Personalized Community is here!
Quickly customize your community to find the content you seek.
Have questions on moving to the cloud? Visit the Dynamics 365 Migration Community today! Microsoft’s extensive network of Dynamics AX and Dynamics CRM experts can help.
2021 Release Wave 2Discover the latest updates and new features releasing from October 2021 through March 2022.
2021 release wave 2 plan
The FastTrack program is designed to help you accelerate your Dynamics 365 deployment with confidence.
FastTrack Program | Finance and Operations TechTalks | Customer Engagement TechTalks | Upcoming TechTalks | All TechTalks
We have a CRM 2011 environment with ADFS configured and all working as expected for multiple incoming domains.
We are working towards deploying CRM 2016 and will be using the same ADFS servers.
Currently we have deployed the UAT CRM 2016 server and configured the relying party trust using the recommended methods from Microsoft.
All production systems are working but when trying to log into the UAT 2016 server through the ADFS portal it only accepts local domain users only. If a remote domain user attempts to login they get to the ADFS portal but then get "an error occurred" message.
Can anyone help with any troubleshooting steps please?
As mentioned, remote domain users can access the production systems fine, but those same users cannot access the UAT 2016 system. All relying party trust and deployment manager settings are configured as expected and metadata updates work with no errors.
Hope you are well and safe.
Would say to start from basics as described on this article:
Check about DNS, certificates, IIS Bindings, IIS AppPool permissions and what exactly exception is coming from ADFS or CRM (using Event Viewer or CRM platform traces).
If you need further help, no hesitate to raise a ticket with Microsoft Support team.
Thanks for the suggestion but none of this was relevant. As stated, everything was working for the production systems and all testing re-ADFS (metadata etc) was working on the new system.
The resolution was that the USER IDs people were logging into in the upgraded CRM DBs were out of sync so causing users to get a login error. There were multiple DBs (environments) on the UAT server and user records in the tables in each DB were not matched correctly to the user IDs coming in.
ADFS was all working correctly, just users were receiving a Username or Password error (we had to use SAML Tracing to find this error out). As those same users were able to log into the production systems we looked intot eh Upgrade process which is where we found the discrepancy.
Business Applications communities