I have multiple CRMs all pointing at the same Service Bus.
When I configure the first CRM I add the Management Key, Certificate File and Issuer Name. Save and Run the tests and everything is fine. I test my integration and it works.
Next I want to connect up the other CRM instances to the same Service Bus. I have tried two things which have failed:
1. Export a small solution containing the Service Bus configuration and deploy into another CRM;
2. Manually create a new Service Bus configuration.
What seems to happen is that if I complete the ACS configuring in CRM Instance 2, it takes over and the original CRM Instance 1 breaks.
If I import the solution into CRM Instance 2, it does not work until I configure ACS.
Looking at ACS it seems to me that it is a contract between "crm4.dynamics.com" and the "Management Service" password. Should that not work across all my CRM instances?
What am I missing here? I have allowed the first CRM to configure ACS - should I be doing something else or is there a setting I have missed.
The error I get from CRM Instance 2 (prior to having to configure ACS again) is this:
---
The token provider was unable to provide a security token. The remote server returned an error: (403) Forbidden. : Error:Code:403:SubCode:T0:Detail:ACS50000: There was an error issuing a token. ACS60000: An error occurred while processing rules for relying party 'http://<NAMESPACE>.servicebus.windows.net/<QUEUE>/' using the service identity or identity provider named 'crm4.dynamics.com'. ACS60001: No output claims were generated during rules processing.:TraceID:0ae10433-3f2d-4d74-9f77-369f741bff7c:TimeStamp:2016-05-31 08:46:44Z
Details:
Plugin Trace:
[Microsoft.Crm.ServiceBus: Microsoft.Crm.ServiceBus.ServiceBusCheckPlugin]
[eeb706f2-b05f-4d8a-a71b-4ef680f22c5a: Verify Service Endpoint Authentication]
Error Message:
Unhandled Exception: System.ServiceModel.FaultException`1[[Microsoft.Xrm.Sdk.OrganizationServiceFault, Microsoft.Xrm.Sdk, Version=7.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]]: The token provider was unable to provide a security token. The
remote server returned an error: (403) Forbidden. : Error:Code:403:SubCode:T0:Detail:ACS50000: There was an error issuing a token. ACS60000: An error occurred while processing rules for relying party 'http://<NAMESPACE>.servicebus.windows.net/<QUEUE>/'
using the service identity or identity provider named 'crm4.dynamics.com'. ACS60001: No output claims were generated during rules processing.:TraceID:0ae10433-3f2d-4d74-9f77-369f741bff7c:TimeStamp:2016-05-31 08:46:44ZDetail:
<OrganizationServiceFault xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.microsoft.com/xrm/2011/Contracts">
<ErrorCode>-2147204744</ErrorCode>
<ErrorDetails xmlns:d2p1="http://schemas.datacontract.org/2004/07/System.Collections.Generic" />
<Message>The token provider was unable to provide a security token. The remote server returned an error: (403) Forbidden. : Error:Code:403:SubCode:T0:Detail:ACS50000: There was an error issuing a token. ACS60000: An error occurred while processing
rules for relying party 'http://<NAMESPACE>.servicebus.windows.net/<QUEUE>/' using the service identity or identity provider named 'crm4.dynamics.com'. ACS60001: No output claims were generated during rules processing.:TraceID:0ae10433-3f2d-4d74-9f77-369f741bff7c:TimeStamp:2016-05-31
08:46:44Z</Message>
<Timestamp>2016-05-31T08:46:44.7417459Z</Timestamp>
<InnerFault>
<ErrorCode>-2147220970</ErrorCode>
<ErrorDetails xmlns:d3p1="http://schemas.datacontract.org/2004/07/System.Collections.Generic" />
<Message>The remote server returned an error: (403) Forbidden.</Message>
<Timestamp>2016-05-31T08:46:44.7417459Z</Timestamp>
<InnerFault i:nil="true" />
<TraceText i:nil="true" />
</InnerFault>
<TraceText>[Microsoft.Crm.ServiceBus: Microsoft.Crm.ServiceBus.ServiceBusCheckPlugin]
[eeb706f2-b05f-4d8a-a71b-4ef680f22c5a: Verify Service Endpoint Authentication]
</TraceText>
</OrganizationServiceFault>
at Microsoft.Crm.ServiceBus.RouterService.ExecuteInternal(RemoteExecutionContext context, ServiceBusEndpointInformation endpointInfo)
at Microsoft.Crm.ServiceBus.ServiceBusService.Dispatch(ServiceBusEndpointInformation endpointInfo, IExecutionContext context)
at Microsoft.Crm.ServiceBus.ServiceBusService.PostInternal(String assemblyName, EntityReference serviceEndpoint, Boolean validateOnly, IExecutionContext context)
at Microsoft.Crm.ServiceBus.ServiceBusCheckPlugin.Execute(IServiceProvider serviceProvider)
at Microsoft.Crm.Asynchronous.V5ProxyPlugin.Execute(IServiceProvider serviceProvider)
at Microsoft.Crm.Asynchronous.EventOperation.InvokePlugin(AsyncExecutionContext context, IPlugin pluginInstance)