Tuesday, March 19, 2013

Dynamics CRM: Authentication is Required - Timing Out and Prompting for Credentials

If you are running Dynamics CRM 4.0 and 2011 with claims based authentication, by default you get a prompt saying "Authentication is Required" after 20 minutes. If you want to extend this timeout, you need to make some changes to the relying party trust in Active Directory Federation Services (ADFS).

  1. Log into your ADFS server and open the The Active Directory Federation Services (ADFS) Microsoft Management Console (MMC) and determine the name of the relying party trust that CRM is using.
  2. Open a Powershell prompt with elevated privileges ( right-click and run as administrator ).
  3. Add the ADFS snap-in for powershell by running: Add-PSSnapin Microsoft.Adfs.PowerShell
  4. Run the following command from your powershell prompt. Change "relying_party" with the name you found in step 1, and you can replace 480 with the number of minutes that you want the timeout to be Set-ADFSRelyingPartyTrust -Targetname "relying_party" -TokenLifetime 480