type of the binding (application/soap+xml; charset=utf-8). If using a custom encoder, be sure that the IsContentTypeSupported method is implemented properly. The first 1024 bytes of the response were: ...

    Please note the following:

    * When I copy the Plugin Registration Tool to the CRM server I can connect without any problems.
    * I can use CRM from the outside without any issues.
    * The discovery service URL https://..../XRMServices/2011/Discovery.svc shows up correctly.
    * The Organization Service URL https://.../XRMServices/2011/Organization.svc shows up correctly.
    * Same for the Organization Data Service
    * This is CRM 2011 on premise
    * I had no problems connecting in the past but it's a while back so I am not sure what changed (windows updates, etc)

    I spent hours on this so any input is appreciated.

    Tuesday, September 16, 2014 5:22 PM

All replies

  • PLease try to restart your CRM Server and try again.

    Saad

    Wednesday, September 17, 2014 11:15 AM
  • Saad, thanks for the suggestion but I did already try that. The problem persisted.
    Wednesday, September 17, 2014 2:39 PM
  • Hi,
    several users have issues with the latest plugin registration tool (SDK 6.1.1) try with an older SDK.

    https://onedrive.live.com/redir?resid=E4B83260B94D4158!1387&authkey=!ALuzupR9uXK3iII&ithint=folder%2c.exe

    EDIT: I just saw that is CRM 2011, did you try with the latest CRM 2011 SDK?

    http://www.microsoft.com/en-us/download/details.aspx?id=24004


    My blog: www.crmanswers.net - Rockstar 365 Profile



    Wednesday, September 17, 2014 3:02 PM
  • Guido, thanks. I did try several different versions but none work. I also have the same issue when trying to connect to CRM through a console application (running on a remote computer). This did work in the past. Somehow the admin account lost REMOTE access for things like Plugin Registration Tool, XRM Serice programs, etc while using this on the CRM server works and while that account can still log into the CRM application from a remote computer.
    Wednesday, September 17, 2014 4:03 PM
  • hello,

    just to see if it is a dns issue, could you please try to use the ipaddress instead of the server name?

    regards,

    Jithesh

    Wednesday, September 17, 2014 7:48 PM
  • Here is the error I am getting from Plugin Registration Tool. I am getting the same error message with my console app and the stack trace starts with the same "System.ServiceModel.Channels.HttpChannelUtilities.ValidateRequestReplyResponse". Again, the Plugin Registration Tool (and probably also my app) works directly on the CRM server. On the AD server I checked the Event Viewer for entries in AD FS 2.0 Admin but did not see anything so ADFS does not seem to reject any login attempt. I also did a trace in CRM and the w3wp file shows an exception with the message "The ticket specified for authentication is invalid, ErrorCode: -2147180286. The first few entries for the stack trace are

    at CrmException..ctor(...)
    at CrmPostAuthenticationHelper.ReadAndValidateTicket(...)
    at CrmPostAuthenticationProvider.Authenticate(...)
    at AuthenticationStep.Authenticate(...)

    I started to look into .Net Framework 4 related issues.

    Error & Stack Trace

    Unhandled Exception: System.ServiceModel.ProtocolException: The content type text/html; charset=utf-8 of the response message does not match the content type of the binding (application/soap+xml; charset=utf-8). If using a custom encoder, be sure that the IsContentTypeSupported method is implemented properly. The first 1024 bytes of the response were: '
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr">
    <head><meta http-equiv="X-UA-Compatible" content="IE=8" /><title>
     Sign In
    </title><link rel="stylesheet" type="text/css" href="MasterPages/StyleSheet.css" /><meta name="robots" content="noindex, nofollow" /></head>

    <body>
        <form name="aspnetForm" method="post" action="/adfs/ls/?wa=wsignin1.0&amp;wtrealm=https%3a%2f%2fsts.[...].com%2f&amp;wctx=rm%3d1%26id%...%26ru%3dhttps%253a%252f%252fsts.[...].com%252fadfs%252fservices%252ftrust%252f13%252fusername%252fdefault.aspx&amp;wct=2014-09-17T17%3a24%3a41Z&amp;wauth=urn%3aoasis%3anames%3atc%3aSAML%3a1.0%3aam%3apassword" id="aspnetForm">
    <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/[...]=" />

    <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="0E'.

    Server stack trace:
       at System.ServiceModel.Channels.HttpChannelUtilities.ValidateRequestReplyResponse(HttpWebRequest request, HttpWebResponse response, HttpChannelFactory`1 factory, WebException responseException, ChannelBinding channelBinding)
       at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
       at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
       at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
       at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)

    Exception rethrown at [0]:
       at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
       at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
       at Microsoft.IdentityModel.Protocols.WSTrust.IWSTrustContract.Issue(Message message)
       at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst, RequestSecurityTokenResponse& rstr)
       at Microsoft.Xrm.Sdk.Client.ServiceConfiguration`1.Issue(AuthenticationCredentials authenticationCredentials)
       at Microsoft.Xrm.Sdk.Client.ServiceConfiguration`1.AuthenticateInternal(AuthenticationCredentials authenticationCredentials)
       at Microsoft.Xrm.Sdk.Client.ServiceConfiguration`1.AuthenticateFederationInternal(AuthenticationCredentials authenticationCredentials)
       at Microsoft.Xrm.Sdk.Client.ServiceConfiguration`1.Authenticate(AuthenticationCredentials authenticationCredentials)
       at Microsoft.Xrm.Sdk.Client.ServiceConfiguration`1.Authenticate(ClientCredentials clientCredentials)
       at Microsoft.Xrm.Sdk.Client.ServiceProxy`1.AuthenticateCore()
       at PluginRegistrationTool.ManagedTokenDiscoveryServiceProxy.AuthenticateCore() in E:\sdk\tools\pluginregistration\ToolServiceProxies.cs:line 47
       at Microsoft.Xrm.Sdk.Client.ServiceProxy`1.ValidateAuthentication()
       at PluginRegistrationTool.ManagedTokenDiscoveryServiceProxy.ValidateAuthentication() in E:\sdk\tools\pluginregistration\ToolServiceProxies.cs:line 53
       at Microsoft.Xrm.Sdk.Client.ServiceContextInitializer`1.Initialize(ServiceProxy`1 proxy)
       at Microsoft.Xrm.Sdk.Client.DiscoveryServiceProxy.Execute(DiscoveryRequest request)
       at PluginRegistrationTool.CrmConnection.RetrieveOrganizations() in E:\sdk\tools\pluginregistration\CrmConnection.cs:line 315
       at PluginRegistrationTool.ConnectionsForm.OpenConnection(CrmConnection con) in E:\sdk\tools\pluginregistration\ConnectionsForm.cs:line 940

    Wednesday, September 17, 2014 8:44 PM
  • To add to my previous post, here is the trace from CRM. Interestingly, the organization and user id is all 0. I can understand the organization ID because I think at that stage the program still tries to find out what organizations there are. But shouldn't the user id already have a value?

    [2014-09-17 10:54:23.310] Process: w3wp |Organization:00000000-0000-0000-0000-000000000000 |Thread:   12(MSCRM:-RegistryWatcher.RegTrackerThreadProc) |Category: Platform.Sdk |User: 00000000-0000-0000-0000-000000000000 |Level: Info |ReqId:  | CrmCache`1.Flush  ilOffset = 0xD
    >Cache STATIC_FILE_VERSION had item with key STATIC_FILE_VERSION removed
    [2014-09-17 10:54:23.313] Process: w3wp |Organization:00000000-0000-0000-0000-000000000000 |Thread:   12(MSCRM:-RegistryWatcher.RegTrackerThreadProc) |Category: Shared |User: 00000000-0000-0000-0000-000000000000 |Level: Verbose |ReqId:  | CrmDbConnection.Open  ilOffset = 0x2E
    >ConnectionString: Workstation ID=SERVER.w3wp.443;Data Source=SERVER;Initial Catalog=MSCRM_CONFIG;Integrated Security=True;Min Pool Size=2;Connect Timeout=150
    [2014-09-17 10:54:23.314] Process: w3wp |Organization:00000000-0000-0000-0000-000000000000 |Thread:   12(MSCRM:-RegistryWatcher.RegTrackerThreadProc) |Category: Platform.Sql |User: 00000000-0000-0000-0000-000000000000 |Level: Verbose |ReqId:  | CrmDbConnection.ExecuteNonQuery  ilOffset = 0x24
    >INSERT INTO Notification(Id, OrganizationId, CreatedOn, EventData, EventId) VALUES(newid(), '00000000-0000-0000-0000-000000000000', getutcdate(), 'ServerId{f0934f9c-eeea-e111-a3c0-00155d046401}:w3wp:/LM/W3SVC/1/ROOT-1-130553595976754159:STATIC_FILE_VERSION:STATIC_FILE_VERSION', netCacheItemRemove)
    [2014-09-17 10:54:23.321] Process: w3wp |Organization:00000000-0000-0000-0000-000000000000 |Thread:   12(MSCRM:-RegistryWatcher.RegTrackerThreadProc) |Category: Platform.Sql |User: 00000000-0000-0000-0000-000000000000 |Level: Verbose |ReqId:  | CrmDbConnection.InternalExecuteNonQuery  ilOffset = 0x11D
    >Query execution time: 0.0 seconds; database: MSCRM_CONFIG; Server:SERVER; command: INSERT INTO Notification(Id, OrganizationId, CreatedOn, EventData, EventId) VALUES(newid(), '00000000-0000-0000-0000-000000000000', getutcdate(), 'ServerId{...}:w3wp:/LM/W3SVC/1/ROOT-1-130553595976754159:STATIC_FILE_VERSION:STATIC_FILE_VERSION', netCacheItemRemove).
    [2014-09-17 10:54:23.322] Process: w3wp |Organization:00000000-0000-0000-0000-000000000000 |Thread:   12(MSCRM:-RegistryWatcher.RegTrackerThreadProc) |Category: Platform.Sdk |User: 00000000-0000-0000-0000-000000000000 |Level: Info |ReqId:  | CrmCache`1.Flush  ilOffset = 0x41
    >Cache STATIC_FILE_VERSION was flushed
    [2014-09-17 10:54:27.349] Process: w3wp |Organization:00000000-0000-0000-0000-000000000000 |Thread:    7 |Category: Platform |User: 00000000-0000-0000-0000-000000000000 |Level: Verbose |ReqId: 554e95a3-7f2d-452f-b11e-66f6d4619bdd | AuthenticationEngine.Execute  ilOffset = 0xA1
    >AUTH: Request [POST http://sts.[...].com/adfs/services/trust/13/username/default.aspx] from [98.242.89.246] entered Authentication Pipeline.
    [2014-09-17 10:54:27.350] Process: w3wp |Organization:00000000-0000-0000-0000-000000000000 |Thread:    7 |Category: Platform |User: 00000000-0000-0000-0000-000000000000 |Level: Verbose |ReqId: 554e95a3-7f2d-452f-b11e-66f6d4619bdd | AuthenticationPipeline.Authenticate  ilOffset = 0x11
    >AUTH: AuthenticationProvider [Microsoft.Crm.Authentication.CrmPostAuthenticationProvider] will be attempted.
    [2014-09-17 10:54:27.351] Process: w3wp |Organization:00000000-0000-0000-0000-000000000000 |Thread:    7 |Category: Exception |User: 00000000-0000-0000-0000-000000000000 |Level: Error |ReqId: 554e95a3-7f2d-452f-b11e-66f6d4619bdd | CrmException..ctor  ilOffset = 0x36
     at CrmException..ctor(Int32 errorCode, Object[] arguments)  ilOffset = 0x36
     at CrmPostAuthenticationHelper.ReadAndValidateTicket(HttpRequest request)  ilOffset = 0x12
     at CrmPostAuthenticationProvider.Authenticate(HttpApplication application)  ilOffset = 0x19
     at AuthenticationStep.Authenticate(HttpApplication application)  ilOffset = 0x31
     at AuthenticationPipeline.Authenticate(HttpApplication application)  ilOffset = 0x11
     at AuthenticationEngine.Execute(Object sender, EventArgs e)  ilOffset = 0x10D
     at SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()  ilOffset = 0x5D
     at HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)  ilOffset = 0x15
     at ApplicationStepManager.ResumeSteps(Exception error)  ilOffset = 0x10A
     at HttpApplication.System.Web.IHttpAsyncHandler.BeginProcessRequest(HttpContext context, AsyncCallback cb, Object extraData)  ilOffset = 0x5C
     at HttpRuntime.ProcessRequestInternal(HttpWorkerRequest wr)  ilOffset = 0x16A
     at ISAPIRuntime.ProcessRequest(IntPtr ecb, Int32 iWRType)  ilOffset = 0x4B
    >Crm Exception: Message: The ticket specified for authentication is invalid, ErrorCode: -2147180286

    Wednesday, September 17, 2014 9:49 PM
  • Here is an update. I looked at fiddler and compared the traffic from on-premise and a trial online account. They mostly look the same except for the very end. In the case of CRM online I see

    1) 200 HTTP  Tunnel to                 login.microsoftonline.com:443
    2) 200 HTTPS login.microsoftonline.com /GetUserRealm.srf
    3) 200 HTTPS login.microsoftonline.com /RST2.srf
    4) 200 HTTPS disco.crm.dynamics.com    /XRMServices/2011/Discovery.svc

    3) Has the actual user name and password ...<Login>me@[domain].onmicrosoft.com</Login>...

    In case of on-premises, which fails, I get:
    a) 200 HTTP Tunnel to sts.[domain].com:443
    b) 302 HTTPS sts.[domain].com /adfs/serices/trust/13/username/default.aspx
    c) 200 HTTP Tunnel to sts.[domain].com:444
    d) 200 HTTPS sts.[domain].com:444 /adfs/ls/?wa-wsignin1.0&wtrealm=https%3a%2f...

    The last step d breaks. Below is the request and response for that transaction. What is different to CRM Online is that the username and password were not transmitted as can be seen in the request. Also what I get back as a response is the HTML code for the login screen that all users usually get when they log in through internet explorer. Does anybody have any idea why this is happening and how it can be fixed?

    Request:
    GET https://sts.[domain].com:444/adfs/ls/?wa=wsignin1.0&wtrealm=https%3a%2f%2fsts.[domain].com%2f&wctx=rm%3d1%26id%3de4aebd76-c068-48fb-a9d0-a789fdf9856d%26ru%3dhttps%253a%252f%252fsts.[domain].com%252fadfs%252fservices%252ftrust%252f13%252fusername%252fdefault.aspx&wct=2014-09-18T17%3a28%3a55Z&wauth=urn%3aoasis%3anames%3atc%3aSAML%3a1.0%3aam%3apassword HTTP/1.1
    Content-Type: application/soap+xml; charset=utf-8
    Accept-Encoding: gzip, deflate
    Host: sts.[domain].com:444

    Respone:
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr">
    <head><meta http-equiv="X-UA-Compatible" content="IE=8" /><title>
     Sign In
    </title><link rel="stylesheet" type="text/css" href="MasterPages/StyleSheet.css" /><meta name="robots" content="noindex, nofollow" /></head>

    <body>
        <form name="aspnetForm" method="post" action="/adfs/ls/?wa=wsignin1.0&amp;wtrealm=https%3a%2f%2fsts.[domain].com%2f&amp;wctx=rm%3d1%26id%3de4aebd76-c068-48fb-a9d0-a789fdf9856d%26ru%3dhttps%253a%252f%252fsts.[domain].com%252fadfs%252fservices%252ftrust%252f13%252fusername%252fdefault.aspx&amp;wct=2014-09-18T17%3a28%3a55Z&amp;wauth=urn%3aoasis%3anames%3atc%3aSAML%3a1.0%3aam%3apassword" id="aspnetForm">
    <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKMTY2MTc3NjUzM2RkjjIW9UHu5Y9twnRBWg+xeuICC2E=" />

    <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="0EE29E36" />
    <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWBQL99cGTDALnmcnFAQKzpa6MBwKo77JuAunYybIMxkiOVtoW9jbNbvbjpHhO9DCwW3I=" /><input type="hidden" name="__db" value="16" />
        <div class="MainArea">
            <div class="Header">
                <span id="ctl00_PageTitleLabel">Sign In</span>
            </div>
           
            <div class="GroupLargeMargin">
                <div class="TextSizeXLarge">
                    <span id="ctl00_STSLabel">sts.[domain].com</span>
                </div>
            </div>
            <div class="MainActionContainer">
               
        <div class="GroupXLargeMargin"><span>Type your user name and password.</span></div>

    Thursday, September 18, 2014 6:11 PM