MS CRM On-Prem 2016 with Azure AD OAuth

(0) Share

Report

Posted on by Avinash Lanka

Hi,

We have configured claims on our On-prem server using Azure AD federation URL. CRM web part authenticates against Azure and redirects back to Application.

However while connecting with Microsoft CRM Outlook client, the client (Outlook client) requires permission on Azure to authorize users for CRM.

Problem Statement: Problem connecting Microsoft Outlook client and Developer tools to MS CRM on premise with Azure AD OAuth.

Error while connecting with Outlook client

The user or administrator has not consented to use the application with ID '2f29638c-34d4-4cf2-a16a-7caf612cee15' named 'Microsoft Dynamics CRM for Microsoft Office Outlook'.

Send an interactive authorization request for this user and resource.\r\n

Also this permission cannot be granted as we cannot find application with ID '2f29638c-34d4-4cf2-a16a-7caf612cee15' named 'Microsoft Dynamics CRM for Microsoft Office Outlook' on our Azure tenant.

*This post is locked for comments

All responses (4)

Answers (0)

Suggested answer

Michael Donald 19 on at

Like (0)

Report
MS CRM On-Prem 2016 with Azure AD OAuth

To resolve the issue with Microsoft Dynamics CRM and the Outlook client on-premise setup with Azure AD OAuth:

Azure App Registration: Ensure the "Microsoft Dynamics CRM for Microsoft Office Outlook" application with ID '2f29638c-34d4-4cf2-a16a-7caf612cee15' is registered in Azure AD under "App Registrations."

Permission and Consent: Grant necessary API permissions and consent for the application to access the on-premise CRM.

Dynamics CRM Implementation: In Dynamics CRM on-premise, verify OAuth configuration for Azure AD, ensuring CRM web and Outlook components are correctly authenticated.

This resolves the OAuth permission issue.
Suggested answer

ThomasN 3,190 on at

Like (1)

Report

RE: MS CRM On-Prem 2016 with Azure AD OAuth

Hi Avinash,

I'm not sure how your doing this without an ADFS server. Please make sure you have followed all steps to enable Internet Facing Deployment for CRM on-premise. That is necessary for the outlook client. In that process ADFS is necessary.

For further insight, below is a link to Application Registration process in Azure Portal. However, this will not solve your problem because you cannot manually create the ClientID which is necessary given the previous links instructions and your error message is looking for a specific clientiD.

docs.microsoft.com/.../quickstart-register-app

I hope this helps.
Avinash Lanka 15 on at

Like (0)

Report

RE: MS CRM On-Prem 2016 with Azure AD OAuth

Hi Tom, Thanks for the response.

Is it possible to access ADFS server if we are using Azure AD?

I spoke to our Azure AD Admin - they use Portal.Azure.com to grant permissions. They do not have access to Azure Server.

They tried to grant same permissions via portal.azure but couldn't find the application id for Outllok or Dev Tools.
Suggested answer

ThomasN 3,190 on at

Like (0)

Report

RE: MS CRM On-Prem 2016 with Azure AD OAuth

Hi Avinash, Thanks for reaching out.

It appears you are missing a step where you register the Outlook Client in Azure AD as an app registration. See this link for details how to do this.

docs.microsoft.com/.../hh699726(v=crm.8)