Export (0) Print
Expand All

Register the AD FS server as a service principal name (SPN)

Dynamics CRM 2013

Applies To: Microsoft Dynamics CRM 2011, Microsoft Dynamics CRM 2013

A service principal name, also known as an SPN, is a name that uniquely identifies an instance of a service. Ensuring that the correct SPNs are set becomes important when applications such as Microsoft Dynamics CRM, Microsoft SQL Server Reporting Services, and Microsoft SQL Server are split onto multiple servers. When these applications are split across servers, the users' credentials must be passed from one server to another. This process, known as Kerberos delegation, allows a service to impersonate your credentials to another server.

For more information on SPNs, see: Configuring service principal names (SPNs)

  1. Rerun the Configure Claims-Based Authentication Wizard and advance to the Specify the security token service page. Note the AD FS server in the Federation metadata URL (for example, sts1.contoso.com).

  2. Open a command prompt.

  3. Type the following commands: (replace your data in the example command below)

    • c:\>setspn -s http/sts1.contoso.com contoso\crmserver$

      ImportantImportant
      If you’ve deployed AD FS on a second server, replace crmserver$ with adfsserver$ in the above sample command. Adfsserver is the name of the server running AD FS.

    • c:\>iisreset

See Also

Send comments about this article to Microsoft.
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft