SBX - Search With Button

SBX - Forum Post Title

XRMToolBox Connection String Error to 365 with MFA

Microsoft Dynamics CRM Forum

DianeF1 asked a question on 31 Jul 2017 8:26 AM
My Badges

Question Status

Verified

We are new to the online 365.  I am trying to connect the newest version of XRMToolBox and have a question.  Per guidance on the XRMToolBox site I am to use a connection string and define the application in Azure AD.

Connection String:

Azure Settings

When we log on to XRM with the connection string we are prompted with MFA to logon before we fail.  The XRM log states:

Microsoft.Xrm.Tooling.Connector.CrmServiceClient	Error	2	7/31/2017 8:08:14 AM  Source	: Microsoft.IdentityModel.Clients.ActiveDirectory
Method	: RunAsyncTask
Date	: 7/31/2017
Time	: 8:08:14 AM
Error	: AADSTS70002: The request body must contain the following parameter: 'client_secret or client_assertion'.
Trace ID: 28e1ee4c-9a9f-4c33-a5b3-6c4c2b840f00
Correlation ID: 53544b5c-8fdc-4be5-94f0-6764a3adf89f
Timestamp: 2017-07-31 13:08:13Z
Stack Trace	: at Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext.RunAsyncTask[T](Task`1 task)
   at Microsoft.Xrm.Tooling.Connector.CrmWebSvc.ExecuteAuthenticateServiceProcess(Uri serviceUrl, ClientCredentials clientCredentials, UserIdentifier user, String clientId, Uri redirectUri, PromptBehavior promptBehavior, String tokenCachePath, Boolean isOnPrem, String authority, Uri& targetServiceUrl, AuthenticationContext& authContext, String& resource)
   at Microsoft.Xrm.Tooling.Connector.CrmWebSvc.DiscoverOrganizations(Uri discoveryServiceUri, ClientCredentials clientCredentials, UserIdentifier user, String clientId, Uri redirectUri, PromptBehavior promptBehavior, String tokenCachePath, Boolean isOnPrem, String authority)
   at Microsoft.Xrm.Tooling.Connector.CrmWebSvc.QueryLiveDiscoveryServer(Uri discoServer)
   at Microsoft.Xrm.Tooling.Connector.CrmWebSvc.FindCrmOnlineDiscoveryServer(CrmOnlineDiscoveryServers onlineServerList, Boolean useO365Servers)
   at Microsoft.Xrm.Tooling.Connector.CrmWebSvc.InitCRM2011Service()
======================================================================================================================
Inner Exception Level 1	: 
Source	: System
Method	: GetResponse
Date	: 7/31/2017
Time	: 8:08:14 AM
Error	: The remote server returned an error: (401) Unauthorized.
Stack Trace	: at System.Net.HttpWebRequest.GetResponse()
   at Microsoft.IdentityModel.Clients.ActiveDirectory.HttpWebRequestWrapper.<GetResponseSyncOrAsync>d__2.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at Microsoft.IdentityModel.Clients.ActiveDirectory.HttpHelper.<SendPostRequestAndDeserializeJsonResponseAsync>d__0`1.MoveNext()
======================================================================================================================

Microsoft.Xrm.Tooling.Connector.CrmServiceClient	Error	2	7/31/2017 8:08:14 AM  Unable to Login to Dynamics CRM



Any thoughts on what we have missed in our configuration?

Regards,

Diane

Reply
Andreas Cieslik responded on 31 Jul 2017 8:53 AM
My Badges
Verified Answer

This states how to configure:

github.com/.../Connecting-to-a-Microsoft-Dynamics-CRM-deployment

and this for the app registration in Azure:

msdn.microsoft.com/.../mt622431.aspx

Reply
DianeF1 responded on 31 Jul 2017 2:14 PM
My Badges
Verified Answer

Andreas,

Thank you for the links.  We validated the Azure settings and found that the admin had created a WEB entry and not a Native Application entry.  

So for anyone else when trying to debug the issues

  • Create Native Client Application Entry in Azure
  • Ensure your Azure admin grants permission to MS Dynamics
  • Provide the Client Id generated on Save for use in the connection string

On XRMToolBox use a connection string such as below:

  • AuthType=OAuth;Url=<put your Dynamics 365 URL here>;AppID=<put your client id here>;RedirectUri=http://www.xrmtoolbox.com;TokenCacheStorePath=C:\Temp;LoginPrompt=Always

Diane

Reply
Andreas Cieslik responded on 31 Jul 2017 8:53 AM
My Badges
Verified Answer

This states how to configure:

github.com/.../Connecting-to-a-Microsoft-Dynamics-CRM-deployment

and this for the app registration in Azure:

msdn.microsoft.com/.../mt622431.aspx

Reply
DianeF1 responded on 31 Jul 2017 2:14 PM
My Badges
Verified Answer

Andreas,

Thank you for the links.  We validated the Azure settings and found that the admin had created a WEB entry and not a Native Application entry.  

So for anyone else when trying to debug the issues

  • Create Native Client Application Entry in Azure
  • Ensure your Azure admin grants permission to MS Dynamics
  • Provide the Client Id generated on Save for use in the connection string

On XRMToolBox use a connection string such as below:

  • AuthType=OAuth;Url=<put your Dynamics 365 URL here>;AppID=<put your client id here>;RedirectUri=http://www.xrmtoolbox.com;TokenCacheStorePath=C:\Temp;LoginPrompt=Always

Diane

Reply

SBX - Two Col Forum

SBX - Migrated JS