locked
Connecting to CRM 2013 through the Discovery Service RRS feed

  • Question

  • Hi everyone,

    I've got a newly built CRM 2013 IFD system and we need to connect up some external software. Most of these are asking for the Discovery Service URL which I've got from CRM. Some of these pieces of software (like the XrmToolbox I got from Codeplex) take this URL and are able to connect up. Others (such as the Plug In Registration tool) will not connect up.

    I have read that a few services need Windows Indentify Framework but, as far as I can tell, this is installed along with .NET 4.5.1 that's already on there.

    Can anyone offer me any advice about anything further I might need to do to get this working? Is there an additional service that I need to enable on the server (Windows Server 2008 R2)?

    Wednesday, September 24, 2014 4:11 PM

Answers

  • This turned out to be nothing more than a domain name issue. The username that I was connecting to was in a different domain to the server, although I'd added the domain name to the plugin registration tool, I also needed to add an '@xxx.com' to the end of the username. Once I'd done this, it connected up.

    Thanks for everyone's help.

    • Marked as answer by Jon_Evans Tuesday, October 21, 2014 9:29 AM
    Tuesday, October 21, 2014 9:29 AM

All replies

  • Hi Jon,

    WIF it's not installed automatically with .NET framework, but if Xrmtoolbox works we can assume it is installed.

    What error did you get exactly with the plugin registration tool? did you try older versions instead of the latest one (6.1.1)?


    My blog: www.crmanswers.net - Rockstar 365 Profile

    Wednesday, September 24, 2014 4:26 PM
  • Hi Guido,

    I think a few of the error messages were wrong connection settings, etc but I think I've got the connections right and the issue is as follows:

    Source	: mscorlib
    Method	: HandleReturnMessagemscorlib
    Date	: 24/09/2014
    Time	: 16:55:07
    Error	: An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail.HandleReturnMessagemscorlib
    Stack Trace	: Server stack trace: 
       at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.ProcessReply(Message reply, SecurityProtocolCorrelationState correlationState, TimeSpan timeout)
       at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
       at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
    
    Exception rethrown at [0]: 
       at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
       at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
       at Microsoft.IdentityModel.Protocols.WSTrust.IWSTrustContract.Issue(Message message)
       at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst, RequestSecurityTokenResponse& rstr)
       at Microsoft.Xrm.Sdk.Client.ServiceConfiguration`1.Issue(AuthenticationCredentials authenticationCredentials)
       at Microsoft.Xrm.Sdk.Client.ServiceConfiguration`1.AuthenticateInternal(AuthenticationCredentials authenticationCredentials)
       at Microsoft.Xrm.Sdk.Client.ServiceConfiguration`1.AuthenticateFederationInternal(AuthenticationCredentials authenticationCredentials)
       at Microsoft.Xrm.Sdk.Client.ServiceConfiguration`1.Authenticate(AuthenticationCredentials authenticationCredentials)
       at Microsoft.Xrm.Tooling.Connector.CrmWebSvc.ClaimsIFDFailOverAuth[T](IServiceManagement`1 servicecfg, Uri homeRealm, ClientCredentials userCredentials, ClientCredentials deviceCredentials, Int32 depthLevel, Boolean tryNetworkCred)
       at Microsoft.Xrm.Tooling.Connector.CrmWebSvc.CreateAndAuthenticateProxy[T](IServiceManagement`1 servicecfg, Uri ServiceUri, Uri homeRealm, ClientCredentials userCredentials, ClientCredentials deviceCredentials, String LogString)
       at Microsoft.Xrm.Tooling.Connector.CrmWebSvc.DiscoverOrganizations(Uri discoveryServiceUri, Uri homeRealmUri, ClientCredentials clientCredentials, ClientCredentials deviceCredentials)
       at Microsoft.Xrm.Tooling.CrmConnectControl.CrmConnectionManager.ValidateServerConnection(CrmOrgByServer selectedOrg)
    ======================================================================================================================
    Inner Exception Level 1	: 
    Source	: Not Provided
    Method	: Not Provided
    Date	: 24/09/2014
    Time	: 16:55:07
    Error	: ID3242: The security token could not be authenticated or authorized.
    Stack Trace	: Not Provided
    ======================================================================================================================
    
    After a bit of Googling, this seems to relate to the IFD settings rather than CRM. But any help would be appreciated.

    Thursday, September 25, 2014 9:02 AM
  • Are you connecting as below

    Using Registration tool to get connection to CRM

    1.In Discovery URL: type as http://dev.domainname.com for example https://dev.thecrmsolutions.com

    2. In User Name: type domain name\username for example thecrmsolutions\sohail

    after click Connect button ti will ask Password enter password and click OK.

    Make sure you type correct url and user name

    and what security roles for the user ??


    Muhammad Sohail

    Thursday, September 25, 2014 12:02 PM
  • Jon,

    this token error went away in my envrinment when I setspn.

    Did you setspn of your adfs domain with your crmapppool account?

    SETSPN –a http/adfsexternal.domain.com domain\crmapppool

    In my envrinment I have also setson for the adfsserver itself with crmapppool

    SETSPN –a http/servername.domainloc.local domain\crmapppool

    The Guide tells that if you have installed all standalone, no spn is required. I have firewall-tmg-3frontends-2backends... so I needed to setspn.


    gruss Daniel Ovadia MBSS - Microsoft Dynamics CRM MCNPS

    • Proposed as answer by Daniel Ovadia Tuesday, October 21, 2014 9:13 AM
    • Unproposed as answer by Daniel Ovadia Tuesday, October 21, 2014 10:28 AM
    Thursday, September 25, 2014 12:21 PM
  • This turned out to be nothing more than a domain name issue. The username that I was connecting to was in a different domain to the server, although I'd added the domain name to the plugin registration tool, I also needed to add an '@xxx.com' to the end of the username. Once I'd done this, it connected up.

    Thanks for everyone's help.

    • Marked as answer by Jon_Evans Tuesday, October 21, 2014 9:29 AM
    Tuesday, October 21, 2014 9:29 AM