Share
Report
55Hi all
I'm trying to connect my dynamics 365 organization with a SharePoint 2019 instance.
I was going step by step following the instruction from the MSDN (https://docs.microsoft.com/en-us/dynamics365/customerengagement/on-premises/admin/on-prem-server-based-sharepoint-on-prem?view=op-9-1#other-prerequisites-and-limitations)
There we no errors, everything was successfully, but as result, I got the 401 exception (The remote server returned an error: (401) Unauthorized.)
I've found a lot of solutions in this community regarding it but they didn't helped
All the prerequisites have been met. A domain is the same. ADFS is 3.0
User in the CRM already has the sharepoint email field and value.
When I'm trying to validate the SP site in the Settings -> Document Management -> SharePoint sites, I'm getting the same error.
Here is my PowerShell script on the SP side:
Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.
PS C:\Windows\system32> Add-PSSnapin Microsoft.SharePoint.PowerShell
PS C:\Windows\system32> $c = Get-SPSecurityTokenServiceConfig
PS C:\Windows\system32> $c.AllowMetadataOverHttp = $true
PS C:\Windows\system32> $c.AllowOAuthOverHttp= $true
PS C:\Windows\system32> $c.Update()
PS C:\Windows\system32> New-SPTrustedSecurityTokenIssuer -Name "demo91" -IsTrustBroker:$false -MetadataEndpoint demo91.*********.com/.../json
New-SPTrustedSecurityToken
IsSelfIssuer : True
NameId : 00000007-0000-0000-c000-000000000000@066e2dd5-****-****-****-********082e
RegisteredIssuerName : 00000007-0000-0000-c000-000000000000@066e2dd5-****-****-****-********082e
AuthorizationEndPointUri :
EndSessionEndPointUri :
TokenEndPointUri :
DefaultClientIdentifier :
ScopedClientIdentifier : {}
IdentityClaimTypeInformation : Microsoft.SharePoint.Administration.Claims.SPTrustedClaimTypeInformation
Description :
SigningCertificate : [Subject]
CN=*.*********.com
[Issuer]
CN=******** ** - ****** - **, *=********** **-**, *=**
[Serial Number]
************************
[Not Before]
24.10.2021 13:10:06
[Not After]
25.11.2022 12:10:06
[Thumbprint]
****************************************
AdditionalSigningCertificates : {}
MetadataEndPoint : demo91.*********.com/.../json
IsAutomaticallyUpdated : True
Name : demo91
TypeName : Microsoft.SharePoint.Administration.Claims.SPTrustedSecurityTokenService
DisplayName : demo91
Id : d32a4542-****-****-****-********4285
Status : Online
Parent : SPSecurityTokenServiceManager Name=SecurityTokenServiceManager
Version : 693576
DeploymentLocked : False
Properties : {}
Farm : SPFarm Name=SharePoint_Config
UpgradedPersistedProperties : {}
PS C:\Windows\system32> $CrmRealmId = "066e2dd5--****-****-****-********082e"
PS C:\Windows\system32> $Identifier = "00000007-0000-0000-c000-000000000000@" + $CrmRealmId
PS C:\Windows\system32> $site = Get-SPSite "">dev03.*********.com/.../crmtest"
PS C:\Windows\system32> Register-SPAppPrincipal -site $site.RootWeb -NameIdentifier $Identifier -DisplayName "demo91"
NameIdentifier EncodedNameIdentifier
-------------- ---------------------
00000007-0000-0000-c000-000000000000@066e2dd5-****-****-****-********082e i:0i.t|ms.sp.ext|00000007-0000-0000-c000-0...
PS C:\Windows\system32> $app = Get-SPAppPrincipal -NameIdentifier $Identifier -Site $site.Rootweb
PS C:\Windows\system32> Set-SPAppPrincipalPermission -AppPrincipal $app -Site $site.Rootweb -Scope "sitecollection" -Right "FullControl" -EnableAppOnlyPolicy
Set-SPAppPrincipalPermission -AppPrincipal $app -Site $site.Rootweb -Scope "sitecollection" -Right "FullControl" -EnableAppOnlyPolicy
PS C:\Windows\system32> New-SPClaimTypeMapping -IncomingClaimType "">schemas.xmlsoap.org/.../emailaddress" -IncomingClaimTypeDisplayName "EmailAddress" -SameAsIncoming
DisplayName : EmailAddress
InputClaimType : schemas.xmlsoap.org/.../emailaddress
MappedClaimType : schemas.xmlsoap.org/.../emailaddress
IsIdentityClaim : False
AcceptOnlyKnownClaimValues : False
ClaimValueModificationAction : None
ClaimValueModificationArgument :
KnownClaimValues : {}
UpgradedPersistedProperties :
Could anyone suggest on how to resolve this trouble?
All responses (
Answers (
