Skip to content
Configure OAuth on the CRM Server

Dynamics 365 App for Outlook Hybrid Deployment Issue

We recently had a Dynamics 365 App for Outlook hybrid deployment issue. In this case we had a hybrid deployment configuration of Dynamics 365 (CRM) on-premises (version 8.2) and Exchange Online, and Internet-Facing Deployment. Our CRM Server was a Windows Server 2012 R2 machine.

Prerequisites

We found the Microsoft documentation to be helpful in getting us most of the way there, as far as identifying the prerequisites for the deployment and also this article on frequently-asked questions.

Unable to Connect to your Microsoft Dynamics 365 Server

There are two critical technical steps that needed to be configured for the successful deployment of the Dynamics 365 App for Outlook. In the Dynamics 365 CRM navigation menu, navigate to Settings | Dynamics 365 App for Outlook.

Look for the instructions by clicking on the “show” link next to the the “Setup” section on the page. The instructions, at first, were a bit vague. A screenshot is shown below. (The CRM URL and ClientId has been obscured for privacy.)Dynamics 365 App for Outlook Hybrid Deployment Issue

As can be seen above, these instructions could use a little more context and clarity. We thought we had followed all the prerequisites but we still got an error in Outlook when trying to open the Dynamics 365 App for Outlook (see screenshot below).

Unable to Connect to Dynamics 365 Server

Based on this, we tried to follow the instructions, from the first screenshot above.

Outlook Must be Registered as a Trusted App

On the ADFS server, we ran the following PowerShell command.

Add-AdfsClient -Name “Dynamics 365 App for Outlook” -ClientId c0f8daf5-4f9d-d312-2120-ou81250f3f7a -RedirectUri https://xrm1.yourdomain.com/crmmailapp/code_auth.aspx

(Again, we have replaced digits and characters of the ClientId and RedirectUri for privacy.) 

OAuth Must be Configured

The last necessary configuration step was to configure OAuth. This was accomplished by running the following PowerShell command on the CRM server. 

add-pssnapin Microsoft.crm.powershell
get-crmsetting -settingtype oauthclaimssettings

You can see the progress of the PowerShell commands in the screenshot below. At first we can see that OAuth Enabled is False, and we needed to set it to True!

$oauth=get-crmsetting -settingtype oauthclaimssettings
$oauth.enabled=1
set-crmsetting $oauth

Configure OAuth on the CRM Server

References and Conclusion

We found that these steps were documented in this article on post-installation configuration guidelines. Especially the section on Configure OAuth provider. We already had the PowerShell command for registering the “Dynamics 365 App for Outlook” client. 

Note that we did not have to make any changes in IIS, even they this and many other blog articles suggested that changes there would be necessary. We were advised not to make any authentication changes there unless these primary two configuration steps did not do the trick, which happily they did.

Related Posts

Drop us a note

Please drop us a note via the form below with your comments or questions on this blog post; or if there is anything we can help you with.