How to remove Windows Live Ability on the Accelerator

Jun 22, 2010 at 11:51 AM

Hello,

I have istalled the accelerator on my crm, the I deployed the portal locally.
The matter is I dont need to deployed on CRM Live, rather I need to deploy it on my server, so that the solution could be bouldled together independently from Windows Live.

Could any one please help me on wich files to modify.

 

Thanks a lot.

 

Moez

Jun 22, 2010 at 3:55 PM

The accelerator will work as-is on all CRM deployments without any modifications.  The website can be hosted on-prem, with a partner, or in the cloud with Windows Azure.  The authentication mechanism on the site is completely independent of the deployment model.  You can run with Windows Live ID for web authentication even on-premise.  That said, you also have a choice - the new xRM portal framework gives you the ability to use any membership provider with the site, and you are free to swap in your own provider.

I have published a blog article on how to modify the accelerator to run without any internet dependency.  The scenario that I had in my mind is all the partners that are using the demo VPC and want to install the new portals in their demo environment, but do not have internet access from their VPC.  If you want to swap out the membership provider to use another authentication mechanism, you can use the same technique that is outlined in the article:  http://www.shanmcarthur.net/crm/developers-corner/customer-portal-modifications-for-demo-vpc-without-internet-connectivity.  Another authentication mechanism you can also consider is the CRM membership provider in the commercial version of these portals that is offered by adxstudio (www.adxstudio.com) - it allows you to use contact records for user authentication while maintaining the same security level as the .Net SQL membership provider. 

Now that said, I would HIGHLY recommend that for external customer-facing websites, that you seriously consider using Live ID.  The use of Live ID means that your customers don't need to manage yet another set of credentials (so they are happier), but it also means that you will never have to worry about password resets, forgotten passwords, etc., saving you money and effort in the process.  It also puts you closer to supporting federation, which is going to be important in the next couple of years.  For demo environments, I would agree that Live ID is more of a pain, but for production environments, I highly recommend using Live ID.

Shan McArthur
www.shanmcarthur.net

Jun 23, 2010 at 9:28 AM

Thanks this is quite helpful for me :).

Moez

Jun 23, 2010 at 11:50 AM

Hi,

First of all thank you all for your advice I have been reading in setting up the portal!

I've followed the steps in removing LiveID, however I type the Username and Password and it doesn't recognise the password. I know there could be all manner of reasons why this is occuring. Where should I start?

I added the contact in CRM etc...

Jun 23, 2010 at 3:56 PM

Did you add your username to the username field on the contact record?  I also experienced the same problem while setting it up and it ended up being my ldap connection string in the config.

Shan

Jul 6, 2010 at 8:06 PM
Hi shan, I followed your article and created a contact record with the username and password along with assigning the customer portal role, but I'm getting the login configuration error below when I login with the username and password I created in CRM contact record: Server Error in '/' Application. -------------------------------------------------------------------------------- Configuration Error Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately. Parser Error Message: An operations error occurred. Source Error: Line 53: <membership defaultProvider="CrmMembershipProvider"> Line 54: <providers> Line 55: <add name="CrmMembershipProvider" type="System.Web.Security.ActiveDirectoryMembershipProvider" connectionStringName="ADConnectionString" attributeMapUsername="sAMAccountName"/> Line 56: </providers> Line 57: </membership> Source File: C:\Customer Portal\Website\web.config Line: 55 -------------------------------------------------------------------------------- Version Information: Microsoft .NET Framework Version:2.0.50727.4927; ASP.NET Version:2.0.50727.4927 My LDAP configuration: <add name="ADConnectionString" connectionString="LDAP://idsdemo.com/CN=Users,DC=idsdemo,DC=com" /> Am I not configuring correctly? Thanks.
Jul 6, 2010 at 9:49 PM
My article covered how to convert the Live ID membership provider to Active Directory membership provider. Both use a contact record. Your response mentioned putting the password in the contact record, but that is not how the Active Directory membership provider works. For the AD provider, you need to have a valid domain account, but you place the username in the contact record and turn on the allow authentication checkbox. The other fields in the web authentication tab are then no longer used with the AD provider. Shan
Jul 6, 2010 at 10:08 PM

With or without the password on the contact record still doesn't work for me.  In the contact record, I'm using the "administrator" as the Username and Logon Enabled is checked. I'm still getting the error below after following your article.

 

Line 53: 		<membership defaultProvider="CrmMembershipProvider">
Line 54: 			<providers>
Line 55:         <add name="CrmMembershipProvider" type="System.Web.Security.ActiveDirectoryMembershipProvider" connectionStringName="ADConnectionString" attributeMapUsername="sAMAccountName"/>
Line 56:       </providers>
Line 57: 		</membership>

My connectionStings:

<

add name="ADConnectionString" connectionString="LDAP://DC.IDSDEMO.COM/CN=Users,DC=idsdemo,DC=com"

I guess something is wrong with the connectionStrings. Do I need to specify Type AD connectionString even though we're using LDAP? The CrmMemberShipProvider references ADConnectionString, but it doesn't contains which AD account to authenticate to.

/>

Membership:

<font size="2" color="#0000ff">

<

</font>

membership defaultProvider="CrmMembershipProvider"

><font size="2" color="#0000ff">

<

</font>

providers

><font size="2" color="#0000ff">

<

</font>

add name="CrmMembershipProvider" type="System.Web.Security.ActiveDirectoryMembershipProvider" connectionStringName="ADConnectionString" attributeMapUsername="sAMAccountName"

/><font size="2" color="#0000ff">

</

</font>

providers

><font size="2" color="#0000ff">

</

</font>

 

 

membership

>

Jul 6, 2010 at 10:55 PM

Actually using the AD account to log into the customer portal is not what I'm looking for. I'm wondering if there is post out there where I can use LiveID with IIS server instead of Windows Azure on cloud. Please let me know if there is a way we could config this so that Customer can use their LiveID to login while hosting in the Company Windows Server IIS. Thanks.

Jul 7, 2010 at 12:34 AM

homewire:  The portal accelerator will work out-of-box with Live ID.  Your choice of hosting options (IIS or Azure) is not dependent at all on the authentication provider that the website uses.  I use Live ID in my demo environment that is hosted on IIS.

Shan