Hello,
I am trying to set up server-based integration between Dynamics CRM 2016 and SharePoint 2016, both on-premise.
I was able to run through these steps without any problems:
https://technet.microsoft.com/en-us/library/dn949332.aspx
I'm using a certificate issued by an internal CA.
When it comes to enabling the integration from the CRM I see the following error:
Dynamics CRM trace shows:
[2016-12-19 11:24:23.694] Process: w3wp |Organization:47436906-957a-e611-80c2-00155d076001 |Thread: 41 |Category: ObjectModel |User: 2d013dd3-1aa3-4f38-9b75-f8df52a614b8 |Level: Error |ReqId: 00000000-0000-0000-0000-000000000000 | SharePointProxyBase.TrySharePointCallWithoutClaims ilOffset = 0x27 at SharePointProxyBase.TrySharePointCallWithoutClaims(String site) ilOffset = 0x27 at SharePointProxyBase.ValidateSharePointSite(String[] siteUrls, String& validationLog) ilOffset = 0x137 at SharePointProxyService.ValidateSharePointSite(String[] siteUrls, ExecutionContext context, String& validationLog) ilOffset = 0xF4 at RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor) ilOffset = 0xFFFFFFFF at RuntimeMethodInfo.UnsafeInvokeInternal(Object obj, Object[] parameters, Object[] arguments) ilOffset = 0x25 at RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) ilOffset = 0xCF at LogicalMethodInfo.Invoke(Object target, Object[] values) ilOffset = 0x4F at InternalOperationPlugin.Execute(IServiceProvider serviceProvider) ilOffset = 0x57 at V5PluginProxyStep.ExecuteInternal(PipelineExecutionContext context) ilOffset = 0x265 at VersionedPluginProxyStepBase.Execute(PipelineExecutionContext context) ilOffset = 0x65 at PipelineInstrumentationHelper.Execute(Boolean instrumentationEnabled, String stopwatchName, ExecuteWithInstrumentation action) ilOffset = 0x2D at Pipeline.Execute(PipelineExecutionContext context) ilOffset = 0xD8 at <>c__DisplayClass1.<RunStage>b__0() ilOffset = 0x0 at PipelineInstrumentationHelper.Execute(Boolean instrumentationEnabled, String stopwatchName, ExecuteWithInstrumentation action) ilOffset = 0x2D at MessageProcessor.RunStage(PipelineExecutionContext context, Int32 pipelineStage) ilOffset = 0x39 at MessageProcessor.Execute(PipelineExecutionContext context) ilOffset = 0x1EB at InternalMessageDispatcher.Execute(PipelineExecutionContext context) ilOffset = 0xE4 at ExternalMessageDispatcher.ExecuteInternal(IInProcessOrganizationServiceFactory serviceFactory, IPlatformMessageDispatcherFactory dispatcherFactory, String messageName, String requestName, Int32 primaryObjectTypeCode, Int32 secondaryObjectTypeCode, ParameterCollection fields, CorrelationToken correlationToken, CallerOriginToken originToken, UserAuth userAuth, Guid callerId, Guid callerRegardingObjectId, UserType userType, Guid transactionContextId, Int32 invocationSource, Nullable`1 requestId, Version endpointVersion) ilOffset = 0x22D at OrganizationSdkServiceInternal.ExecuteRequestRequestWithInstrumentation(OrganizationRequest request, CorrelationToken correlationToken, CallerOriginToken callerOriginToken, WebServiceType serviceType, UserAuth userAuth, Guid targetUserId, OrganizationContext context, Boolean returnResponse, Boolean checkAdminMode, Object operation, UserType targetUserType) ilOffset = 0x28B at OrganizationSdkServiceInternal.ExecuteRequest(OrganizationRequest request, CorrelationToken correlationToken, CallerOriginToken callerOriginToken, WebServiceType serviceType, UserAuth userAuth, Guid targetUserId, Guid targetCallerRegardingObjectId, UserType targetUserType, OrganizationContext context, Boolean returnResponse, Boolean checkAdminMode) ilOffset = 0x37 at OrganizationSdkServiceInternal.ExecuteRequest(OrganizationRequest request, CorrelationToken correlationToken, CallerOriginToken callerOriginToken, WebServiceType serviceType, Boolean checkAdminMode, ExecutionContext executionContext) ilOffset = 0x58 at OrganizationSdkServiceInternal.Execute(OrganizationRequest request, CorrelationToken correlationToken, CallerOriginToken callerOriginToken, WebServiceType serviceType, Boolean checkAdminMode, ExecutionContext executionContext) ilOffset = 0x28 at InprocessServiceProxy.ExecuteCore(OrganizationRequest request) ilOffset = 0x34 at SandboxSdkListener.ExecuteInternal(SandboxCallInfo callInfo, SandboxSdkContext requestContext, String operation, Byte[] serializedRequest, IExecutionContext context, String& primaryEntityName) ilOffset = 0xDA at SandboxSdkListener.Execute(SandboxCallInfo callInfo, SandboxSdkContext requestContext, String operation, Byte[] serializedRequest) ilOffset = 0xC3 at ilOffset = 0xFFFFFFFF at SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]& outputs) ilOffset = 0x241 at DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc) ilOffset = 0x100 at ImmutableDispatchRuntime.ProcessMessage5(MessageRpc& rpc) ilOffset = 0x48 at MessageRpc.Process(Boolean isOperationContextSet) ilOffset = 0x62 at Wrapper.Resume(Boolean& alreadyResumedNoLock) ilOffset = 0x1B at ThreadBehavior.ResumeProcessing(IResumeMessageRpc resume) ilOffset = 0x8 at ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) ilOffset = 0x70 at ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) ilOffset = 0x4 at QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() ilOffset = 0x0 at ThreadPoolWorkQueue.Dispatch() ilOffset = 0xA3>Exception occured while accessing SharePoint: Unhandled Exception: System.Net.WebException: The remote server returned an error: (401) Unauthorized. Server stack trace: at System.Net.HttpWebRequest.GetResponse() at Microsoft.SharePoint.Client.SPWebRequestExecutor.Execute() at Microsoft.SharePoint.Client.ClientContext.GetFormDigestInfoPrivate() at Microsoft.SharePoint.Client.ClientContext.EnsureFormDigest() at Microsoft.SharePoint.Client.ClientContext.ExecuteQuery() at Microsoft.Crm.ObjectModel.SharePointProxyBase.SharePointExecuteQueryMethod(CSOMCallInformation& callInformation, CSOMCallType callType, ClientContext clientContext) at System.Runtime.Remoting.Messaging.StackBuilderSink._PrivateProcessMessage(IntPtr md, Object[] args, Object server, Object[]& outArgs) at System.Runtime.Remoting.Messaging.StackBuilderSink.AsyncProcessMessage(IMessage msg, IMessageSink replySink) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.EndInvokeHelper(Message reqMsg, Boolean bProxyCase) at System.Runtime.Remoting.Proxies.RemotingProxy.Invoke(Object NotUsed, MessageData& msgData) at Microsoft.Crm.ObjectModel.SharePointProxyBase.Async.EndInvoke(CSOMCallInformation& callInformation, IAsyncResult result) at Microsoft.Crm.ObjectModel.SharePointProxyBase.SharePointAsyncExecute(CSOMCallType callType) at Microsoft.Crm.ObjectModel.SharePointProxyBase.TrySharePointCallWithoutClaims(String site)
SharePoint 2016 ULS log shows:
SPApplicationAuthenticationModule: Invalid token or signature. Exception: System.IdentityModel.Tokens.SecurityTokenException: Invalid JWT token. Could not resolve issuer token.
at Microsoft.IdentityModel.S2S.Tokens.JsonWebSecurityTokenHandler.ReadTokenCore(String token, Boolean isActorToken)
at Microsoft.IdentityModel.S2S.Tokens.JsonWebSecurityTokenHandler.ReadActor(IDictionary`2 payload)
at Microsoft.IdentityModel.S2S.Tokens.JsonWebSecurityTokenHandler.ReadTokenCore(String token, Boolean isActorToken)
at Microsoft.SharePoint.IdentityModel.SPApplicationAuthenticationModule.TryExtractAndValidateToken(HttpContext httpContext, SPIncomingTokenContext& tokenContext)
I've verified the Trusted Security Token Issuer:
IsSelfIssuer : True
NameId : 00000007-0000-0000-c000-000000000000@47436906-9
57a-e611-80c2-00155d076001
RegisteredIssuerName : 00000007-0000-0000-c000-000000000000@47436906-9
57a-e611-80c2-00155d076001
AuthorizationEndPointUri :
EndSessionEndPointUri :
DefaultClientIdentifier :
ScopedClientIdentifier : {}
IdentityClaimTypeInformation : Microsoft.SharePoint.Administration.Claims.SPTr
ustedClaimTypeInformation
Description :
SigningCertificate : [Subject]
CN=XXXXXXXXXXXXXX, OU=XX, O=XXX, L=XXXXXX,
S=XXXXXX, C=XX
[Issuer]
CN=XXXXXXXXXXX, DC=XXX, DC=local
[Serial Number]
000000F2B9CF8C79DE56EB6F12000100000000
[Not Before]
16/12/2016 12:00:49
[Not After]
16/12/2018 12:00:49
[Thumbprint]
00001145E009DFCCCB5AF9856B00478873100000
AdditionalSigningCertificates : {}
MetadataEndPoint : xxxxxxxxxx/.../metadataen
dpoint.svc/json?orgName=XXXXXXXXXXX
IsAutomaticallyUpdated : True
Name : crm
TypeName : Microsoft.SharePoint.Administration.Claims.SPTr
ustedSecurityTokenService
DisplayName : crm
Id : 6b59addd-0cbd-4bc0-a240-8709c7f0da2f
Status : Online
Parent : SPSecurityTokenServiceManager
Name=SecurityTokenServiceManager
Version : 67798
DeploymentLocked : False
Properties : {}
Farm : SPFarm Name=SharePoint_Config
UpgradedPersistedProperties : {}
Not sure what could be causing the problem, any ideas would be appreciated!