web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Microsoft Dynamics CRM (Archived) / Installing Dev system ...
Microsoft Dynamics CRM (Archived)

Installing Dev system with ADFS3 and IFD on same domain as live CRM

(0) ShareShare
ReportReport
Posted on by Pete_N 1,703

I have been battling with this for  weeks now and always get the same error when trying to configure the IFD.

We have a live CRM system with ADFS 3.0 and IFD configured which works fine.

I want to install a development system with external access. Do i need a WAP server? can anybody point me i the direction of an idiots guide to setting this up, bearing in mind that both Live and Dev systems will be on the same domain

Fort my dev system i have access to 3 windows 2012R2 servers One with external Ip addresses

*This post is locked for comments

I have the same question (0)
  • Ragnar Hilmarsson Profile Picture
    Ragnar Hilmarsson 3,427 on at

    Hi

    Is your dev environment on separate server and deployment ?

    You can user same ADFS if DNS names are not the same.

  • Pete_N Profile Picture
    Pete_N 1,703 on at

    HI,

    I have tried following this link to set up .  www.interactivewebs.com/.../how-to-set-up-crm-2015-ifd-on-windows-2012-and-adfs-3-0

    The set up is, 1 windows 2012R2 server, with 2 virtual servers One VS with SQL 2014 and the other to host CRM2015 & ADFS3. Everything works up to the point that I try and configure the IFD. I get an error stating that the endpoints have to be unique. The External Ip addresses , internal addresses and DNS names are different to the live servers. Only thing I can think of which may be causing the problem would be the accounts I have the services running on. I will try resetting everything up again today with new active directory accounts and see if that resolves the issue. any other pointers would be very helpful

  • Verified answer
    David Jennaway Profile Picture
    David Jennaway 14,065 on at

    At what point do you get the error when setting this up ? Is it within the configuration within ADFS, or in one of the CRM wizards in Deployment Manager ?

    It should be possible to get this to work, but it's not a configuration I'd normally recommend. I'd normally go with either of these approaches:

    1. Use the same deployment for Live and Dev, but using different CRM organisations. In this case, there's nothing extra to setup, as IFD is part of the deployment
    2. Have further separation between Live and Dev, with a separate ADFS farm/server for Dev, as well as a separate CRM deployment. This would remove any ADFS dependencies between Live and Dev
  • Pete_N Profile Picture
    Pete_N 1,703 on at

    Hi David

    Thanks for the feedback. I am building two new VS server and basically following your option 2. I will come back to you when I either get the error or it works

  • Pete_N Profile Picture
    Pete_N 1,703 on at

    Hi David,

    I finally managed to get back onto this project. I have a development server running VS servers for SQL and for CRM / ADFS , ie your option 2 setup.

    I am coming up with the error 'An error occurred during an attempt to access the AD FS configuration database. Error message : MSIS7612: Each identifier for a relying party trust must be unique across all relaying trusts in AD FS configuration'

    This error is displayed whilst following this thread www.interactivewebs.com/.../how-to-set-up-crm-2015-ifd-on-windows-2012-and-adfs-3-0.  I get to the section ADFS Relying Party Trust for the IFD Endpoint , and when trying at step 2

    Step 2: On the Select Data Source page, click Import data about the relying party published online or on a local network, and then type the URL to locate the federationmetadata.xml file. This federation metadata is created during IFD Setup.

    Log from the ADFS Even viewer

    Event Xml:

    <Event xmlns="schemas.microsoft.com/.../event&quot;>

     <System>

       <Provider Name="AD FS" Guid="{2FFB687A-1571-4ACE-8550-47AB5CCAE2BC}" />

       <EventID>364</EventID>

       <Version>0</Version>

       <Level>2</Level>

       <Task>0</Task>

       <Opcode>0</Opcode>

       <Keywords>0x8000000000000001</Keywords>

       <TimeCreated SystemTime="2015-11-26T16:12:53.952964400Z" />

       <EventRecordID>33</EventRecordID>

       <Correlation ActivityID="{00000000-0000-0000-3F00-0080000000FD}" />

       <Execution ProcessID="1560" ThreadID="4280" />

       <Channel>AD FS/Admin</Channel>

       <Computer>DEV001.********.*****</Computer>

       <Security UserID="S-1-5-21-348858520-2694446665-60202977-1389" />

     </System>

     <UserData>

       <Event xmlns="schemas.microsoft.com/.../Events&quot;>

         <EventData>

           <Data>wsfed</Data>

           <Data>https://pfinternal.*******.**.**/</Data>

           <Data>Microsoft.IdentityServer.Web.InvalidScopeException: MSIS7007: The requested relying party trust 'https://pfinternal.******.***.***/' is unspecified or unsupported. If a relying party trust was specified, it is possible that you do not have permission to access the trust relying party. Contact your administrator for details.

      at Microsoft.IdentityServer.Web.Protocols.WSFederation.WSFederationSignInContext.Validate()

      at Microsoft.IdentityServer.Web.Protocols.WSFederation.WSFederationProtocolHandler.GetRequiredPipelineBehaviors(ProtocolContext pContext)

      at Microsoft.IdentityServer.Web.PassiveProtocolListener.OnGetContext(WrappedHttpListenerContext context)

    </Data>

         </EventData>

       </Event>

     </UserData>

    </Event>

    have you any pointers that may help

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Neeraj Kumar – Community Spotlight

We are honored to recognize Neeraj Kumar as our Community Spotlight honoree for…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > 🔒一 Microsoft Dynamics CRM (Archived)

#1
SA-08121319-0 Profile Picture

SA-08121319-0 4

#1
Calum MacFarlane Profile Picture

Calum MacFarlane 4

#3
Alex Fun Wei Jie Profile Picture

Alex Fun Wei Jie 2

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans