locked
ADFS 2.0 Authentication Issue RRS feed

  • Question

  • When trying to access CRM 2011 through a vpn connection we get the following error:

    Event ID: 364
    
    Microsoft.IdentityServer.Web.AuthenticationFailedException: ID3034: Authentication failed.
       at Microsoft.IdentityServer.Web.FederationPassiveAuthentication.SubmitRequest(MSISRequestSecurityToken request)
       at Microsoft.IdentityServer.Web.FederationPassiveAuthentication.RequestBearerToken(MSISSignInRequestMessage signInRequest, SecurityTokenElement onBehalfOf, SecurityToken primaryAuthToken, String desiredTokenType, UInt32 lifetime, Uri& replyTo)
       at Microsoft.IdentityServer.Web.FederationPassiveAuthentication.BuildSingleSignOnToken(SecurityToken securityToken, String issuer, FederationPassiveContext federationPassiveContext, String& signature)
       at Microsoft.IdentityServer.Web.FederationPassiveAuthentication.SignIn(SecurityToken securityToken)

    The same error is repeated twice in the ADFS Server Event Viewer and the users are unable to login. ADFS is validating the credentials that are logged in as we get a wrong username password error if wrong credentials are entered but after the authentication is done ADFS does not redirect to the CRM url but instead gives a 404 error. Curiously, if we clear the history/cache on the iPad and then login again it works fine. This issue started happening out of the blue as it worked fine previously. Any idea how this can be fixed? The issue is not when accessing CRM internally but only when it is done externally through a VPN connection.

    Thursday, October 12, 2017 4:54 AM