Hi
I'm trying to configure IFD for one of our customer , the problem i'm facing is getting prompt for user password when tring to get to internal crm address.
This are the details :
machine name : xrmtst1
machine FQDN xrmtst1.Xdomain.com
SELF sign SSL : XrmTstCert.Xdomain.com by using selfssl7 to create certificate that has diffrent name from machineName
----------------SPN -------------------
C:\Windows\System32\inetsrv>setspn -l Xdomain\xrmtst1$
Registered ServicePrincipalNames for CN=XRMTST1,OU=Servers,OU=Domain Controllers,DC=Xdomain,DC=com:
http/orgCrmName-tst.Domain-X.co.il
https/orgCrmName-tst.Domain-X.co.il
https/xrmtst1.Xdomain.com
http/xrmtst1.Xdomain.com
WSMAN/XRMTST1.Xdomain.com
WSMAN/XRMTST1
TERMSRV/XRMTST1
TERMSRV/XRMTST1.Xdomain.com
RestrictedKrbHost/XRMTST1
HOST/XRMTST1
RestrictedKrbHost/XRMTST1.Xdomain.com
HOST/XRMTST1.Xdomain.com
------------------------------------------
DNS HOST A records :
ifdurl-tst.Xdomain.com External IFD URL
XRMTST1.Xdomain.com Machine name
xrmtstcert.Xdomain.com ADFS SERVER NAME (selfsign certificate using selfssl7)
CrmDiscovery-tst.Domain-X.co.il crm dicovery web service domain
orgCrmName-tst.Domain-X.co.il internal/external web application server and organization web service domain----------------------------------------
issue that i was dealing with :
when i configure the ADFS 2 i didn't get the option to choose the certificate nor the ADFS name because the ADFS already choose them for me and the SSL CERTIFICATE field and Federation
server name where disabled . Is this because the Default web site is bind with this certificate ?
when I type
https://xrmtstcert.Xdomain.com/federationmetadat/2007-06/federationmetadata.xml on the IE i didn't get xml nor error , I got white empty page. Why is that?
I'm not sure what are the URL's
that I need to set on the screen of the deployment property manager :
binding = HTTPS, Port for every URL is 444
Web Application server:
?:444
Organization web service = ?:444
Discovery web service = ?:444
Deployment Web service = ?444
This is full installation server ; Can I use the same address for all this URLs ?
Is this URL going to be the url the user will type for internal access to the CRM ?
Is there any connaction to the ssl certificate ?
When do I set the internal address that I created on the DNS : orgCrmName-tst.Domain-X.co.il ?
Is there a problem the the inner DNS is co.il and for outside world .com ?
Can I use the same url for internal and external url ?
After configuring the claims base authentication and creating all the needed rule I look at the log file and so this address :
Internal Federation Metadata URL: https:// orgCrmName-tst.Domain-X.co.il:444/FederationMetadata/2007-06/FederationMetadata.xml
Where this address came ? It declate on the DNS as an HOST A record but I ddin't set it ?
When I go to this url I get the famous xml .
Any way when I tried to browse to the :
https://orgCrmName-tst.Domain-X.co.il:444 or to
https://xrmtstCert.xdomain.com:444 I get prompt for user and password and after 3 attempt I het 401. I tried to do iisreset and set spn to the machine.
I will appreciate any help .