Thursday, June 27, 2013

“Parser Error Message: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.” MS CRM 2011 access


when i was installing MS CRM, i was able to install.
but while accessing it, i got the below error message in the event viewer...

“Parser Error Message: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.”

when i googled i got the link (http://support.microsoft.com/kb/2691911) from MS.
this helps me to know it.
i come to know from the Group Policy that the FIPS is enabled.



find the policy(System cryptography: Use FIPS-compliant algorithms for encryption, hashing, and signing ) in below
  1. Using an account that has administrative credentials, log on to a computer that is running Windows Server 2008 R2 SP1 x64 on which any of the CRM Server roles are installed.
  2. Click Start, click Run, type gpedit.msc, and then press ENTER.
  3. In the Local Group Policy Editor, under the Computer Configuration node, double-click Windows Settings, and then double-click Security Settings.
  4. Under the Security Settings node, double-click Local Policies, and then click Security Options.
  5. In the details pane, double-click System cryptography: Use FIPS-compliant algorithms for encryption, hashing, and signing.
i found in one more server, it was disabled.
so i just disabled it and then it started working....

Note: when i was installing the server was not hardened... so enusre if its when hardened then this must disabled, else you ahve to follow the link as above...

hopre this will help and save someoone's time...

Regards,
yes.Sudhanshu
 

Saturday, June 15, 2013

Exception message: The specified domain either does not exist or could not be contacted. MS CRM 2011

i did the installtion and when i was just accessing the MS CRM site, i got the below error....
and the below is the details from event viewer....
the details shows clearly that the account "NT AUTHORITY\NETWORK SERVICE" does not have access to the AD.
i am not sure about this. WHY?
i have done other instalaltions earlier with that.
still i tot, just to change the service account, so i ran the upgrade and changed the accounts to some AD account, then it ran HAPPILY... :)
Event code: 3005
Event message: An unhandled exception has occurred.
Event time: 15/6/2013 5:21:53 PM
Event time (UTC): 15/6/2013 9:21:53 AM
Event ID: d77f2b8efd124a9ebac200209080acab
Event sequence: 6
Event occurrence: 1
Event detail code: 0
 
Application information:
    Application domain: /LM/W3SVC/1/ROOT-1-130157616769092004
    Trust level: Full
    Application Virtual Path: /
    Application Path: C:\Program Files\Microsoft Dynamics CRM\CRMWeb\
    Machine name: HQ07WACRMUATDB
 
Process information:
    Process ID: 6696
    Process name: w3wp.exe
    Account name: NT AUTHORITY\NETWORK SERVICE
 
Exception information:
    Exception type: COMException
    Exception message: The specified domain either does not exist or could not be contacted.
 
   at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
   at System.DirectoryServices.DirectoryEntry.Bind()
   at System.DirectoryServices.DirectoryEntry.get_NativeObject()
   at System.DirectoryServices.DirectoryEntry.Invoke(String methodName, Object[] args)
   at Microsoft.Crm.SecurityUtils.CheckMembership(Guid principalId, Guid groupId)
   at Microsoft.Crm.Caching.OrganizationSettingsCacheLoader.LoadCacheData(Guid key, ExecutionContext context)
   at Microsoft.Crm.Caching.ObjectModelCacheLoader`2.LoadCacheData(TKey key, IOrganizationContext context)
   at Microsoft.Crm.Caching.CrmMultiOrgCache`2.CreateEntry(TKey key, IOrganizationContext context)
   at Microsoft.Crm.Caching.CrmMultiOrgCache`2.LookupEntry(TKey key, IOrganizationContext context)
   at Microsoft.Crm.BusinessEntities.SecurityLibrary.IsOrganizationSpecialUser(Guid organizationId, Guid userId, ExecutionContext context)
   at Microsoft.Crm.Caching.UserDataCacheLoader.LoadCacheData(Guid key, ExecutionContext context)
   at Microsoft.Crm.Caching.ObjectModelCacheLoader`2.LoadCacheData(TKey key, IOrganizationContext context)
   at Microsoft.Crm.Caching.CrmMultiOrgCache`2.CreateEntry(TKey key, IOrganizationContext context)
   at Microsoft.Crm.Caching.CrmMultiOrgCache`2.LookupEntry(TKey key, IOrganizationContext context)
   at Microsoft.Crm.BusinessEntities.SecurityLibrary.GetUserInfoCommon(IOrganizationContext context, Guid userGuid)
   at Microsoft.Crm.BusinessEntities.SecurityLibrary.GetCallerAndBusinessGuidsFromThread(WindowsIdentity identity, Guid organizationId)
   at Microsoft.Crm.Authentication.CrmWindowsIdentity..ctor(WindowsIdentity innerIdentity, Boolean publishCrmUser, Guid organizationId)
   at Microsoft.Crm.Authentication.WindowsAuthenticationProviderBase.Authenticate(HttpApplication application, WindowsIdentity userIdentity)
   at Microsoft.Crm.Authentication.AuthenticationStep.Authenticate(HttpApplication application)
   at Microsoft.Crm.Authentication.AuthenticationPipeline.Authenticate(HttpApplication application)
   at Microsoft.Crm.Authentication.AuthenticationEngine.Execute(Object sender, EventArgs e)
   at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
 
 
 
Request information:
    Request path: /ICA/default.aspx
    User host address: fe80::65f7:80e8:48e3:afef/
    User: CIRISDEV\ICACRMAdmin
    Is authenticated: True
    Authentication Type: Negotiate
    Thread account name: NT AUTHORITY\NETWORK SERVICE
 
Thread information:
    Thread ID: 8
    Thread account name: NT AUTHORITY\NETWORK SERVICE
    Is impersonating: True
    Stack trace:    at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
   at System.DirectoryServices.DirectoryEntry.Bind()
   at System.DirectoryServices.DirectoryEntry.get_NativeObject()
   at System.DirectoryServices.DirectoryEntry.Invoke(String methodName, Object[] args)
   at Microsoft.Crm.SecurityUtils.CheckMembership(Guid principalId, Guid groupId)
   at Microsoft.Crm.Caching.OrganizationSettingsCacheLoader.LoadCacheData(Guid key, ExecutionContext context)
   at Microsoft.Crm.Caching.ObjectModelCacheLoader`2.LoadCacheData(TKey key, IOrganizationContext context)
   at Microsoft.Crm.Caching.CrmMultiOrgCache`2.CreateEntry(TKey key, IOrganizationContext context)
   at Microsoft.Crm.Caching.CrmMultiOrgCache`2.LookupEntry(TKey key, IOrganizationContext context)
   at Microsoft.Crm.BusinessEntities.SecurityLibrary.IsOrganizationSpecialUser(Guid organizationId, Guid userId, ExecutionContext context)
   at Microsoft.Crm.Caching.UserDataCacheLoader.LoadCacheData(Guid key, ExecutionContext context)
   at Microsoft.Crm.Caching.ObjectModelCacheLoader`2.LoadCacheData(TKey key, IOrganizationContext context)
   at Microsoft.Crm.Caching.CrmMultiOrgCache`2.CreateEntry(TKey key, IOrganizationContext context)
   at Microsoft.Crm.Caching.CrmMultiOrgCache`2.LookupEntry(TKey key, IOrganizationContext context)
   at Microsoft.Crm.BusinessEntities.SecurityLibrary.GetUserInfoCommon(IOrganizationContext context, Guid userGuid)
   at Microsoft.Crm.BusinessEntities.SecurityLibrary.GetCallerAndBusinessGuidsFromThread(WindowsIdentity identity, Guid organizationId)
   at Microsoft.Crm.Authentication.CrmWindowsIdentity..ctor(WindowsIdentity innerIdentity, Boolean publishCrmUser, Guid organizationId)
   at Microsoft.Crm.Authentication.WindowsAuthenticationProviderBase.Authenticate(HttpApplication application, WindowsIdentity userIdentity)
   at Microsoft.Crm.Authentication.AuthenticationStep.Authenticate(HttpApplication application)
   at Microsoft.Crm.Authentication.AuthenticationPipeline.Authenticate(HttpApplication application)
   at Microsoft.Crm.Authentication.AuthenticationEngine.Execute(Object sender, EventArgs e)
   at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
 
 
Custom event details:
hope this will help...

Regards,
yes.sudhanshu

Setup was not able to find the following registry value. Reporting Server extension uninstallation error MS CRM 2011


while i was doing installtion for MS CRM 2011.
i had to uninstall the srs connector.
while doing so i got the below error

---------------------------
Microsoft Dynamics CRM Reporting Extensions Setup
---------------------------
Action Microsoft.Crm.Setup.Common.Analyzer+CollectAction failed.

Setup was not able to find the following registry value. This value is required by setup to perform a successful upgrade, repair, or a complete uninstall. You can restore the value manually and restart Setup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSCRM: CRM_SrsDataConnector_ReportServerInstance

 
---------------------------
Retry   Cancel  
---------------------------

so the message is very clear.
need to check the registry value as mentioned.
in my case the value was blank (not sure how?) :(
so i set the value to the respective required value and then it worked for me.
just update the value to the correct SQL instance in which you ahve installed SQL for reporting service or the default is MSSQLSERVER.
 
Regards,
yes.Sudhanshu

Monday, June 10, 2013

OrgDBOrgSettings Tool for Microsoft Dynamics CRM 2011

down load "CRM2011-Tools-KB2791312-ENU-amd64.exe" from http://www.microsoft.com/en-us/download/details.aspx?id=37133

Microsoft Dynamics CRM 2011 provides the OrgDBOrgSettings tool which allows administrators the ability to implement specific updates that were previously reserved for registry implementations. This article will discuss the steps to extract the tool and update the settings.

update the config file
 this is most impotant to do the config file. its bit cosfusing... :(
change the red highlighted section(if onpremise) also the port no.
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
    <configSections>
        <sectionGroup name="applicationSettings" type="System.Configuration.ApplicationSettingsGroup, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" >
            <section name="OrgDBOrgSettingsTool.Properties.Settings" type="System.Configuration.ClientSettingsSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
        </sectionGroup>
    </configSections>
    <applicationSettings>
        <OrgDBOrgSettingsTool.Properties.Settings>
            <setting name="OrgDBOrgSettingsTool_CrmService_CrmService" serializeAs="String">
              <!--- Please change CrmServer to your Crm Server Name -->
                <value>http://xrm:5555/MSCrmServices/2007/CrmService.asmx</value>
            </setting>
            <setting name="OrgDBOrgSettingsTool_CrmDiscoveryService_CrmDiscoveryService"
                serializeAs="String">
              <!--- Please change CrmServer to your Crm Server Name -->
                <value>http://xrm:5555/XrmServices/2011/Discovery.svc</value>
            </setting>
            <setting name="OrgDBOrgSettingsTool_SKU" serializeAs="String">
              <!--- Possible values here are Online/Office365/SPLA/OnPrem -->
                <value>OnPrem</value>
            </setting>
            <setting name="OrgDBOrgSettingsTool_UserName" serializeAs="String">
              <!--- Please change the value below to your email Id/User Name for Online / SPLA -->
                <value>administrator</value>
            </setting>
          <setting name="OrgDBOrgSettingsTool_Domain" serializeAs="String">
            <value>mscrm</value>
          </setting>
          <setting name="OrgDBOrgSettingsTool_OrgServiceUri" serializeAs="String">
            <value>http://xrm:5555/{0}/XrmServices/2011/Organization.svc</value>
          </setting>
          <setting name="OrgDBOrgSettingsTool_RegistrationEndPointUri" serializeAs="String">
            <value>https://login.live.com/ppsecure/DeviceAddCredential.srf</value>
          </setting>
            <setting name="OrgDBOrgSettingsTool_Partner" serializeAs="String">
              <!--- This is applicable only for Online -->
                <value>Crm.Dynamics.com</value>
            </setting>
            <setting name="OrgDBOrgSettingsTool_Environment" serializeAs="String">
              <!--- This is applicable only for Online -->
                <value>INT</value>
            </setting>
        </OrgDBOrgSettingsTool.Properties.Settings>
    </applicationSettings>
</configuration>

 
just change the below...
follow the below link to know how it works and details...

http://support.microsoft.com/kb/2691237

regards,
yes.sudhanshu
 

Sunday, June 9, 2013

MS CRM 2011, Outlook client integration error --- The signed-in user does not have the appropriate security permissions to view these records or perform the specific action. Contact your organization's Microsoft Dynamics CRM administrator to review the security permissions for this user.

the error "The signed-in user does not have the appropriate security permissions to view these records or perform the specific action. Contact your organization's Microsoft Dynamics CRM administrator to review the security permissions for this user. " says : the User-level read permissions error ..
Is your Microsoft Dynamics CRM security role missing user-level Read permissions for the User Entity UI Settings privilege? If necessary, work with your system administrator to follow this procedure.
To determine whether your security role has sufficient privileges, follow these steps:
  1. Sign in to your Microsoft Dynamics CRM organization by using Internet Explorer.
  2. Click Settings, click Administration, and then click Users.
  3. Open your user record by double-clicking it.
  4. Under Common, click Security Roles, and then open your assigned security role by double-clicking it.
  5. Click the Core Records tab.
  6. Confirm that the Read permission for User Entity UI Settings is set to the User level (a yellow circle with a wedge-shaped segment).
    Note
    If you have multiple security roles assigned, confirm that at least one assigned role has the User Entity UI Settings privilege set to the User level.
If your security role is missing this permission, ask your system administrator to change this setting.
 
regards,
yes.sudhanshu