hi all,

got 2 Nav CRM 2015 environment: pre-prod and prod.

I setup successfully Claim Based Auth with ADFS for the pre-prod env but I got an error in prod environment.

(Replaced account name with ****\***** )

The only difference is that in pre-prod CRMAppPool identity is NetworkService, in prod I got a dedicated Domain User (****\***** ).

Tried from localhost and from network including adfs and crm sites into intranet zone.

Thanks in adv.

Event code: 3005 
Event message: An unhandled exception has occurred. 
Event time: 04/03/2019 17:14:50 
Event time (UTC): 04/03/2019 16:14:50 
Event ID: a4abf761461c41269cc07d06e091a2c0 
Event sequence: 30 
Event occurrence: 7 
Event detail code: 0 

Application information: 
Application domain: /LM/W3SVC/2/ROOT-1-131961885301398676 
Trust level: Full 
Application Virtual Path: / 
Application Path: C:\Program Files\Microsoft Dynamics CRM\CRMWeb\ 
Machine name: CRM2K12SRV 

Process information: 
Process ID: 1488 
Process name: w3wp.exe 
Account name: *****\***** 

Exception information: 
Exception type: CrmException 
Exception message: No Microsoft Dynamics CRM user exists with the specified domain name and user ID
at Microsoft.Crm.Authentication.WindowsAuthenticationProvider.QueryForOrganizationId(String userToken)
at Microsoft.Crm.Authentication.WindowsAuthenticationProviderBase.Authenticate(HttpApplication application, WindowsIdentity userIdentity)
at Microsoft.Crm.Authentication.AuthenticationStep.Authenticate(HttpApplication application)
at Microsoft.Crm.Authentication.AuthenticationPipeline.Authenticate(HttpApplication application)
at Microsoft.Crm.Authentication.AuthenticationEngine.Execute(Object sender, EventArgs e)
at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)



Request information: 
Request URL: http://localhost/default.aspx 
Request path: /default.aspx 
User host address: 127.0.0.1 
User: ****\Administrator 
Is authenticated: True 
Authentication Type: Negotiate 
Thread account name: *****\***** 

Thread information: 
Thread ID: 18 
Thread account name: *****\***** 
Is impersonating: True 
Stack trace: at Microsoft.Crm.Authentication.WindowsAuthenticationProvider.QueryForOrganizationId(String userToken)
at Microsoft.Crm.Authentication.WindowsAuthenticationProviderBase.Authenticate(HttpApplication application, WindowsIdentity userIdentity)
at Microsoft.Crm.Authentication.AuthenticationStep.Authenticate(HttpApplication application)
at Microsoft.Crm.Authentication.AuthenticationPipeline.Authenticate(HttpApplication application)
at Microsoft.Crm.Authentication.AuthenticationEngine.Execute(Object sender, EventArgs e)
at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)