IFD/ADFS connection errors in WCF service to CRM 2011

Question

I'm currently trying to figure out why this is failing.

Here is how I'm building the objects to connect the organization webservice in a go between WCF service. The deployment is IFD/ADFS

    string uname = WebConfigurationManager.AppSettings["uname"];
    string password = WebConfigurationManager.AppSettings["password"];
    //string domain = WebConfigurationManager.AppSettings["domain"];

    //Construct connection objects
    Uri _organizationUri = new Uri(WebConfigurationManager.AppSettings["url"]);
    Uri _homeRealmUri = null;
    ClientCredentials _credentials = new ClientCredentials();

    OrganizationServiceProxy _orgProxy; 
    IOrganizationService _service;

    IServiceConfiguration<IOrganizationService> config;

    //Initialize connection objects
    public void init()
    {
        _credentials.Windows.ClientCredential = new System.Net.NetworkCredential(uname, password);

        config = ServiceConfigurationFactory.CreateConfiguration<IOrganizationService>(_organizationUri);

        _orgProxy = new OrganizationServiceProxy(config, _credentials);
        //_orgProxy = new OrganizationServiceProxy(_organizationUri, _homeRealmUri, _credentials, null);
        _service = (IOrganizationService)_orgProxy;

    }

Trying to do retrieve (or any other functionality via _service)

LeadEntity = _service.Retrieve("lead", leadID, new ColumnSet(true));

gets me an error that says "The logon attempt failed!"

Then I did some googling and found someone suggested putting in the domain like this uname@domain. That changes the error to:

SOAP security negotiation with 'https://adfstst.xyxy.com/adfs/services/trust/13/kerberosmixed' for target 'https://adfstst.xyxy.com/adfs/services/trust/13/kerberosmixed' failed. See inner exception for more details

The inner exception says this:

InitializeSecurityContent failed. Ensure the service principal name is correct.

Any advice on how to fix the connection would be appreciated.

Answer 1

Try to use following code:

public void init()
{
    _credentials.Windows.ClientCredential = System.Net.CredentialCache.DefaultNetworkCredentials;
    _credentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;
    _credentials.UserName.UserName = uname;
    _credentials.UserName.Password = password;

    IOrganizationService service = new OrganizationServiceProxy(new Uri(_organizationUri), null, credentials, null);
}