When configuring AD FS 2.1 with Microsoft Dynamics CRM 2011, a 404 error may occur when trying to access the mex endpoint. This may occur during any CRM action, however is most prevalent is during the configuration for the Microsoft Dynamics CRM for Outlook client.
1. Microsoft Dynamics CRM 2011 Update Rollup 13 or later has not been applied to the Microsoft Dynamics CRM Server.
2. AD FS 2.1 has a known issue publishing metadata for mex endpoints. After configuring claims based authentication in Microsoft Dynamics CRM 2011, mex endpoints are not reachable.
1. Apply Microsoft Dynamics CRM 2011 Update Rollup 13 or later.
2. In order to support AD FS 2.1, it is necessary to execute the following PowerShell script:
a. Start PowerShell ISE or your text editor of choice
b. Create a file called UpdateMEXEndpoint.ps1
c. Copy the content below to the UpdateMEXEndpoint.ps1 file
d. Run the above script from within PowerShell using the syntax below:
UpdateMEXEndpoint.ps1 –SettingValue “https://<ADFS STSHOST>/adfs/services/trust/mex” Example: If the STS lives on sts.contoso.com > > UpdateMEXEndpoint.ps1 –SettingValue “https://sts.contoso.com/adfs/services/trust/mex”
This will update your CRM deployment to connect to AD FS using the endpoint provided in the Setting Value parameter.
ADFS team has brought out a hot fix that will fix this issue from the ADFS side. The ADFS fix heals the ADFS federation metadata and publishes the missing mex endpoints, thereby resolving the issue at it's root.
2. Restart ADFS server. In the background, the fix would have allowed ADFS to publish \mex endpoint in the ADFS federation metadata.
3. Log on to CRM server.
4. Rerun the “configure claims” and “configure IFD” wizards of CRM. Rerunning this will cause CRM to consume the healed ADFS federation metadata and populate the correct \mex value in the DB table.
5. To be sure,please run the below SQL query against the MSCRM_CONFIG.
select activemexendpoint from federationprovider
Ensure that it shows a URL similar to:
6. Reset IIS on CRM server to destroy rebuild and cached content in IIS that was based on the old DB values.
7. Configure outlook client.