Answered by:
Can't connect Outlook CRM Client to On-Premise
Question
-
I just set up an on-site CRM 2011 server. It is a single server deployment using AD (non-claims based, non internet facing). All users are able to log in and work using IE, but using the same URL in the Outlook configuration wizard returns the error 'There is a problem communicating with the Microsoft Dynamics CRM server. The server might be unavailable. Try again later. If the problem persists, contact your system administrator.'
We are using Outlook 2010. The client computers trying to connect in are not in the domain, just workgroup. The Windows credential manager keeps adding in it's own entry under 'Generic credentials' even if I create an entry under 'Windows Credentials'. I can edit these and put in correct info, but still can't connect. I can pull up the Discovery page listed in the error below just fine in IE.
According to https://blogs.msdn.com/b/webtopics/archive/2009/01/19/service-principal-name-spn-checklist-for-kerberos-authentication-with-iis-7-0.aspx?Redirected=true , the only SPN's needed are the ones that were created automatically.
Thanks for any help.
From the log file:
10:28:03| Info| === Microsoft Dynamics CRM for Outlook Configuration Wizard logging started: 10/24/2012 10:28:03 AM === 10:28:03|Verbose| Method entry: Microsoft.Crm.Application.Outlook.Config.ClientConfig.Initialize 10:28:03| Info| Client Configuration Wizard Version : 5.0.9690.2243 10:28:03| Info| Client Configuration Wizard LanguageID : 1033 10:28:03|Verbose| Method entry: Microsoft.Crm.Application.Outlook.Config.Validator.IsOutlookInitialized 10:28:03| Info| Query all rows in profile table 10:28:03| Info| Outlook is initialized 10:28:03|Verbose| Method exit: Microsoft.Crm.Application.Outlook.Config.Validator.IsOutlookInitialized 10:28:03| Info| Client Configuration Wizard Running Mode : Normal 10:28:03| Info| Configuration file Type : OnPremise. 10:28:03|Verbose| Method entry: Microsoft.Crm.Application.Outlook.Config.ConfigInfo.ConfigInfo 10:28:03|Verbose| Method entry: Microsoft.Crm.Application.Outlook.Config.OutlookCRMDatastoreInstaller.GetAvailableServiceIds 10:28:03| Info| Logon mapi store 10:28:03| Info| Logon admin service 10:28:03|Verbose| Method entry: Microsoft.Crm.Application.Outlook.Config.OutlookCRMDatastoreInstaller.GetServiceIds 10:28:03| Info| Query all rows in msg service table 10:28:03| Info| Adding service id : {d2d65d30-1dc4-4f19-ae40-77ef806fd795} 10:28:03| Info| Adding service id : {13e79ef0-cb01-4041-abb4-cb0eb54dd865} 10:28:03| Info| Adding service id : {fef34a4c-76c1-4b36-b483-9e20434f5dc6} 10:28:03|Verbose| Method exit: Microsoft.Crm.Application.Outlook.Config.OutlookCRMDatastoreInstaller.GetServiceIds 10:28:03|Verbose| Method entry: Microsoft.Crm.Application.Outlook.Config.ConfigInfo.RemoveOrphanDatastoreIfNeeded 10:28:03| Info| Logon mapi store 10:28:03| Info| Logon admin service 10:28:03| Info| Query crm msg services in msg service table. 10:28:03|Verbose| Method exit: Microsoft.Crm.Application.Outlook.Config.ConfigInfo.RemoveOrphanDatastoreIfNeeded 10:28:03|Verbose| Method exit: Microsoft.Crm.Application.Outlook.Config.ConfigInfo.ConfigInfo 10:28:03|Verbose| Method entry: Microsoft.Crm.Application.Outlook.Config.ServerForm.ServerForm 10:28:03|Verbose| Method exit: Microsoft.Crm.Application.Outlook.Config.ServerForm.ServerForm 10:28:03|Verbose| Method entry: Microsoft.Crm.Application.Outlook.Config.ServerForm.SetUIData 10:28:03|Verbose| Method exit: Microsoft.Crm.Application.Outlook.Config.ServerForm.LoadAvailableUrls 10:28:03|Verbose| Method exit: Microsoft.Crm.Application.Outlook.Config.ServerForm.LoadAvailableUrls 10:28:03|Verbose| Method exit: Microsoft.Crm.Application.Outlook.Config.ServerForm.SetUIData 10:28:37|Verbose| Method entry: Microsoft.Crm.Application.Outlook.Config.ServerForm._testConnectionButton_Click 10:28:37|Verbose| Method entry: Microsoft.Crm.Application.Outlook.Config.ServerForm.TestConnection 10:28:37|Verbose| Method exit: Microsoft.Crm.Application.Outlook.Config.ServerForm.TestConnection 10:28:37|Verbose| Method exit: Microsoft.Crm.Application.Outlook.Config.ServerForm._testConnectionButton_Click 10:28:40| Error| Error connecting to URL: http://crm:5555/XRMServices/2011/Discovery.svc Exception: System.ServiceModel.Security.SecurityNegotiationException: The caller was not authenticated by the service. ---> System.ServiceModel.FaultException: The request for security token could not be satisfied because authentication failed. at System.ServiceModel.Security.SecurityUtils.ThrowIfNegotiationFault(Message message, EndpointAddress target) at System.ServiceModel.Security.SspiNegotiationTokenProvider.GetNextOutgoingMessageBody(Message incomingMessage, SspiNegotiationTokenProviderState sspiState) --- End of inner exception stack trace --- Server stack trace: at System.ServiceModel.Security.IssuanceTokenProviderBase`1.DoNegotiation(TimeSpan timeout) at System.ServiceModel.Security.SspiNegotiationTokenProvider.OnOpen(TimeSpan timeout) at System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(TimeSpan timeout) at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.Security.CommunicationObjectSecurityTokenProvider.Open(TimeSpan timeout) at System.ServiceModel.Security.SymmetricSecurityProtocol.OnOpen(TimeSpan timeout) at System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(TimeSpan timeout) at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.Channels.SecurityChannelFactory`1.ClientSecurityChannel`1.OnOpen(TimeSpan timeout) at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout) at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.CallOpenOnce.System.ServiceModel.Channels.ServiceChannel.ICallOnce.Call(ServiceChannel channel, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan timeout, CallOnceManager cascade) at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) at Microsoft.Xrm.Sdk.Discovery.IDiscoveryService.Execute(DiscoveryRequest request) at Microsoft.Xrm.Sdk.Client.DiscoveryServiceProxy.Execute(DiscoveryRequest request) at Microsoft.Crm.Application.Outlook.Config.DeploymentsInfo.DeploymentInfo.LoadOrganizations(AuthUIMode uiMode, Form parentWindow, Credential credentials) at Microsoft.Crm.Application.Outlook.Config.DeploymentsInfo.InternalLoadOrganizations(OrganizationDetailCollection orgs, AuthUIMode uiMode, Form parentWindow) 10:28:41| Error| Error connecting to URL: http://crm:5555/XRMServices/2011/Discovery.svc Exception: System.ServiceModel.Security.SecurityNegotiationException: The caller was not authenticated by the service. ---> System.ServiceModel.FaultException: The request for security token could not be satisfied because authentication failed. at System.ServiceModel.Security.SecurityUtils.ThrowIfNegotiationFault(Message message, EndpointAddress target) at System.ServiceModel.Security.SspiNegotiationTokenProvider.GetNextOutgoingMessageBody(Message incomingMessage, SspiNegotiationTokenProviderState sspiState) --- End of inner exception stack trace --- Server stack trace: at System.ServiceModel.Security.IssuanceTokenProviderBase`1.DoNegotiation(TimeSpan timeout) at System.ServiceModel.Security.SspiNegotiationTokenProvider.OnOpen(TimeSpan timeout) at System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(TimeSpan timeout) at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.Security.CommunicationObjectSecurityTokenProvider.Open(TimeSpan timeout) at System.ServiceModel.Security.SymmetricSecurityProtocol.OnOpen(TimeSpan timeout) at System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(TimeSpan timeout) at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.Channels.SecurityChannelFactory`1.ClientSecurityChannel`1.OnOpen(TimeSpan timeout) at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout) at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.CallOpenOnce.System.ServiceModel.Channels.ServiceChannel.ICallOnce.Call(ServiceChannel channel, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan timeout, CallOnceManager cascade) at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) at Microsoft.Xrm.Sdk.Discovery.IDiscoveryService.Execute(DiscoveryRequest request) at Microsoft.Xrm.Sdk.Client.DiscoveryServiceProxy.Execute(DiscoveryRequest request) at Microsoft.Crm.Application.Outlook.Config.DeploymentsInfo.DeploymentInfo.LoadOrganizations(AuthUIMode uiMode, Form parentWindow, Credential credentials) at Microsoft.Crm.Application.Outlook.Config.DeploymentsInfo.InternalLoadOrganizations(OrganizationDetailCollection orgs, AuthUIMode uiMode, Form parentWindow) 10:28:41| Error| Error connecting to URL: http://crm:5555/XRMServices/2011/Discovery.svc Exception: System.ServiceModel.Security.SecurityNegotiationException: The caller was not authenticated by the service. ---> System.ServiceModel.FaultException: The request for security token could not be satisfied because authentication failed. at System.ServiceModel.Security.SecurityUtils.ThrowIfNegotiationFault(Message message, EndpointAddress target) at System.ServiceModel.Security.SspiNegotiationTokenProvider.GetNextOutgoingMessageBody(Message incomingMessage, SspiNegotiationTokenProviderState sspiState) --- End of inner exception stack trace --- Server stack trace: at System.ServiceModel.Security.IssuanceTokenProviderBase`1.DoNegotiation(TimeSpan timeout) at System.ServiceModel.Security.SspiNegotiationTokenProvider.OnOpen(TimeSpan timeout) at System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(TimeSpan timeout) at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.Security.CommunicationObjectSecurityTokenProvider.Open(TimeSpan timeout) at System.ServiceModel.Security.SymmetricSecurityProtocol.OnOpen(TimeSpan timeout) at System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(TimeSpan timeout) at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.Channels.SecurityChannelFactory`1.ClientSecurityChannel`1.OnOpen(TimeSpan timeout) at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout) at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.CallOpenOnce.System.ServiceModel.Channels.ServiceChannel.ICallOnce.Call(ServiceChannel channel, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan timeout, CallOnceManager cascade) at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) at Microsoft.Xrm.Sdk.Discovery.IDiscoveryService.Execute(DiscoveryRequest request) at Microsoft.Xrm.Sdk.Client.DiscoveryServiceProxy.Execute(DiscoveryRequest request) at Microsoft.Crm.Application.Outlook.Config.DeploymentsInfo.DeploymentInfo.LoadOrganizations(AuthUIMode uiMode, Form parentWindow, Credential credentials) at Microsoft.Crm.Application.Outlook.Config.DeploymentsInfo.InternalLoadOrganizations(OrganizationDetailCollection orgs, AuthUIMode uiMode, Form parentWindow) 10:28:42| Error| Error connecting to URL: http://crm:5555/XRMServices/2011/Discovery.svc Exception: System.ServiceModel.Security.SecurityNegotiationException: The caller was not authenticated by the service. ---> System.ServiceModel.FaultException: The request for security token could not be satisfied because authentication failed. at System.ServiceModel.Security.SecurityUtils.ThrowIfNegotiationFault(Message message, EndpointAddress target) at System.ServiceModel.Security.SspiNegotiationTokenProvider.GetNextOutgoingMessageBody(Message incomingMessage, SspiNegotiationTokenProviderState sspiState) --- End of inner exception stack trace --- Server stack trace: at System.ServiceModel.Security.IssuanceTokenProviderBase`1.DoNegotiation(TimeSpan timeout) at System.ServiceModel.Security.SspiNegotiationTokenProvider.OnOpen(TimeSpan timeout) at System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(TimeSpan timeout) at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.Security.CommunicationObjectSecurityTokenProvider.Open(TimeSpan timeout) at System.ServiceModel.Security.SymmetricSecurityProtocol.OnOpen(TimeSpan timeout) at System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(TimeSpan timeout) at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.Channels.SecurityChannelFactory`1.ClientSecurityChannel`1.OnOpen(TimeSpan timeout) at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout) at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.CallOpenOnce.System.ServiceModel.Channels.ServiceChannel.ICallOnce.Call(ServiceChannel channel, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan timeout, CallOnceManager cascade) at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) at Microsoft.Xrm.Sdk.Discovery.IDiscoveryService.Execute(DiscoveryRequest request) at Microsoft.Xrm.Sdk.Client.DiscoveryServiceProxy.Execute(DiscoveryRequest request) at Microsoft.Crm.Application.Outlook.Config.DeploymentsInfo.DeploymentInfo.LoadOrganizations(AuthUIMode uiMode, Form parentWindow, Credential credentials) at Microsoft.Crm.Application.Outlook.Config.DeploymentsInfo.InternalLoadOrganizations(OrganizationDetailCollection orgs, AuthUIMode uiMode, Form parentWindow) 10:28:42| Error| Error connecting to URL: http://crm:5555/XRMServices/2011/Discovery.svc Exception: System.ServiceModel.Security.SecurityNegotiationException: The caller was not authenticated by the service. ---> System.ServiceModel.FaultException: The request for security token could not be satisfied because authentication failed. at System.ServiceModel.Security.SecurityUtils.ThrowIfNegotiationFault(Message message, EndpointAddress target) at System.ServiceModel.Security.SspiNegotiationTokenProvider.GetNextOutgoingMessageBody(Message incomingMessage, SspiNegotiationTokenProviderState sspiState) --- End of inner exception stack trace --- Server stack trace: at System.ServiceModel.Security.IssuanceTokenProviderBase`1.DoNegotiation(TimeSpan timeout) at System.ServiceModel.Security.SspiNegotiationTokenProvider.OnOpen(TimeSpan timeout) at System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(TimeSpan timeout) at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.Security.CommunicationObjectSecurityTokenProvider.Open(TimeSpan timeout) at System.ServiceModel.Security.SymmetricSecurityProtocol.OnOpen(TimeSpan timeout) at System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(TimeSpan timeout) at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.Channels.SecurityChannelFactory`1.ClientSecurityChannel`1.OnOpen(TimeSpan timeout) at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout) at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.CallOpenOnce.System.ServiceModel.Channels.ServiceChannel.ICallOnce.Call(ServiceChannel channel, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan timeout, CallOnceManager cascade) at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) at Microsoft.Xrm.Sdk.Discovery.IDiscoveryService.Execute(DiscoveryRequest request) at Microsoft.Xrm.Sdk.Client.DiscoveryServiceProxy.Execute(DiscoveryRequest request) at Microsoft.Crm.Application.Outlook.Config.DeploymentsInfo.DeploymentInfo.LoadOrganizations(AuthUIMode uiMode, Form parentWindow, Credential credentials) at Microsoft.Crm.Application.Outlook.Config.DeploymentsInfo.InternalLoadOrganizations(OrganizationDetailCollection orgs, AuthUIMode uiMode, Form parentWindow) 10:28:42| Error| Exception : The caller was not authenticated by the service. Server stack trace: at System.ServiceModel.Security.IssuanceTokenProviderBase`1.DoNegotiation(TimeSpan timeout) at System.ServiceModel.Security.SspiNegotiationTokenProvider.OnOpen(TimeSpan timeout) at System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(TimeSpan timeout) at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.Security.CommunicationObjectSecurityTokenProvider.Open(TimeSpan timeout) at System.ServiceModel.Security.SymmetricSecurityProtocol.OnOpen(TimeSpan timeout) at System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(TimeSpan timeout) at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.Channels.SecurityChannelFactory`1.ClientSecurityChannel`1.OnOpen(TimeSpan timeout) at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout) at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.CallOpenOnce.System.ServiceModel.Channels.ServiceChannel.ICallOnce.Call(ServiceChannel channel, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan timeout, CallOnceManager cascade) at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message) Exception rethrown at [0]: at Microsoft.Crm.Application.Outlook.Config.DeploymentsInfo.LoadOrganizations(AuthUIMode uiMode, Form parentWindow) at Microsoft.Crm.Application.Outlook.Config.ServerForm.LoadOrganizations(Boolean forceUI) at Microsoft.Crm.Application.Outlook.Config.ServerForm.<InitializeBackgroundWorkers>b__0(Object sender, DoWorkEventArgs e) at System.ComponentModel.BackgroundWorker.OnDoWork(DoWorkEventArgs e) at System.ComponentModel.BackgroundWorker.WorkerThreadStart(Object argument) 10:28:42| Error| Exception : The request for security token could not be satisfied because authentication failed. at System.ServiceModel.Security.SecurityUtils.ThrowIfNegotiationFault(Message message, EndpointAddress target) at System.ServiceModel.Security.SspiNegotiationTokenProvider.GetNextOutgoingMessageBody(Message incomingMessage, SspiNegotiationTokenProviderState sspiState)
Wednesday, October 24, 2012 3:50 PM
Answers
-
You may need to either make get the machines on the domain or set up IFD
https://community.dynamics.com/product/crm/f/117/p/31476/54189.aspx#54189
http://social.microsoft.com/Forums/zh/crm/thread/bde454cd-1979-469e-aa29-f415162d868e
Jason Lattimer
My Blog - Follow me on Twitter - LinkedIn- Proposed as answer by JLattimerMVP, Moderator Tuesday, October 30, 2012 1:14 PM
- Marked as answer by Atboom Wednesday, October 31, 2012 8:25 PM
Tuesday, October 30, 2012 1:14 PMModerator -
Well, I was able to get everyone logged in using Outlook CRM.
Since their workstations aren't on the domain, I was going to go through the IFD setup, but got hung up on the certificate part. I was using a self-signed certificate generated on the server running CRM and when users were trying to test the connection, the wizard would error out. After some reading, if the user would have gone through IE, they would be presented with the notice that the certificate is not signed, blah blah bla, and would have to select to continue to the website. That was more or less the same thing that the configuration wizard was seeing, only instead of selecting to continue, it would just error out.
To get past the error about the user not being authenticated, I had to have the users log in via IE and tell it to store credentials. Only then would it successfully authenticate.
- Marked as answer by Atboom Wednesday, October 31, 2012 8:25 PM
Wednesday, October 31, 2012 8:24 PM
All replies
-
Check your CRM site in IIS - do you have any other bindings besides port 5555 - like 80? If you are connecting via port 5555 try removing the binding to port 80. Ideally there should only be one http and one https (if required) binding present.
Jason Lattimer
My Blog - Follow me on Twitter - LinkedInWednesday, October 24, 2012 3:58 PMModerator -
I have IIS set up with just 1 binding, and
Thanks for the reply.
that is http on port 5555. I would
like to eventually move it to https, but we were going to worry about
that at a later time after we can get everything up and running properly
first. I forgot to
mention that I had looked at the bindings.Wednesday, October 24, 2012 6:48 PM -
Still unable to connect using Outlook. Anyone able to shed some light on this?Tuesday, October 30, 2012 1:06 PM
-
You may need to either make get the machines on the domain or set up IFD
https://community.dynamics.com/product/crm/f/117/p/31476/54189.aspx#54189
http://social.microsoft.com/Forums/zh/crm/thread/bde454cd-1979-469e-aa29-f415162d868e
Jason Lattimer
My Blog - Follow me on Twitter - LinkedIn- Proposed as answer by JLattimerMVP, Moderator Tuesday, October 30, 2012 1:14 PM
- Marked as answer by Atboom Wednesday, October 31, 2012 8:25 PM
Tuesday, October 30, 2012 1:14 PMModerator -
Well, I was able to get everyone logged in using Outlook CRM.
Since their workstations aren't on the domain, I was going to go through the IFD setup, but got hung up on the certificate part. I was using a self-signed certificate generated on the server running CRM and when users were trying to test the connection, the wizard would error out. After some reading, if the user would have gone through IE, they would be presented with the notice that the certificate is not signed, blah blah bla, and would have to select to continue to the website. That was more or less the same thing that the configuration wizard was seeing, only instead of selecting to continue, it would just error out.
To get past the error about the user not being authenticated, I had to have the users log in via IE and tell it to store credentials. Only then would it successfully authenticate.
- Marked as answer by Atboom Wednesday, October 31, 2012 8:25 PM
Wednesday, October 31, 2012 8:24 PM -
Hi Atboom ,
Please refer this article for your issure
http://support.microsoft.com/kb/2502671
Thanks & Regards Dhamodharan R
Friday, November 2, 2012 6:52 AM -
I hit this error trying to setup CRM 2013 On Prem to a personal computer not on the domain as you state. I also was using IE to get to CRM fine, but Outlook was not connecting.
I connect to Exchange via OWA, and CRM with admin. That was creating a stored credentials issue. My Outlook was me, but CRM was domain admin.
to fix this, I had to remove all storedd creds from Windows having to pertain to CRM.
Start > Type "Credentials Manager" > look through list to find CRM items > set all to your personal creds (domainname/username)
reference - https://uwaterloo.ca/information-systems-technology/services/nexus/nexus-troubleshooting-guide/clearing-cachedsaved-windows-credentials
Monday, February 27, 2017 2:04 PM
