When using federated users in a CRM Online, we encountered an error where accessing the CRM worked fine, but accessing the system using the Outlook client (configuring it) or accessing it via the tablet client did not work. It seems that some additional settings were required on the AD FS server.

We we working with a customer who had set up a CRM Online with federated users to their AD via their AD FS. When accessing this via the web client, it all worked well, but when trying to configure CRM for Outlook we just got an error “An error has occured. Please contact the system administrator”. Our customer’s IT manager started a premier support case as I felt this was most probably a AD FS related issue (there were no problems with the non-federated users).

After a couple of screen sharing sessions we got some great help from Pedro R at Microsoft Support and I learned something new which I thought I’d share with you and that is this;

When using federated users in CRM Online and when using IFD CRM with AD FS you have to enable the Outlook and Tablet authentication to pass through the AD FS, otherwise it is blocked.

There is a Technet article on this which can be found here:  https://technet.microsoft.com/en-us/library/hh699726.aspx#BKMK_WS2012R2

I think this is often something that might be overlooked why I thought sharing it with you would be a good idea. Maybe you’ll find it and save yourself some time!

Gustaf Westerlund
MVP, Founder and CTO at CRM-konsulterna AB
www.crmkonsulterna.se