web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Microsoft Dynamics CRM (Archived) / Server Based Auth (CRM...
Microsoft Dynamics CRM (Archived)

Server Based Auth (CRM On-Prem to SharePoint Online) PowerShell Issue

(0) ShareShare
ReportReport
Posted on by RugerSR762 375

Ok... this one is exceptionally annoying.  I have followed these instructions: https://technet.microsoft.com/en-us/library/mt171421.aspx to get this working.  However when I get to the part where you need to prep the certificate (all prereqs regarding this have been met) I continue to get these annoying errors (below).  Can anyone provide any translation as to what is wrong here?

Exception calling "AddAccessRule" with "1" argument(s): "Some or all identity references could not be translated."
At C:\Program Files\Microsoft Dynamics CRM\tools\CertificateReconfiguration.ps1:141 char:2
+ $privKeyAcl.AddAccessRule($accessRule) | Out-Null
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : IdentityNotMappedException

[03/07/2018 19:41:38] Exception calling "AddAccessRule" with "1" argument(s): "Some or all identity references could no
t be translated."
[03/07/2018 19:41:38] Fail to add ACCESS ALLOW rule to service account.

*This post is locked for comments

I have the same question (0)
  • Mohamed Bashir Profile Picture
    Mohamed Bashir 105 on at

    Can you paste in the script that you are entering right before you receive the error please?

  • RugerSR762 Profile Picture
    RugerSR762 375 on at

    Hi - sure thing:

    (the password in the copy is a sample)

    $CertificateScriptWithCommand = “.\CertificateReconfiguration.ps1 -certificateFile c:\cert.pfx -password P@SSw0RD. -updateCrm -certificateType S2STokenIssuer -serviceAccount 'NETWORK SERVICE' -storeFindType FindBySubjectDistinguishedName”

    THEN:

    Invoke-Expression -command $CertificateScriptWithCommand
  • Mohamed Bashir Profile Picture
    Mohamed Bashir 105 on at

    Did you provide read access to the certificate for network service?  Manage Certificates using MMC & then providing read access to the private key

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Neeraj Kumar – Community Spotlight

We are honored to recognize Neeraj Kumar as our Community Spotlight honoree for…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > 🔒一 Microsoft Dynamics CRM (Archived)

#1
SA-08121319-0 Profile Picture

SA-08121319-0 4

#1
Calum MacFarlane Profile Picture

Calum MacFarlane 4

#3
Alex Fun Wei Jie Profile Picture

Alex Fun Wei Jie 2

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans