Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Dynamics 365 Community / Forums / Microsoft Dynamics CRM (Archived) / setup adfs ifd failed
Microsoft Dynamics CRM (Archived)

setup adfs ifd failed

(0) ShareShare
ReportReport
Posted on by gloamingon 250

Hi All,

I got failed when setup IFD to my test environment, I use adfs, ms crm, and sql in one box (single server).

after setup claim based and IFD in deployment manager everything is succeeded but when trying access the crm I got error from adfs login page like on below screenshot:

adfs-error-1.PNG

and here is also log error from event viewer "

Encountered error during federation passive request.

Additional Data

Protocol Name: 
wsfed

Relying Party:

Exception details: 
Microsoft.IdentityServer.Web.CookieManagers.InvalidContextException: MSIS7001: The passive protocol context was not found or not valid. If the context was stored in cookies, the cookies that were presented by the client were not valid. Ensure that the client browser is configured to accept cookies from this website and retry this request.
at Microsoft.IdentityServer.Web.Protocols.GenericProtocolRequest.ParseEncodedRequestParts(String[] encodedRequestParts)
at Microsoft.IdentityServer.Web.Protocols.GenericProtocolRequest..ctor(String encodedGenericRequest)
at Microsoft.IdentityServer.Web.Protocols.WSFederation.WSFederationProtocolHandler.GetOriginalRequestFromResponse(ProtocolContext context)
at Microsoft.IdentityServer.Web.PassiveProtocolListener.ProcessProtocolRequest(ProtocolContext protocolContext, PassiveProtocolHandler protocolHandler)
at Microsoft.IdentityServer.Web.PassiveProtocolListener.OnGetContext(WrappedHttpListenerContext context)"

is there any body experience this issue and how to solve it?

thank you very much.

*This post is locked for comments

  • gloamingon Profile Picture
    gloamingon 250 on at
    RE: setup adfs ifd failed

    Hi Abarao,

    now I able to access adfs.tsel.com/.../idpinitiatedsignon & adfs.tsel.com/.../federationmetadata.xml

    but still unable to access crm with different error.

    1. copy from the url error :

    internalcrm.tsel.com/.../errorhandler.aspx;ErrorCode=&Parm0=%0d%0a%0d%0aError%20Details%3a%20Must%20specify%20valid%20information%20for%20parsing%20in%20the%20string.&RequestUri=%2fdefault.aspx&user_lcid=1033

    2. copy from event viewer :

    WebHost failed to process a request.

    Sender Information: System.ServiceModel.Activation.HostedHttpRequestAsyncResult/12966380

    Exception: System.ServiceModel.ServiceActivationException: The service '/tsel/XRMServices/2011/Organization.svc' cannot be activated due to an exception during compilation.  The exception message is: Must specify valid information for parsing in the string.. ---> System.ArgumentException: Must specify valid information for parsing in the string.

      at System.Enum.TryParseEnum(Type enumType, String value, Boolean ignoreCase, EnumResult& parseResult)

      at System.Enum.Parse(Type enumType, String value, Boolean ignoreCase)

      at Microsoft.Crm.Authentication.Claims.IdentityConfigurationProvider.<>c__DisplayClass7.<GetIdentityConfiguration>b__5()

      at Microsoft.Crm.Authentication.Common.AuthenticationContextExtensions.HandleDatabaseCall[TResult](Func`1 action)

      at Microsoft.Crm.Authentication.Claims.IdentityConfigurationProvider.<GetIdentityConfiguration>b__4()

      at Microsoft.Crm.Authentication.Claims.IdentityConfigurationProvider.InitializeConfiguration(Action action)

      at Microsoft.Crm.Authentication.Claims.IdentityConfigurationProvider.GetIdentityConfiguration()

      at Microsoft.Crm.Extensibility.SdkServiceHost.InitializeRuntime()

      at System.ServiceModel.ServiceHostBase.OnOpen(TimeSpan timeout)

      at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)

      at System.ServiceModel.ServiceHostingEnvironment.HostingManager.ActivateService(ServiceActivationInfo serviceActivationInfo, EventTraceActivity eventTraceActivity)

      at System.ServiceModel.ServiceHostingEnvironment.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath, EventTraceActivity eventTraceActivity)

      --- End of inner exception stack trace ---

      at System.Runtime.AsyncResult.End[TAsyncResult](IAsyncResult result)

      at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.End(IAsyncResult result)

    Process Name: w3wp

    Process ID: 14248

  • Suggested answer
    Abarao Bhople Profile Picture
    Abarao Bhople 445 on at
    RE: setup adfs ifd failed

    Hello Gloamingon ,

    after configuration of Claims based authantication 

    have you added relying party in ADFS by using federatiionmetadata URL

    ( https://internalcrm.yourdomain.com/FederationMetadata/2007-06/FederationMetadata.xml ) of which pop-up at the end of that wizard.

    if not done , please add relying party first  and apply the rules as well then try to access CRM.

    Thank you.

    Abarao Bhople

  • gloamingon Profile Picture
    gloamingon 250 on at
    RE: setup adfs ifd failed

    Hi Abarao,

    thanks for the reply,

    the result is I unable to access --> adfs.tsel.com/.../idpinitiatedsignon

    but able to access --> adfs.tsel.com/.../federationmetadata.xml

    1) In IIS website bindings for MSCRM site which port you defied

    --> 444 for https and 5555 for http

    2) Deployment manager >Properties >WebAddress

    which port you have mentioned for HTTPS.

    --> no port

    in addition accidentally I input with the wrong password the result is no error occurred with a message "Incorrect user ID or password. Type the correct user ID and password, and try again. " and if I input with correct password the result is error like my post previously, so I can assume adfs login is already validate my password with the active directory but failed redirect to MS CRM.

    thank you

  • Suggested answer
    Abarao Bhople Profile Picture
    Abarao Bhople 445 on at
    RE: setup adfs ifd failed

    Hello Gloamingon ,

    You could have setup ADFS on different server instead of CRM  Server.

    Before that could you please let me know below points.

    have you successfully configured ADFS and you are able to access below urls.

    adfs.tsel.com/.../idpinitiatedsignon

    and 

    adfs.tsel.com/.../federationmetadata.xml.

    if you are able to access above URL you have configured ADFS successfully.

    after that let me know CRM Points.

    1) In IIS website bindings for MSCRM site which port you defied 

    2) Deployment manager >Properties >WebAddress

    which port you have mentioned for HTTPS.

    Thank you 

    Abarao Bhople

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

December Spotlight Star - Muhammad Affan

Congratulations to a top community star!

Top 10 leaders for November!

Congratulations to our November super stars!

Tips for Writing Effective Suggested Answers

Best practices for providing successful forum answers ✍️

Leaderboard

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 291,280 Super User 2024 Season 2

#2
Martin Dráb Profile Picture

Martin Dráb 230,214 Most Valuable Professional

#3
nmaenpaa Profile Picture

nmaenpaa 101,156

Leaderboard

Featured topics

Product updates

Dynamics 365 release plans