Authenticate users with Microsoft Dynamics CRM 2011 (IFD) through code (C#). RRS feed

  • Question

  • I have internet facing Dynamics CRM 2011 deployment on Rollup 17 hosted in Azure.

    The deployment was configured according to the guide provided on Microsoft website (http://www.microsoft.com/en-us/download/details.aspx?id=41701).

    When accessing the application the authentication through ADFS works fine and I can access it successfully.

    I'm also trying to build a custom web application that will connect to the CRM. I've downloaded CRM 2011 SDK and tried to run the sample code found in \SDK\SampleCode\CS\QuickStart. However, the authentication fails with the following error:

    The request channel timed out while waiting for a reply after 00:00:59.9969195. Increase the timeout value passed to the call to Request or increase the SendTimeout value on the Binding. The time allotted to this operation may have been a portion of a longer timeout.

    When going to inner exception details I can see:

    The HTTP request to 'http://sts1.mydomain.com.au/adfs/services/trust/13/username' has exceeded the allotted timeout of 00:01:00. The time allotted to this operation may have been a portion of a longer timeout.

    I'm trying to figure out why is it trying to access the username endpoint through HTTP. When I open port 80 on my ADFS server it woks fine and I can authenticate. However, I don't want to have port 80 open and I want all the communication to go through HTTPS!!

    I've tried all the potential solutions found by Google but to no avail.

    Any help will be greatly appreciated.

    • Edited by Garusinho Friday, September 5, 2014 12:55 AM
    Friday, September 5, 2014 12:53 AM

All replies

  • The call to 'http://sts1.mydomain.com.au/adfs/services/trust/13/username' is because this is an endpoint defined in ADFS, which is used by CRM. I would expect it would be possible to change the protocol used for these endpoints, but it may be best asking in the ADFS forum if this is a viable approach

    Microsoft CRM MVP - http://mscrmuk.blogspot.com/ http://www.excitation.co.uk

    Monday, September 8, 2014 1:05 PM
  • We've worked with Microsoft Support guys, and they replicated our environment in order to see what's going on. However, for them the authentication request was going to the usernamemixedendpoint which supposedly was the correct behavior as it uses HTTPS.

    After some testing we decided to disable the username endpoint and to our surprise, the requests started to go to the usernamemixed endpoint and it's all working fine now.

    So, not sure why it didn't use the usernamemixed endpoint straight away as for the MS Support guys, but after disabling the username endpoint. The only difference I can see is that they used Windows Server 2012 R2 and we are using Windows Server 2012.

    Sunday, February 22, 2015 11:09 AM