Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

Microsoft Dynamics CRM for Phone and Tablets cannot connect to Dynamics CRM organization due to length of TokenLifetime


View products that this article applies to.

Symptoms

When trying to setup a Microsoft Dynamics CRM organization in any of the Dynamics CRM mobile client applications, authentication enters a never ending loop in which the application seems to be trying to perform some authenticate, but does not complete.

↑ Back to the top


Cause

Larger than default values for the TokenLifetime property in AD FS for the Relying Party can cause this authentication loop.

↑ Back to the top


Resolution

The recommended value of the TokenLifetime should be set to the default value of 0, which means 600 minutes or 10 hours. Using the SSOLifetime option in the federation service instead can prevent the users from having to introduce their credentials too often in these Dynamics CRM mobile applications. The default value of SSOLifetime is 480 minutes or 8 hours.

↑ Back to the top


More Information

How to change the SSO Lifetime Property of the ADFS: https://technet.microsoft.com/en-us/library/ee892317.aspx

How to change the TokenLifetime property of the ADFS Relying party thru powershell: https://technet.microsoft.com/en-us/library/gg188586(v=crm.6).aspx

↑ Back to the top


Keywords: kbmbspartner, kbmbsmigrate, kbsurveynew, kb

↑ Back to the top

Article Info
Article ID : 3034570
Revision : 1
Created on : 1/7/2017
Published on : 4/6/2015
Exists online : False
Views : 281