Issue:
When running the Claims Authentication Wizard in the Dynamics CRM Deployment Manager to configuring Claims Based Authentication and you select a certificate that has a name longer than 128 characters Deployment Manager crashes.
The error in the Platform trace is:
Crm Exception: Message: Exceeded column length: Column Name, ErrorCode: -2147220970
[2010-11-04 20:17:36.256] Process: mmc |Organization:00000000-0000-0000-0000-000000000000 |Thread: 3(SnapIn/Main-thread.) |Category: Platform.Sql |User: 00000000-0000-0000-0000-000000000000 |Level: Error | CrmCertificateService.Create
Exception creating Certificate, Name=(CN long_certificate_name :Exceeded column length: Column Name)
Cause:
There is a limit of 128 characters that a certificate name can have if it is the certificate being selected during the Claims Authentication Wizard.
Solution:
Select a certificate that has a name less than 128 characters.
Source: http://support.microsoft.com/kb/2496441
But it is hard to get an certificate less 128 characters from your third party provider.
So it would be the best way to create your own self signed certificate for token signing.
In this case you can specify the length by yourself, makes it much easier.
Use your wildcard certificate for CRM IIS Server and also for ADFS 2.0 You only need to use the self signed certificate when you have to add the certificate during the claims wizard...
Have also seen that in the internet (temp. solves the issue but it is strong unsupported and
you can get a real issue when you install the next updaterollup, when the setup wizard aspects an
database field with 128 characters it will bring an exception and the installation will fail:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Please note that this is an unsupported change and there could be unintended consequences including causing future Rollups to fail, having future Rollups or hotfixes overwrite (reverse) this change, and causing some unrelated functionality to fail.
You would need to run this in the MSCRM_CONFIG database:
ALTER TABLE Certificates ALTER COLUMN Name NVARCHAR(256);
UPDATE
MSCRM_CONFIG.dbo.ConfigurationMetadata
SET
ConfigurationMetadataXml =
REPLACE(
CAST(ConfigurationMetadataXml AS NVARCHAR(MAX)),
'Name of the Certificatenvarchar128',
'Name of the Certificatenvarchar256'
);
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Just talked to an partner of us. This issue will be fixed with Update Rollup 4 for CRM 2011.
======================================================================================
This is content from http://www.dynamics-crm-2011.de | Dieser Beitrag ist von http://www.dynamics-crm-2011.de/dynamicscrm2011-anwender/crm2011-integratoren/crm-deployment/adfs-and-crm-2011-troubleshooting
Themen rund um CRM 2011 onpremise, Dynamics CRM 2011 Online, Dynamics CRM 2011 mit IFD und Claims.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++