locked
CRM 2011 ADFS 2.0 HTTP Error RRS feed

  • Question

  • Hello,

    I have installed a CRM 2011 (GTM) on one server and ADFS 2.0 on a DC (on a second server) - following the whitepaper and installation guide.

    When I bring up the CRM server in my webbrowser, it transfers me to the ADFS 2.0 server to logon.  Once I input my credentials, the next redirect comes back with this error:

    <fieldset>

    405 - HTTP verb used to access this page is not allowed.

    The page you are looking for cannot be displayed because an invalid method (HTTP verb) was used to attempt access.

    </fieldset>

    ADFS 2.0 looks fine, there are no errors that I can find in the ADFS event log.  The IIS logs don't show any obvious errors either.

    Does anyone have any ideas?

    Thanks,

    Mark

    Tuesday, March 15, 2011 2:26 AM

All replies

  • The endpoint must have trailing slash "/". This is true for both the RP and the STS (AD FS) endpoints. IIS resolves the trailing slash as the default document. Make sure your endpoints end with "/".

    Hope this helps.

     


    Linkedin : http://in.linkedin.com/in/rammscrm/
    Tuesday, March 15, 2011 4:59 AM
  • Hi, could you explain in a bit more detail where I must add the "/" to?

    Thanks

    Tuesday, March 15, 2011 7:35 AM
  • Hello Rama,

    I do have trailing slashes on the ADFS 2.0 server endpoints...  Is there a way to turn on tracing or anything to get more details?

     

    Thanks,

    Mark

    • Proposed as answer by Jon Abbott1 Sunday, March 20, 2011 9:04 AM
    • Unproposed as answer by Jon Abbott1 Sunday, March 20, 2011 9:04 AM
    Tuesday, March 15, 2011 1:51 PM
  • Hi Mark

    You should be able to use the crmdiag4 tool which can be found here.  Im not sure if you can still use all features in CRM 2011 but you will still be able to run a trace.

    The first thing I would check would to see if all the different endpoints work on both servers.  You may have a DNS/HOSTS entry missing. or a certificate isn't trusted.


    Marc Collins www.QGate.co.uk
    • Proposed as answer by Jim Glass Jr Wednesday, March 16, 2011 4:57 PM
    Tuesday, March 15, 2011 2:20 PM
  • I managed to resolve the issue, mine was not related the trialling "/".  

    The problem with my setup was in fact the AD FS certificates.  Essentially I originally had two separate certificates, one for AD FS and one for the CRM 2011 site.  I was already using multi domain certificate, so I added the required common names for both my AD FS service name and my CRM site.

    After running through the setup using this single certicate and ensuring it was a trusted certificate for on both AD FS server and the CRM server everything worked correctly.

    Hope this helps.

    Jon

    www.priorityoneit.co.uk

     

    • Proposed as answer by Jon Abbott1 Monday, March 21, 2011 3:49 PM
    Sunday, March 20, 2011 9:10 AM
  • Just to add my 2 cents:

    I had the same error after I tried to change my setup to use uat.domain.com rather than uat.crmtest.domain.com.

    It turned out I had missed putting the address set for the "Discovery Web Service Domain" (this should probably be called host rather than domain - confuses me at least) in the IFD wizard in our internal DNS. So really make sure all DNS entries needed are there - which so far for me is one for the ADFS server, one for the Discovery Web Service and one for each CRM org I have. 

    Best regards
    Nicolai


    Wednesday, December 19, 2012 9:49 AM