I ran across an unusual error while configuring CRM 2011 for outlook on a computer not running on the same domain as the CRM server. The configuration wizard just wouldn't connect to the deployment. The client config logs ( located at %localappdata%\Microsoft\MSCRM\Logs\Crm50ClientConfig.txt) showed the below error message:
Error| Error connecting to URL: http://crmserver:port/XRMServices/2011/Discovery.svc
Exception: System.ServiceModel.Security.SecurityNegotiationException: The caller was not authenticated by the service.
---> System.ServiceModel.FaultException: The request for security token could not be satisfied because authentication failed.
at System.ServiceModel.Security.SecurityUtils.ThrowIfNegotiationFault(Message message, EndpointAddress target) at System.ServiceModel.Security.SspiNegotiationTokenProvider.GetNextOutgoingMessageBody(Message incomingMessage, SspiNegotiationTokenProviderState sspiState)
--- End of inner exception stack trace ---
After spending a couple of hours troubleshooting and trying various scenarios on the client machine i started digging up a bit on the server side i found out that the CRMappPool and the CrmDeploymentServiceAppPool were running in the context of the administrator of the domain.
I was able to configure outlook to connect successfully to the deployment by configuring both application pools to run under the "LocalSystem" identity as shown in the screenshot below.
Cheers,
M.G
0 comments:
Post a Comment