Share
Report
7We have been running Dynamics CRM On-Premise (currently on 2016) for about 5 years now with a solid ADFS integration. In the past two months, I had two users who suddenly cannot login using Resco mobile but the issue does not appear to be with Resco (they use the standard CRM SDK connection code) because I can see the error in a fiddler trace and it is coming from ADFS.
I have also A/B compared the CRM -> ADFS redirect and the second ADFS call to /adfs/services/trust/13/usernamemixed with a user that does not have an issue.
On the good user, after POSTing to the above URL with the soap envelope containing their username (formatted as user@domain.com), I get a nice 200 response with a return soap envelope containing all my authentication token info.
On the bad users, I get an HTTPS 500 error with a response of 'www.w3.org/.../faults:Sendera:InvalidSecurity An error occurred wen verifying security for this message."
I can see the username on the bad user POSTed like the good user and the POSTed envelope contains both the valid username (user@domain.com) and the correct password.
We are running CRM 8.2.8 currently and no changes to either ADFS or CRM since the minor update to 8.2.8 in June of this year. My problem users first starting having this issue in July. We did renew our ADFS/CRM trust cert (wildcard) on 5/31/2019. Nothing of consequence seemed to happen after the cert upgrade it was turnkey.
Anyone have any ideas on what might be causing this? The really odd part is that if my problem users use a different device, they can connect fine... one user is having problems on his Android Phone and the other user is having the issue from his PC (hence the fidder trace).
thank you!
*This post is locked for comments
I have the same question (0)
All responses (
Answers (
