Remove From My Forums

Cannot Log In

Question
0

Sign in to vote

Login suddenly does not work for all users anymore. When I go to http://crm.[domain].com I get to the usual login page on https://sts.[domain].com:444/... to put in the user name and pwd. However, when trying to sign in I get a pop up window that asks for the username and password again. This did not happen before. After trying to enter the username and password a few time I get to https://auth.[domain].com with the message http error 401 - Unauthorized: Access is denied.

Could it be that some password on the CRM, SQL, etc server has expired for some key service running CRM? If so which account would this be? What else could cause this?

Friday, August 2, 2013 11:03 PM

All replies

0

Sign in to vote

Hi

Can your users login via the internal address?

Cheers

Roshan

Friday, August 2, 2013 11:05 PM
0

Sign in to vote

Roshan, I checked and I get the same error.

Saturday, August 3, 2013 1:02 AM
0

Sign in to vote

I also checked all the links below internally and they come back fine and the login issue happens even internally.

https://sts.[domain].com:444/federationmetadata/2007-06/federationmetadata.xml
   * Looks correct internally.
   * Externally I get something strange:
<ds:digestmethod algorithm="http://www.w3.org/2001/04/xmlenc#sha256"><ds:digestvalue>   FrmryW66Xh...</ds:digestvalue></ds:digestmethod>
   Address<auth:description>The e-mail address of the user</auth:description><auth:claimtype optional="true" uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706"><auth:displayname>Given Name</auth:displayname><auth:description>The
   ...
   https://sts.[domain].com:444/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256
   ....</auth:description></auth:claimtype>

https://internalcrm.[domain].com/federationmetadata/2007-06/federationmetadata.xml
   * Looks fine internally

https://auth.[domain].com/federationmetadata/2007-06/federationmetadata.xml
   * Looks fine internally
   * Looks fine externally

Any help is appreciated

Saturday, August 3, 2013 6:28 PM
0

Sign in to vote

If you take a look at the certificates in ADFS, have they expired or auto rolled over recently? If so, take a look at this KB article which should help.
Neil - My CRM Blog

Sunday, August 4, 2013 1:05 AM

Asked by:

Cannot Log In

Question

All replies