locked
CRM 2011 outlook client ADFS setup/login error RRS feed

  • Question

  • Hi all,

    I've seen a few posts on here regarding issues with the outlook client for CRM 2011 throwing errors while the external web access works fine with the same authentication but I've not yet seen anything which resolves the issue for me or shows the same error in the log so thought it best to start a new thread. 

    I'm using windows 8 CP and have confirmed with others that after enabling windows identity foundation 3.5 the outlook plugin works fine (see here: http://nzregs.wordpress.com/2012/03/27/outlook-client-for-crm-2011-on-windows-8-consumer-preview/)

    After enabling Windows Identity Foundation 3.5 I expected things to run smooth, but I' still getting the dreaded "cannot connect to Microsoft dynamics crm as we cannot authenticate your credentials......." error so I turned on tracing and found the following:

    • >Exception during Signin System.ServiceModel.EndpointNotFoundException: There was no endpoint listening at http://adfs.dixxxxxxxxxxxns.uk.com/adfs/services/trust/13/username that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details. ---> System.Net.WebException: Unable to connect to the remote server ---> System.Net.Sockets.SocketException: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 82.xxx.xxx.155:80

    Now I dont understand why a connection is being tried on port 80 for authentication, but surely this should be using port 443 just like the web interface login? 

    We only have port 443 open for ADFS, can someone offer any help?

    Friday, April 13, 2012 11:19 AM

Answers

  • Hi and thanks for the reply, I managed to get this working in the end. 

    For some reason the CRM application server was 6 minutes out of time sync with all the other severs in the domain even though they were all setup to sync with domain hierarchy. 

    I re synced time, made sure it was updated and tried again and all was well. 

    What made me look further on the server was my office PC (with outlook crm plugin setup, domain joined and local to the server) started also throwing an auth error, and in the trace logs for that PC there was a message about the server's time being in the future. 

    Thanks again.

    • Marked as answer by Paul A Jones Thursday, April 19, 2012 6:25 AM
    Thursday, April 19, 2012 6:24 AM

All replies

  • Do you know which version of crm you are trying to hit against?  And do you have any other orgs configured to your outlook client? You are right in that the auth should only be happening on 443.  Do you have any proxies setup ?  Or changes in your host file?

    Also, can you give us the call stack around the exceptioin you saw?

    --Jerry [msft]

    Wednesday, April 18, 2012 11:28 PM
  • Hi and thanks for the reply, I managed to get this working in the end. 

    For some reason the CRM application server was 6 minutes out of time sync with all the other severs in the domain even though they were all setup to sync with domain hierarchy. 

    I re synced time, made sure it was updated and tried again and all was well. 

    What made me look further on the server was my office PC (with outlook crm plugin setup, domain joined and local to the server) started also throwing an auth error, and in the trace logs for that PC there was a message about the server's time being in the future. 

    Thanks again.

    • Marked as answer by Paul A Jones Thursday, April 19, 2012 6:25 AM
    Thursday, April 19, 2012 6:24 AM