Introduction
Server-based authentication process can be done by following the steps from below URL.
Reference URL: https://technet.microsoft.com/en-us/library/mt171421.aspx
Pre-step – 1: Verify prerequisites before starting the process.
Pre-step – 2: Two softwares are to be installed before starting the configuration.
Pre-step – 2: Two softwares are to be installed before starting the configuration.
- Online services Sign-in
- Azure Active Directory Module PowerShell
The whole process including software installation has to be done in server where CRM is installed and with the user and Deployment administrator rights.
Remember to run the command shell in administrator mode and navigate to the folder below:
“Drive:\Program Files\Microsoft Dynamics CRM\tools“.
“Drive:\Program Files\Microsoft Dynamics CRM\tools“.
Step-1: Certificate exporting
Export the trusted certificate to the local folder, once with Private Key and then without (x509, Base64 format). Make a note of the Password that you are giving.
Step-2: Adding certificate to service account
Update the tags in above commands with the below-specified content before running them.
- Certificate (exported with the Private Key) path has to be specified here. (.pfx)
- Private key for the above certificate has to be provided here.
- Service account name has to be provided here.
IssueIn our case, with service account name domain configuration for some accounts was set to domain.com and for few others, it was empty – this caused issue.
ResolutionCheck the username for the service account and update with the exact value.
Step-3: Set PowerShell to accept Office 365 cmdlets
Step-4Now PowerShell is ready to accept cmdlets, but the connection has to be established for the cmdlets to take effect on Azure and SharePoint.
Provide the credentials of the user who has global admin privileges in Office 365 once the pop-up appears.
Step-5: Now set the certificate for server-based authentication
Update the tags in above commands the below-specified content before running them.
- Certificate path (With Private key)
- Private key
- Certificate path (Without Private Key)
Step-6: Linking Azure to SharePoint
IssueWhile linking, when we updated CRMAPPId with the CRM Id from Solutions > Customizations> Developers Resources from CRM, it resulted in – service account not found.
ResolutionTo remedy the above error, do not update the CRMAppId. Leave it as it is. Only update “RootDomain” to your server domain name.
Step-7: Configure CRM with SharePoint for server-based authentication.
Once CRM is configured, then everything from server side is completed. Rest has to be done in CRM.
Step – 8: This is the last step in the process and it has to be done in CRM.
- Navigate to Document Management.
- Click on Enable server-base SharePoint Integration.
- Next > Select Online and proceed.
- In the screen that comes up, enter SharePoint site full url and Sharepoint Tenant ID.
– To get tenant ID, run the following commands in the PowerShell in server.
– This gives a GUID. Copy that. - Click Next to Validate the Site validity.
Possible Issues
Issue 1: Site is shown as invalid, with 401 unauthorized exception.
ResolutionTo fix the above issue, mapping of the users has to be done. User record will have a field named “SharePoint Email Address” and this must match with one of the logins of SharePoint. If this is not the case, update with any of the existing users.
Now, repeat step-8 once again and you can see the configuration happening successfully.
For another user to sync, just update the SharePoint Email field with login email.
For another user to sync, just update the SharePoint Email field with login email.
No comments:
Post a Comment