Happy New Year!
Over the Christmas break I though it would be a good time to rebuild/reconfigure our development environment. This is something that I hope to blog about later.
One of the things that I needed to do was to setup CRM 2011 Internet Facing Deployment (IFD) to allow the team to have quick and easy access to the dev orgs without dealing with VPN and RDP issues and performance.
Setting up CRM IFD is something that I have done a number of times and each time it seems that I learn (ie- have issues) something new.
CRM 2011 requires the use of Active Directory Federation Services (ADFS), SSL certificates and a LOT of patience.
If anyone were to build a tool that you put in your basic parameters (CRM server name, IP addresses, etc) and have it generate appropriate batch files, powershell scripts and checklists to setup CRM 2011 IFD, there would be a lot of premium beer in it for you.
I have found that good step by step guide for setting up CRM 2011 IFD can be found here: http://www.interactivewebs.com/blog/index.php/server-tips/microsoft-crm-2011-how-to-configure-ifd-hosted-setup/
I have a few notes on my well worn printed out copy, notably that the "setspn" commands need to be run on the CRM server, and the "Transform Windows Account Name to Name" rule in ADFS you need to choose "*Name" (blog posts indicates just "Name") and a few extra IISResets along the way, still, without that blog article, I might still be pulling my hair out.
On my new dev enviroment, I installed CRM 2011, I used the slipstreamed install with Rollup 6 embedded. I also applied Rollup 11 to keep things up to date (at time of this blog, Rollup 12 was not yet released).
After fighting my way throught this, I ended up getting an "Unexpected Error" when trying to connect to CRM either via the internal or external claims based endpoints. I was still able to get in via http://servername:port locally.
Digging deeper, I found in the event log that I had unhandled exception error, digging deeper I saw the details "Exception message: Could not find GUID for server: XRM2011$ With SearchFilter:samAccountName"
Thanks to Google, I found this posting:
http://community.dynamics.com/product/crm/f/117/t/93178.aspx
Essentially, you need to do the following steps (cut and pasted from article):
Change the Anonymous user identity of IIS Anonymous Authentication Credentials to Application pool Identity option:
1. On the CRM server, open the Internet Information Services (IIS) Manager;
2. In IIS Manager, click the CRM site;
3. In the Features View, double-click Authentication;
4. Select Anonymous Authentication , and then click Edit in the Actions pane;
5. In the Edit Anonymous Authentication Credentials dialog box, click the Application pool Identity , and then click Ok;
6. Do an IISRESET on CRM and ADFS server.
My situation Resolved!
Kudos to the contributors to the posting above. Apparently there will be a hotfix and Rollup 12 will also address this.
Hope this helps!
Cheers
Nick
Thanks for the post! I'm a business owner so I can tell you firsthand how hard operating a company can be. In addition to utilize business management software, I also
ReplyDeleteturned to a proposal writing outsource to create needed documents. I recommend any business owner who's struggling with getting tasks done to make use of the many business management tools available.
Hi,
ReplyDeletedo you remember which setspn commands you had to execute? I'm currently struggling to get custom reports working.
Thanks in advance!