Argos
Phil's CRM Blog | All posts tagged 'group-policy'

CRM 4 Install and SQL Error 15401

by Phil Adams 4. May 2010 13:09

Last week i have had an issue where during the install of CRM 4, this is a fresh install the setup as follows:

SQL Box - Windows 2008 R2 + SQL2008 SP1
CRM Box - Windows 2008 R2

now both boxes have been freshly prepped and joined to the domain, all with out errors.
for added installation proof both servers had their windows firewalls turned off.

upon the Installation of CRM i encountered this error:

14:41:37|  Error| System.Exception: Action Microsoft.Crm.Setup.Server.GrantConfigDBDatabaseAccessAction failed. ---> System.Data.SqlClient.SqlException: Windows NT user or group 'Domain\SQLAccessGroup {9e798758-54f6-44a6-93a6-51b6faf49928}' not found. Check the name again.

   at Microsoft.Crm.Setup.Database.SharedDatabaseUtility.GrantDBAccess(String sqlServerName, String databaseName, String groupName, CrmDBConnectionType connectionType)

   at Microsoft.Crm.Setup.Server.GrantConfigDBDatabaseAccessAction.Do(IDictionary parameters)

   at Microsoft.Crm.Setup.Common.Action.ExecuteAction(Action action, IDictionary parameters, Boolean undo)

   --- End of inner exception stack trace ---, Error, RetryCancel, Option1

Now its quite obvious at this stage that it is failing to Gannt Access to an account to the MSCRM_CONFIG Database on the SQL server.

so i tried to add the SQLAccessGroup manually in the SQL Management Tools and the Error 15401: Windows NT user or group 'SCDC2003\SQLAccessGroup {9e798758-54f6-44a6-93a6-51b6faf49928}' not found. Check the name again.

now this is strange as i could not add the account manually, So i thought is this just Group Related and tried add a domain user and the same problem reared it's ugly head.

so a call to the Microsoft Support Team and some tests later, after running:

name2sid.zip (13.04 kb)

via the command line:
name2sid.exe domain\anyuser

the real error appeared:
LookupAccountName failed with error: The trust relationship between this workstation and the primary domain failed. (0x6fd/1789)

Now this helps the Microsoft Guys a lot so they asked me run:
netdom resetpwd /server:<DomainControllerName> /userd:<domain\domainadminuser> /passwordd:<password>

This Command Replied with:
The machine account password for the local machine has been successfully reset.

The command completed successfully.

now the next thing to do is to put this new command into action by restarting the netlogon service:
net stop netlogon
net start netlogon

and clear the kerberos Tickets on the sql server:
klist purge

then i tried adding the group manually again and hey presto and shazzam, it was working.

i hope this helps others having similar problems.

Phil

Tags: , , ,

ASP.Net | CRM | CRM Plugin | Group Policy | MSCRM | mscrm4

Submit to DotNetKicks...
Permalink | Comments (1)

Creating A Group Policy Administrative Template For Deploying The CRM Client AutoUpdate Registry Keys

by Phil Adams 21. August 2009 16:26

In my Article CRM v4 Client AutoUpdate Procedure, I talked about deploying the required registry keys:

HKEY_LOCAL_MACHINE\Software\Microsoft\MSCRMClient\AutoUpdateDownloadUrl (for 32bit)
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\MSCRMClient\AutoUpdateDownloadUrl (for 64bit)

This can either be done by tediously going to each PC and manually creating them or executing a .reg Merge file.
But that would not be time constructive, im sure you have more pressing things to do.

SO, im going to show you haw to create a Group Policy Administrative Template so you can deploy the registry entries the next time the pc reboots or refreshes it domain policy., right here goes:

;------------------------------- Start Of FILE --------------------------------------------

CLASS MACHINE
CATEGORY CRM_Client_AutoUpdate
  POLICY Update_Share_32Bit
  EXPLAIN !!ClientHelp
  KEYNAME Software\Microsoft\MSCRMClient
    PART "Set the File Share to :" EDITTEXT REQUIRED
    DEFAULT !!DefaultServer
    VALUENAME "AutoUpdateDownloadUrl"
    END PART
  END POLICY

  POLICY Update_Share_64Bit
  EXPLAIN !!ClientHelp
  KEYNAME SOFTWARE\Wow6432Node\Microsoft\MSCRMClient
    PART "Set the File Share to :" EDITTEXT REQUIRED
    DEFAULT !!DefaultServer
    VALUENAME "AutoUpdateDownloadUrl"
    END PART
  END POLICY
END CATEGORY

[strings]
dummy="dummy"
DefaultServer="http://mscrm/crmpatches/"

;explains
ClientHelp="Set The File Share That The CRM Client For Outlook Checks To See If There Is An Update., NOTE: MAKE SURE YOU FINISH URL WITH '/' E.g. 'http://[servername]/crmpatches/'  By Phil Adams(Cambridge Online)"

;------------------------- End of File -------------------------------------------------

Save the Above to a file called “CRM AutoUpdate.adm”

Then load up GPMC, then create and link the new policy to the OU required.
open the new policy and under User Configuration , right-click Administrative Templates and select Add/Remove Administrative Templates.

find the new ADM file and highlight it, then select Add. It will be copied into the policy in SYSVOL automagically. 
Now we highlight Administrative Templates and select View | Filtering.
Uncheck "Only show policy settings that can be fully managed" (i.e. any custom policy). It will look like this:
img3Now if you navigate to your policy, you get this (see the cool explanation too? No one can say they don’t know what this policy is about!
img4

Tags: , , ,

CRM | MSCRM | mscrm4 | Group Policy

Submit to DotNetKicks...
Permalink | Comments (0)

About Phil

Phil has been working with CRM since the BETA of CRM v1.0 and has seen a lot of the problems arising from installation, maintenance and Development.

Phil specializes in the ISV area of CRM; Creating Add-Ons and Plugins for various clients.

Phil currently works as a Microsoft Dynamics CRM Consultant and Developer for Cambridge Online Systems Ltd In the UK.

Phil also has several Microsoft Certifications in .NET and CRM