Archiv für den Monat: März 2013

Small glimpse into the future of Dynamics CRM

There were interesting topics discussed at the Convergence 2013, which I followed as participant of the Convergence 2013 Virtual program.
As I have only seen photographs of slides posted on the net, I have take some shots out of the presentations which I will share with you (which I assume should be no issue).

Keep in mind that the pictures shows the current state of the product release currently called ‘Orion’, which is work in progress. So things are supposed to change until release.

Sharing a single ADFS server with multiple Dynamics CRM Deployments

At a customer we recently had the situation, that we have deployed two separate Dynamics CRM 2011 Deployments called A and B. Both of them are configured as Internet Facing Deployments (IFD).
For authentication we have installed a single ADFS server in the customer environment. This server is used by both deployments.

If we access CRM A and authenticate at ADFS everything is fine. The user is redirected to CRM A afterwards and is able to work. If CRM B is accessed afterwards an error is displayed:

An error occured:

Try this action again. If the problem continues, check the Microsoft Dynamics CRM Community for solutions or contact your organization’s Microsoft Dynamics CRM Administrator. Finally, you can contact Microsoft Support.

You know, the standard error bla bla…

The trace contains following error:

Exception type: CryptographicException
Exception message: Key not valid for use in specified state.

In order to access CRM B, the user has to logoff and logon again at CRM B.

What we have tried to solve this issue

Finally we opened a support case with the CRM support. After the ticket was escalated we got the information that this scenario is not possible at the moment. The reason is a design limitation of Dynamics CRM. At the moment it looks like this would result in a change in the next major version of Dynamics CRM.

You have two workarounds for this issue:

  • Logging off from one system before accessing the other
  • Use an InPrivate session for accessing the second system