locked
Error on ADFS configuration RRS feed

  • Question

  • Hello everyone,

    I am having difficulties configuring AD FS for CRM 2013 IFD. I managed to get it working initially on a same-server setup, ADFS using port 443 and CRM using 444. Because of a third-party application requirement, I decided to add a virtual network adapter to the server, so both can use port 443 with different IP addresses.

    This is the steps I did since then:

    1. I set the DNS records and IIS bindings accordingly, and tested if the DNS records are resolved correctly

    2. I changed the Web addresses and re-ran the claims configuration wizard in deployment manager (no errors here)

    3. I updated the metadata URL in the ADFS claims relying party, then ran an update from metadata (still no errors)

    4. Now i am not able to resolve the internal URL and the following error comes in ADFS log:

    A token request was received for a relying party identified by the key 'https://crminternal.contoso.com/', but the request could not be fulfilled because the key does not identify any known relying party trust. 
    Key: https://crminternal.contoso.com/ 

    This request failed. 

    User Action 
    If this key represents a URI for which a token should be issued, verify that its prefix matches the relying party trust that is configured in the AD FS configuration database.

    I also tried configuring IFD. The IFD wizard completed successfully on deployment manager, but when I tried to update from the new metadata URL in ADFS relying party, I got the following error:

    An error occurred during an attempt to access the AD FS configuration database: Error message MSIS7612: Each identifier for a relying party trust must be unique across all relying party trusts in AD FS 2.0

    Can you help me out on this one?

    Wednesday, June 18, 2014 1:02 PM