When you install ADFS on a Windows Server 2012, the built-in ADFS role included is ADFS 2.1. When setting up Microsoft Dynamics CRM 2011 (UR13+ required), you will get an error message that tells you that IFD Authentication fails when trying to access the discovery service by external applications. Apparently the documentation for update UR13 says this has been […]
Please find my latest presentation on ADFS from Microsoft Convergence 2013. This presentation includes topics like SSL Certificates, DNS Entries, Firewall, Common Deployments, ADFS Proxy Servers, IFD, ADFS Installation, Tips and Tricks, Troubleshooting and ADFS Errors. Please note the ADFS central link is not yet live on this site. This is the e-book I’m creating […]
Great Tech Next Article for Troubleshooting ADFS! http://technet.microsoft.com/en-us/library/adfs2-troubleshooting-federation-service-startup-and-shutdown-problems%28v=ws.10%29.aspx
We ran into an authentication issue with Microsoft CRM 2011 using ADFS/IFD running Update Rollup 11v2. After being installed, the external endpoint would no longer display, providing the following error: The error log from the event viewer showed the following error (Could not find GUID for Server) immediately before even receiving […]
ADFS can be very unforgiving if you need to uninstall or reconfigure. The following steps should steer you clear of any issues that you might run into. (ACL List issues are covered on my blog as well). Step 1: Uninstall ADFS using the control panel, remove program NOTE:- ADFS will be shown as an installed update […]
While working on setting up an ADFS server farm, I was wondering how I can quickly tell if the ADFS server I was the primary computer. A quick review of an the ADFS Powershell Snapin provide a commmand to retrieve the ADFS role: get-adfssyncproperties Of course, if you open the […]
When deploying ADFS/IFD solution, you will most likely want to build a seperate ADFS server. Since ADFS is Microsoft’s STS (Security Token Service) many of their applications including Microsoft Dynamics CRM 2011 will be federating with it for single sign-on within your enterprise. ADFS can be setup on a single server, and can work with […]
When implementing ADFS to support Internet Facing Deployments (IFD) for CRM 2011 Claims Based Authentication, many administrators will experience an ADFS 503 error when trying the endpoint for both internal CRM and auth within a browser. The error message is usually 503, service not available. A simple IISreset might do the trick but for these cases […]
Reviewing a client’s ADFS configuration, I found an unusually error message in the ADFS service federation metadata saying “Keyset does not exist”. After searching for all the usually culprits, this turned out to be one of the most commonly forgotten issues – Giving access to the service account to manage the private keys for the certificate. […]
ADFS uses standard SSL certificates to secure it’s communicatons. SSL certificates are not static, and often change on a yearly basis. This will cause the warning condition in the ADFS management console as seen below: Once you enter the ADFS management console, under the relying party trust you will see: Once you replace […]