Dynamics 365 App for Outlook Hybrid Deployment Issue
We recently had a Dynamics 365 App for Outlook hybrid deployment issue. In this case we had a hybrid deployment configuration of Dynamics 365 (CRM) on-premises (version 8.2) and Exchange Online, and Internet-Facing Deployment. Our CRM Server was a Windows Server 2012 R2 machine.
We found the Microsoft documentation to be helpful in getting us most of the way there, as far as identifying the prerequisites for the deployment and also this article on frequently-asked questions.
Unable to Connect to your Microsoft Dynamics 365 Server
There are two critical technical steps that needed to be configured for the successful deployment of the Dynamics 365 App for Outlook. In the Dynamics 365 CRM navigation menu, navigate to Settings | Dynamics 365 App for Outlook.
Look for the instructions by clicking on the “show” link next to the the “Setup” section on the page. The instructions, at first, were a bit vague. A screenshot is shown below. (The CRM URL and ClientId has been obscured for privacy.)
As can be seen above, these instructions could use a little more context and clarity. We thought we had followed all the prerequisites but we still got an error in Outlook when trying to open the Dynamics 365 App for Outlook (see screenshot below).
Based on this, we tried to follow the instructions, from the first screenshot above.
Outlook Must be Registered as a Trusted App
On the ADFS server, we ran the following PowerShell command.
Add-AdfsClient -Name “Dynamics 365 App for Outlook” -ClientId c0f8daf5-4f9d-d312-2120-ou81250f3f7a -RedirectUri https://xrm1.yourdomain.com/crmmailapp/code_auth.aspx
(Again, we have replaced digits and characters of the ClientId and RedirectUri for privacy.)
OAuth Must be Configured
The last necessary configuration step was to configure OAuth. This was accomplished by running the following PowerShell command on the CRM server.
get-crmsetting -settingtype oauthclaimssettings
You can see the progress of the PowerShell commands in the screenshot below. At first we can see that OAuth Enabled is False, and we needed to set it to True!
$oauth=get-crmsetting -settingtype oauthclaimssettings
References and Conclusion
We found that these steps were documented in this article on post-installation configuration guidelines. Especially the section on Configure OAuth provider. We already had the PowerShell command for registering the “Dynamics 365 App for Outlook” client.
Note that we did not have to make any changes in IIS, even they this and many other blog articles suggested that changes there would be necessary. We were advised not to make any authentication changes there unless these primary two configuration steps did not do the trick, which happily they did.