CRM on-premise to Sharepoint online integration–Common obstacles faced and their work-around.

Before I start writing the details, first let me tell you why this blog. After all this is so nicely explained in the following link – https://technet.microsoft.com/en-us/library/mt171421.aspx

Well, the above link contains all the steps you need to set-up server-server integration between Dynamics On-Prem and Sharepoint online. But still from my personal experience I find that customers find it great difficult to set this up. This is mainly because they get some error while executing a step or because some pre-requisites are not there and they are not mentioned in the technet link as well.

The main intention of this post is to rectify all those errors, identify all the dependencies and work your way to glory.

So let’s identify the dependencies first.

Dependency 1 : Dynamics should be ADFS configured and accessible over the internet.

I am not going over the topic again on how to do it. Greatly explained here – https://technet.microsoft.com/en-us/library/dn609803.aspx and in so many other blogs.

 

Dependency 2: Microsoft Dynamics 365 Hybrid Connector should be configured.

Believe me, from my personal experience I find many clueless about this. Well you no longer need to. You just need to verify here if Dynamics 365 Hybrid connector subscription is available and commissioned.

To do this:

  • Login to https://portal.office.com using the Office 365 admin credentials for your SP online tenant.
  • Open the Office 365 admin screen
  • Go to Billing –> Purchase Services

image

  • Expand the section Dynamics 365 Suite. Usually its expanded. If not expand it.

image

image

    • Below is the screen you get. As of now its free but the way it shows up I believe it will be chargeable some time soon Smile

image

    • Enter you credit card number and then click on Place Order. Don’t worry, you won’t be charged for this. You are all set and done.

 

Dependency 3: Connect to Microsoft Online through PowerShell.

Now this can become tricky. The technet documentation says – You need to have Azure Active Directory powershell modules. And the link redirects you to a page where it asks you to install the module using Powershell command prompt – Install-Module MsOnline

The moment you do this step, you get an error like the one below.

install-module : The term ‘install-module’ is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path
is correct and try again.
At line:1 char:1
+ install-module MSOnline +
+ CategoryInfo          : ObjectNotFound: (install-modele:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

 

Well to successfully accomplish this, you need to complete both the required steps.

  1. Microsoft Online Services Sign-In Assistant for IT Professionals Beta – select the appropriate download. It may ask you to restart the machine for the changes to take effect. Please do the same.
  2. Now also if you run the install-module command, it would fail. The reason is install-module command is available from Powershell v5.0 and above. So you need to update your powershell as well. To do this, download the necessary installer depending on your server/ 64 or 32 bit machine, from the below Url.

https://www.microsoft.com/en-us/download/details.aspx?id=54616

Again machine restart is required.

Now open powershell as administrator and then try to install the module MSOnline. It will now download the same from Nuget.

 

Requirement 4: X.509 Digital certificate

Well this is the simplest but again it can give you some errors which would be difficult to find out. The first question is – which certificate do I need to use.

Well, the easiest answer is, you can use – “An x509 digital certificate issued by a trusted certificate authority that will be used to authenticate between Dynamics 365 (on-premises) and SharePoint Online. If you are evaluating server-based authentication, you can use a self-signed certificate.”

So we can basically re-use your CRM certificate or ADFS certificate. All you should take care is while exporting the certificate, it should be exported along the private key.

image

 

* Export all extended properties should be checked.

image

 

You will be asked to provide a password. Keep this password as you will need this later.

image

 

Once the file is exported, import it in the personal store of the machine where deployment manager is installed.

The technet article asks you to execute the below command.

$CertificateScriptWithCommand = “.\CertificateReconfiguration.ps1 -certificateFile c:\Personalcertfile.pfx -password personal_certfile_password -updateCrm -certificateType S2STokenIssuer -serviceAccount contoso\CRMAsyncService -storeFindType FindBySubjectDistinguishedName”

The service account is important here in the above statement. Whatever service name you provide here, that should have access to the private key of the certificate. To do that, you need to provide permission to the private key from the certificate console.
image
Click on Manage Private Keys and give the service account user full permission on the certificate.
After completing all the above steps, while connecting to your CRM, you may receive the 401 - Un-authorized error in Powershell. For this follow the below steps.

Open registry editor

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa

    1. Right-click Lsa, point to New, and then click DWORD Value.
    2. Type DisableLoopbackCheck, and then press ENTER.
    3. Right-click DisableLoopbackCheck, and then click Modify.
    4. In the Value data box, type 1, and then click OK.

Re-open powershell. It should work.

The commands I am not repeating from the technet article since they work just fine.
Hope this helps!


Debajit Dutta

(Dynamics MVP)

For training/ consulting/ utilities – please visit our website – www.xrmforyou.com or write to us at info@xrmforyou.com

 


		
Advertisements

Author: Debajit

I am a Dynamics CRM Most Valuable Professional (MVP) with 10 years of experience in Microsoft .NET Technologies and 7 years of dedicated experience in Microsoft Dynamics CRM. I have worked with companies like Microsoft, SanDisk, PwC, TMF Group and have extensive experience of implementing complex CRM solutions from both offshore and client side. Currently the face of XrmForYou.com with significant experience in delivering corporate training on Dynamics CRM and have already delivered multiple projects to client through XrmForYou.com Author of multiple tools on codeplex including the 'Role Based Views' and 'CRM-Sharepoint Metadata manager & Attachment Extractor' which are available for commercial use under XrmForYou.com For consulting/ training, drop me a note at info@xrmforyou.com or visit our website www.xrmforyou.com

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s