Dynamics CRM 2011 – Rollup 6

I was recently discussing with Microsoft and was asking for the Update Rollup 6 schedule. I was answered that it is scheduled for January 2012.

Apparently the schedule is safe, and no delay is expected. If you are planning a deployment soon (like me), you might be interested in knowing that the rollup 6 will be released soon.

Regarding the content of the rollup 6, the only thing I know (which is not a big secret) is that it will include this fix : http://support.microsoft.com/kb/2645912 which is described in this post.

Looking forward to 2012…

Dynamics CRM 2011 – Session is about to expire ADFS

If you have a Dynamics CRM 2011 farm configures to use ADFS using Claims based authentication, you must have face the timeout session problem. Long story short, after around 40 minutes (whether you are active or not), you’ll get a popup telling you that your session is about to expire :

In order to avoid getting this popup too often, you need to extend the token life time on your ADFS server.

Simply follow this procedure :

1. Open a Windows PowerShell prompt on your ADFS Server.

2. Add the AD FS 2.0 snap-in to the Windows PowerShell session:

Add-PSSnapin Microsoft.Adfs.PowerShell

3. Configure the relying party token lifetime:

Get-ADFSRelyingPartyTrust -Name "relying_party"
Set-ADFSRelyingPartyTrust -Targetname "relying_party" -TokenLifetime 480

where :
- relying_party is the name of the relying party that you created.
- 480 corresponds to 480 minutes = 8 hours.

Source & credits (really considere reading those if you want to fully understand what you are doing) :

CozyRoc and Dynamics CRM 2011 with Claims and IFD

Let’s assume you have a Dynamics CRM 2011 farm that is configured to use Claims and IFD (Internet Facing Deployment) and that you are also using CozyRoc SSIS (excellent by the way) to extract data from your CRM platform.

Note : If you are not using Claims and IFD, this article might not apply to your problem…

You might face the following error : The request failed with HTTP status 401: Unauthorized. (System.Web.Services).


  1. Enable Anonymous Authentication on MSCRMServices\2007\SPLA on every web front in your CRM farm
    1. Open Internet Information Services (IIS) Manager.
    2. In the Connections pane, select the Microsoft Dynamics CRM Server 2011 Web site, and then navigate to the following folder: MSCRMServices\2007\SPLA
    3. In Features View, double-click Authentication.
    4. On the Authentication page, select Anonymous Authentication.
    5. In the Actions pane, click Enable to use Anonymous authentication with the default settings.
  2. In your CozyRoc SSIS package, select a deployment type as “Hosted” instead of “Premise”.
    1. Open your SSIS package and double click on your Dynamics CRM Connection Manager
    2. Select “Hosted” in the deployment list :

That’s all you need to do. CozyRoc will then work smoothly !


Dynamics CRM 2011 – Error only secure content is displayed

Today I’m facing the following issue when I access my CRM platform :

Internet explorer complains about the fact that only secure content is displayed. Which means that some http is going through while my CRM platform is configured to use https. You’ll notive as well that the get started section is not displayed correctly.

You get exactly the same thing in the outlook plugin with a similar message that asks you if you want to display only the content that was delivered securely over https :

If have read a few articles that were talking about configuring IE to ask to mix secured and unsecured content. I did not like it, and wanted to understand why this content was not delivered through a secured channel.

I figured out that is comes from a configuration in the Dynamics CRM database that is not set correctly. After you have adjusted it, it will work smoothly. Here is the procedure to fix it :

Step 1: Open a SQL Server Management Studio on the CRM database server and open the MSCRM_CONFIG database. And perform the following query :

SELECT     HelpServerUrl
FROM         ConfigSettings

You’ll get something like that :

As you can see, the HelpServerUrl is indicating HTTP (and in my case even a wrong url because it points to a specific web front end instead of the load balancer url…).

Step 2 : Edit the value the you found in the HelpServerUrl to what you need. Especially HTTPS instead of HTTP.

Step 3 : Reboot your farm. CRM dynamics might cache those kind of values… so a reboot might be necessary (it was not the case for me though).

Done ! You’ll see a full page nicely displayed without any error or warning



Configure CRM Dynamics 2011 outlook client when connected to the internet

I have been trying to configure the outlook add-in for CRM Dynamics 2011 while I was connected to the internet (opposed to my company network) without success for days now.

I initially thought it was coming from my Claims and IFD configuration, but it was not. It was just a bug ! And there is now a hot fix.

Let’s assume you have a Dynamics CRM 2011 platform exposed over the internet (Internet Facing Deployment) and that you need or want your users to be able to configure their Outlook Add-in while connected to the Internet (without any connection to your company’s network, nor any kind of VPN) : You need to apply this fix


(My) explanation :

The rollup 5 introduced a bug. The outlook config wizard was trying to connect to the Active Directory. The problem is that in some cases, when you are not connected to your company’s network, the Active Directory is not available. The configuration wizard was just crashing, due to the fact it was not capable to contact the Active Directory. As simple as that. The hotfix above changed the behavior so that it is no longer required to have the AD available to perform the configuration.

Worked like a charm for me ! So happy !

Side note : I was using the Microsoft Dynamics CRM 2011 for Microsoft Office Outlook add-in with Rollup 5 on top.

And here was the error log I was getting while trying to configure outlook using the configuration wizard :

17:57:06|  Error| Exception : The server could not be contacted.    at System.DirectoryServices.AccountManagement.PrincipalContext.ReadServerConfig(String serverName, ServerProperties& properties)    at System.DirectoryServices.AccountManagement.PrincipalContext.DoServerVerifyAndPropRetrieval()    at System.DirectoryServices.AccountManagement.PrincipalContext..ctor(ContextType contextType, String name, String container, ContextOptions options, String userName, String password)    at System.DirectoryServices.AccountManagement.PrincipalContext..ctor(ContextType contextType)    at System.DirectoryServices.AccountManagement.UserPrincipal.get_Current()    at Microsoft.Crm.Application.Outlook.Config.DeploymentsInfo.DeploymentInfo.SelectOrganization(Guid organizationId)    at Microsoft.Crm.Application.Outlook.Config.ClientConfig.AddDeployment(DeploymentsDeployment[] deployments, AuthUIMode uiMode)    at Microsoft.Crm.Application.Outlook.Config.ClientConfig.Run(Boolean runInsideOutlook)    at Microsoft.Crm.Application.Outlook.Config.ClientConfig.Start(String[] args, Boolean runInsideOutlook)