Microsoft Dynamics 365 | Integration, Dataverse...

Dynamics 365 On-premises - IFD configuration just for internal user access

(0) Share

Report

Posted on by Loredana Iacob

I am trying to enable the sharepoint based integration for the Dynamics 365 On-premises and sharepoint online.

Everything seems to be fine - AD FS configured and tested - until the point where the IFD needs to be configured using the CRM Deployment Management.
I have added auth.domain.net and dev.domain.net DNS records, however the IFD federation metadata xml file wasn’t generate during the IFD configuration. I’ve got 404 error message trying to access its url in browser.

I would like to mention that all the environments are in the internal network and would like to keep as it is. Not sure if the auth.domain should be public and this is the cause of that error.

Any help, suggestion would be very much appreciated.

Thank you.

Kind regards,

Loredana

I have the same question (0)

All responses (4)

Answers (0)

Suggested answer

Asif365 1,431 on at

Like (1)

Report

Hi Loredana,

To narrow down the problem, please check error logged in the Event Viewer Application Log on the Active Directory Federation Services web server:

As you mentioned all environments are in internal Network then it should not be auth.domain.net, the right URL is yourorgnization.domain.net .

here are some more steps which can be helpful:

Check through fiddler what URL its direct when you are getting 404 error.

Check Form Authentication in IIS! MSCRM - Sites - Authentication - Form authentication - Disabled.

Please look at the more detailed document for IFD deployment from the below link.

download.microsoft.com/.../CRMConfigureIFD.pdf

Was this reply helpful? Yes No
Loredana Iacob 15 on at

Like (0)

Report

Hi Asif,

Hope you are doing well.

I've got the 404 error message trying to access the IFD federation metadata xml url, not CRM web site: auth.mydomain.net/.../FederationMetadata.xml (same for: auth.mydomain.net/.../FederationMetadata.ashx)

Without this I cannot keep moving and configure the IFD trust relationships in ADFS, like here: docs.microsoft.com/.../configure-the-ad-fs-server-for-ifd

The auth.mydomain.net is resolved through DNS and everything else is configured and works fine (ADFS, Claim based-authentication etc).

Thank you.

Kind regards,

Loredana

Was this reply helpful? Yes No
Suggested answer

Asif365 1,431 on at

Like (0)

Report

Please have a look at below links for same issue 404.

docs.microsoft.com/.../we-receive-http-errors-while-accessing-the-crm-federationmetadata-url

community.dynamics.com/.../ifd-configuration

Thanks

Asif Ali

Was this reply helpful? Yes No
Suggested answer

Satish Tiwari - CRM on at

Like (0)

Report

Hello Loredana,

Here are couple of things you can check -

1. Make sure that auth.mydomain.net is pointing to CRM server IP address.

2. CrmAppPool account has read privilege on certificate.

3. Perform IISRESET

4. Are you getting error on both CRM and ADFS server if you browse the auth federation metadata URL ?

5. Is both CRM and ADFS are installed on same server ? If yes, are they using same port number i.e. 443?

If possible, can you share the screenshot from deployment manager by clicking on configure IFD ?

Was this reply helpful? Yes No