CRM 2011 Email Router and IFD Deployment Error 61042- Server Does Not Support Secure Connections RRS feed

  • Question

  • We have recently upgraded from CRM 4.0 to 2011 On-Premise. Claims based authentication and IFD are enabled.  An SSL cert is used and installed on CRM and ADFS server.

    I've uninstalled and reinstalled the email router. Tested access -succeeds via Email router config manager. No errors in event viewer. Internal emails working fine.

    With this configuration my Email router was looking at the computer name (name.domain.com) of the Exchange 2007 server instead of the FQDN (mail.domain.com) that is on it's ssl cert.

    Workflows and emails send fine with this configuration, but sending emails to external recipients (contacts) does not go and no errors are recorded.

    If I change the configuration to the FQDN of the email server, no workflows, no emails are sent via crm internally or externally.

    Clients are configured to use only the Email router as an outgoing profile. For incoming they use Outlook. This is due to workflows that are being sent by the administrator.

    In both the outgoing profile and the deployment, a domain admin's credentials are used.

    When we used 4.0 with IFD we had no issues with the configuration and things flowed fine.

    Any help is greatly appreciated.

    Friday, October 12, 2012 4:20 PM

All replies

  • Some of the "official" causes for that sort of error are:

    Microsoft Dynamics CRM relies on the local SMTP server to forward email messages to the Exchange server. This problem occurs for one of the following reasons:

     The SMTP configuration on the Microsoft Dynamics CRM server is not configured to forward email messages to the Exchange server.

    The Exchange server is not configured to allow relay messages from the Microsoft Dynamics CRM server.

    Do you have receive connectors configured on your Hub Transport?

    Since your ussing Exchange 2007, its reccomended that you create a receive connector , then to config it for anonymous use, setup protocol permissions for the receive connector.  The restart the transport service.

    You are going to have to use Adsiedit to setup the permissions.

    Once in there, navigate through the config to Configuration|Services|Exchange| the CN|Administrative Groups|the Exchange admin group|servers|Protocols and then to SMTP receive connectors.

    Go to the properties and the security tab.  Select the anonymous logon option.  Then select
    "Submit messages to any Receipint and Accept authoritive domain sender"

    Then let's restart the service.

    Let us know if it helps.

     Curtis J Spanburgh

    Friday, October 12, 2012 6:05 PM
  • Thank you for the reply. I had gone through Microsoft's documentation for that already.

    Yes, the receive connector on exchange is set to allow relay from the CRM server. Everything was working prior to the IFD implementation. I wil double check the permissions later tonight but nothing has changed from 4.0 to 2011 where Exchange is concerned.

    The difference is that crm is using claims based authentication and all the urls now point to my https://internalcrm.domain.com.

    All the appropriate DNS records are set.

    I have a 3rd party wildcard cert on the crm and adfs servers.

    Dana Berry

    Tuesday, October 16, 2012 4:47 PM