It's CRM 1.2 as far I know he didn't change anything in IIS and I do not get any error messages in regards to this. My feeling tells me that it must be the Service principal names with which he was working on are the reasons for the problem. As I never done any work with it I have no idea where to start looking. So far used setspn -R to reset the host SPN and added with setspn -A the HOST SPN to the user accounts which earlier created an event ID 11 (KDC) on DC's. Not sure where to go from here.
Regards, Katrin Wilhelm (MCSA) CVGT Employment & Training Specialists Australia E-mail: [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Tuesday, 29 November 2005 2:02 PM To: [email protected] Subject: Re: [ActiveDir] authentication problem What are the errors you are getting in the error logs? IIS access logs? CRM 1.2 or 3.0? {I'm assuming 1.2 since 3.0 is just out} CRM uses integrated authentication on that web app if memory serves me right...given that its both your CRM and your intranet what IIS changes did he/she make? I think it's supposed to be set for basic and integrated security enabled, but I know enough about CRM to be dangerous.... there are CRM yahoogroups and newsgroups that I'd head off to if you don't hear from here. Katrin Wilhelm wrote: > > Hello, > > I got a weird problem on a member server (2003) running MS CRM, SQL > and our intranet. > > Every time you are accessing the intranet or the CRM site you get a > pop up window for identification. It then does not accept any user > name and password. Everything worked fine until last week and I am not > sure what has changed. I believe the other admin used adsiedit to > change SPN for 'host as it was registered to several user accounts. I > found a work around that way that I allowed anonyms access and granted > the everyone group read access but do not want to leave it like this. > Does anybody know how I can fix this? I have no idea about SPN and had > a look around but I am stuck an my CRM is not working as the access is > not granted. Any suggestions? > > Thanks for this. > > *Katrin Wilhelm **(MCSA) > *CVGT Employment & Training Specialists > Australia > E-mail:_ [EMAIL PROTECTED] > > _Confidentiality:_ > > The contents contain privileged and/or confidential information > intended for the named recipient of this email. > > CVGT does not warrant that the contents of any electronically > transmitted information will remain confidential. > > If the reader of this email is not the intended recipient you are > hereby notified that any use, reproduction, disclosure or distribution > of the information contained in the email is prohibited. > > If you receive this email in error, please reply to us immediately and > delete the document. > > _Viruses:_ > > It is the recipient/client's duties to virus scan and otherwise test > the information provided before loading onto any computer system. > > No warranty is made that this material is free from computer virus or > any other defect or error. > > Any loss/damage incurred by using this material is not the sender's > responsibility. CVGT's entire liability will be limited to resupplying > the material. > > Please contact us at www.cvgt.com.au <http://www.cvgt.com.au> for > further information regarding this disclaimer. > -- Letting your vendors set your risk analysis these days? http://www.threatcode.com List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ Confidentiality: The contents contain privileged and/or confidential information intended for the named recipient of this email. CVGT does not warrant that the contents of any electronically transmitted information will remain confidential. If the reader of this email is not the intended recipient you are hereby notified that any use, reproduction, disclosure or distribution of the information contained in the email is prohibited. If you receive this email in error, please reply to us immediately and delete the document. Viruses: It is the recipient/client's duties to virus scan and otherwise test the information provided before loading onto any computer system. No warranty is made that this material is free from computer virus or any other defect or error. Any loss/damage incurred by using this material is not the sender's responsibility. CVGTs entire liability will be limited to resupplying the material. Please contact us at www.cvgt.com.au for further information regarding this disclaimer List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
