web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Customer experience | Sales, Customer Insights,... / Repeated Login Prompts...
Customer experience | Sales, Customer Insights,...
Answered

Repeated Login Prompts in Chrome & Edge for Dynamics 365 CRM On-Premise (401 Unauthorized)

(2) ShareShare
ReportReport
Posted on by JG-16052054-0 4
Hello,

We're encountering persistent login prompts when accessing our Dynamics 365 CRM On-Premises environment using the latest versions of Google Chrome and Microsoft Edge. The issue does not occur in Firefox.

Environment:
  • CRM version: Dynamics 365 On-Premises
  • Authentication: Windows Authentication (no IFD/ADFS)
  • Deployment: Internal-only, for domain-joined users
  • Browsers:
    • Firefox: Works fine with SSO
    • Chrome & Edge: Repeated login prompts followed by 401 errors
What We've Checked:
  • Windows Authentication is enabled in IIS; NTLM/Negotiate order is correct
  • Anonymous Authentication is disabled
  • Site is added to Local Intranet Zone in Internet Options
  • Tried setting registry keys: AuthServerAllowlist and AuthNegotiateDelegateAllowlist for *.corp.<companyname>.com
  • Restarted browsers and verified settings via chrome://policy and edge://policy
  • Confirmed WWW-Authenticate: NTLM in DevTools
Observed Behavior:
  • Chrome and Edge attempt NTLM, receive a 401 Unauthorized, and prompt for credentials
  • This loop continues despite valid domain credentials
  • Firefox successfully authenticates using the same endpoint

We’re looking for guidance on how to get Chrome and Edge to honor Windows Authentication the same way Firefox does. Any suggestions or recommendations would be appreciated.

Thanks!
 
Categories:
Microsoft Dynamics CRM
63f95571-46e5-466...
I have the same question (0)
  • Verified answer
    Muhammad Shahzad Shafique Profile Picture
    Muhammad Shahzad Sh... 2,373 Most Valuable Professional on at
    1. Ensure Browser Policies Are Set Correctly
    Use Group Policy or registry to define the following for all domain machines:
    Registry (HKLM or HKCU): 
    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\AuthServerAllowlist]
Value = *.corp.<companyname>.com

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\AuthNegotiateDelegateAllowlist]
Value = *.corp.<companyname>.com
    For Edge:
    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\AuthServerAllowlist]
Value = *.corp.<companyname>.com

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\AuthNegotiateDelegateAllowlist]
Value = *.corp.<companyname>.com


    2. Confirm FQDN Access Matches Allowlist
    Ensure users are accessing CRM with the fully qualified domain name (e.g., https://crm.corp.companyname.com) — not just https://crm.

    3. Set SPNs Correctly
    SPNs must be registered under the CRM App Pool Identity (domain user account): 
    setspn -S HTTP/crm.corp.companyname.com DOMAIN\crmserviceaccount
setspn -S HTTP/<serverFQDN> DOMAIN\crmserviceaccount
    4. Enable “Extended Protection” to Off (Test Case)
    In IIS → CRM Site → Authentication > Windows Authentication > Advanced Settings, try disabling Extended Protection (temporarily for testing). Some clients handle this differently.

    5. Add Site to Intranet Zone with Low Security
    • Go to Internet Options > Security > Local Intranet > Sites > Advanced
    • Add: https://crm.corp.companyname.com
    • Ensure “Automatic logon only in Intranet zone” is selected.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Neeraj Kumar – Community Spotlight

We are honored to recognize Neeraj Kumar as our Community Spotlight honoree for…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Customer experience | Sales, Customer Insights, CRM

#1
Tom_Gioielli Profile Picture

Tom_Gioielli 170 Super User 2025 Season 2

#2
#ManoVerse Profile Picture

#ManoVerse 61

#3
Gerardo Rentería García Profile Picture

Gerardo Rentería Ga... 52 Most Valuable Professional

Last 30 days Overall leaderboard

Featured topics

Hide selecting Contact for potential customer when creating quote

Product updates

Dynamics 365 release plans