Error 401 and event id 3 accessing newly installed site RRS feed

  • Question

  • i just reinstalled my CRM 2011 site and have encountered something really strange. I can get to the site via IP, I can connect via http://crm but when I connect via http://crm.mydomain.com I get prompted to logon 3 times and then get an error 401.

    I noticed this was pretty common in CRM 4.0 but didn't notice any articles covering it for 2011. I have checked the SPN's and IIS to ensure Kerberos is set correctly. What else?

    Just got some new information here too. In trying to resolve this, I found an article that pointed to this: http://support.microsoft.com/kb/887993 I cranked up the logging and sure enough I'm getting a Kerberos error when I try to connect to the site, but I am failing on KRBTGT (Kerberos Ticket Granting Ticket?) and have NO idea how to resolve that one. Anyone got any insights?


    Thursday, July 28, 2011 10:05 PM


  • I ended up solving this last night after pulling most of my hair out. It appears that the issue was resolved by setting an SPN up binding the CRM service account to the FQDN URL for my server (I intend for it to be public facing and so this is the externally available URL) and biding the URL to the machine account itself:



    The system log was showing Kerberos failures for the machine account every time I tried to connect which is what sent me in this direction.

    Friday, July 29, 2011 2:42 PM