web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Microsoft Dynamics CRM (Archived) / setup adfs ifd failed
Microsoft Dynamics CRM (Archived)

setup adfs ifd failed

(0) ShareShare
ReportReport
Posted on by gloamingon 252

Hi All,

I got failed when setup IFD to my test environment, I use adfs, ms crm, and sql in one box (single server).

after setup claim based and IFD in deployment manager everything is succeeded but when trying access the crm I got error from adfs login page like on below screenshot:

adfs-error-1.PNG

and here is also log error from event viewer "

Encountered error during federation passive request.

Additional Data

Protocol Name: 
wsfed

Relying Party:

Exception details: 
Microsoft.IdentityServer.Web.CookieManagers.InvalidContextException: MSIS7001: The passive protocol context was not found or not valid. If the context was stored in cookies, the cookies that were presented by the client were not valid. Ensure that the client browser is configured to accept cookies from this website and retry this request.
at Microsoft.IdentityServer.Web.Protocols.GenericProtocolRequest.ParseEncodedRequestParts(String[] encodedRequestParts)
at Microsoft.IdentityServer.Web.Protocols.GenericProtocolRequest..ctor(String encodedGenericRequest)
at Microsoft.IdentityServer.Web.Protocols.WSFederation.WSFederationProtocolHandler.GetOriginalRequestFromResponse(ProtocolContext context)
at Microsoft.IdentityServer.Web.PassiveProtocolListener.ProcessProtocolRequest(ProtocolContext protocolContext, PassiveProtocolHandler protocolHandler)
at Microsoft.IdentityServer.Web.PassiveProtocolListener.OnGetContext(WrappedHttpListenerContext context)"

is there any body experience this issue and how to solve it?

thank you very much.

*This post is locked for comments

I have the same question (0)
  • Suggested answer
    Abarao Bhople Profile Picture
    Abarao Bhople 445 on at

    Hello Gloamingon ,

    You could have setup ADFS on different server instead of CRM  Server.

    Before that could you please let me know below points.

    have you successfully configured ADFS and you are able to access below urls.

    adfs.tsel.com/.../idpinitiatedsignon

    and 

    adfs.tsel.com/.../federationmetadata.xml.

    if you are able to access above URL you have configured ADFS successfully.

    after that let me know CRM Points.

    1) In IIS website bindings for MSCRM site which port you defied 

    2) Deployment manager >Properties >WebAddress

    which port you have mentioned for HTTPS.

    Thank you 

    Abarao Bhople

  • gloamingon Profile Picture
    gloamingon 252 on at

    Hi Abarao,

    thanks for the reply,

    the result is I unable to access --> adfs.tsel.com/.../idpinitiatedsignon

    but able to access --> adfs.tsel.com/.../federationmetadata.xml

    1) In IIS website bindings for MSCRM site which port you defied

    --> 444 for https and 5555 for http

    2) Deployment manager >Properties >WebAddress

    which port you have mentioned for HTTPS.

    --> no port

    in addition accidentally I input with the wrong password the result is no error occurred with a message "Incorrect user ID or password. Type the correct user ID and password, and try again. " and if I input with correct password the result is error like my post previously, so I can assume adfs login is already validate my password with the active directory but failed redirect to MS CRM.

    thank you

  • Suggested answer
    Abarao Bhople Profile Picture
    Abarao Bhople 445 on at

    Hello Gloamingon ,

    after configuration of Claims based authantication 

    have you added relying party in ADFS by using federatiionmetadata URL

    ( https://internalcrm.yourdomain.com/FederationMetadata/2007-06/FederationMetadata.xml ) of which pop-up at the end of that wizard.

    if not done , please add relying party first  and apply the rules as well then try to access CRM.

    Thank you.

    Abarao Bhople

  • gloamingon Profile Picture
    gloamingon 252 on at

    Hi Abarao,

    now I able to access adfs.tsel.com/.../idpinitiatedsignon & adfs.tsel.com/.../federationmetadata.xml

    but still unable to access crm with different error.

    1. copy from the url error :

    internalcrm.tsel.com/.../errorhandler.aspx;ErrorCode=&Parm0=%0d%0a%0d%0aError%20Details%3a%20Must%20specify%20valid%20information%20for%20parsing%20in%20the%20string.&RequestUri=%2fdefault.aspx&user_lcid=1033

    2. copy from event viewer :

    WebHost failed to process a request.

    Sender Information: System.ServiceModel.Activation.HostedHttpRequestAsyncResult/12966380

    Exception: System.ServiceModel.ServiceActivationException: The service '/tsel/XRMServices/2011/Organization.svc' cannot be activated due to an exception during compilation.  The exception message is: Must specify valid information for parsing in the string.. ---> System.ArgumentException: Must specify valid information for parsing in the string.

      at System.Enum.TryParseEnum(Type enumType, String value, Boolean ignoreCase, EnumResult& parseResult)

      at System.Enum.Parse(Type enumType, String value, Boolean ignoreCase)

      at Microsoft.Crm.Authentication.Claims.IdentityConfigurationProvider.<>c__DisplayClass7.<GetIdentityConfiguration>b__5()

      at Microsoft.Crm.Authentication.Common.AuthenticationContextExtensions.HandleDatabaseCall[TResult](Func`1 action)

      at Microsoft.Crm.Authentication.Claims.IdentityConfigurationProvider.<GetIdentityConfiguration>b__4()

      at Microsoft.Crm.Authentication.Claims.IdentityConfigurationProvider.InitializeConfiguration(Action action)

      at Microsoft.Crm.Authentication.Claims.IdentityConfigurationProvider.GetIdentityConfiguration()

      at Microsoft.Crm.Extensibility.SdkServiceHost.InitializeRuntime()

      at System.ServiceModel.ServiceHostBase.OnOpen(TimeSpan timeout)

      at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)

      at System.ServiceModel.ServiceHostingEnvironment.HostingManager.ActivateService(ServiceActivationInfo serviceActivationInfo, EventTraceActivity eventTraceActivity)

      at System.ServiceModel.ServiceHostingEnvironment.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath, EventTraceActivity eventTraceActivity)

      --- End of inner exception stack trace ---

      at System.Runtime.AsyncResult.End[TAsyncResult](IAsyncResult result)

      at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.End(IAsyncResult result)

    Process Name: w3wp

    Process ID: 14248

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Neeraj Kumar – Community Spotlight

We are honored to recognize Neeraj Kumar as our Community Spotlight honoree for…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > 🔒一 Microsoft Dynamics CRM (Archived)

#1
SA-08121319-0 Profile Picture

SA-08121319-0 4

#1
Calum MacFarlane Profile Picture

Calum MacFarlane 4

#3
Alex Fun Wei Jie Profile Picture

Alex Fun Wei Jie 2

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans