crm Dynamics exchange exchange online Exchange Server router

CRM Router and Dynamics CRM V9 Online–No Emails Being Processed

This one is an interesting one – and it was only resolved by a call to Microsoft Support, who do not document that this setting is required.

The scenario is that you upgrade your CRM Router to v9 (as this is required before you upgrade Dynamics to V9) and you enable TLS 1.2 on the router server as well (also documented as required as part of the upgrade).

Dynamics is updated and all your email that is processed using the Router stops. Everything was working before and now it is not!

The fix is simple though – and complex as well. The simple thing is that it is a a single check box you need to set. The complex thing is that as this is a GDPR setting, each user needs to do it themselves and it cannot be enabled in bulk!

The option each user needs to allow is “Allow other Microsoft Dynamics 365 users to send email on your behalf” and that this was checked. This option is located in CRM > Options > Email > Select whether other users can send email for you


Once each user does this, the router will start to process emails for this user again.

2010 2013 Chrome crm Dynamics exchange exchange online Group Policy IAmMEC Office 365 owa

Group Policy Import To Fix Google Chrome v37 Issues With Exchange Server and Microsoft CRM

A recent update to Google Chrome (37.0.2062.120) removed the ability to support modal dialog boxes. This are dialogs that require your attention and stop you going back to the previous page until you have completed the info required – these are very useful in workflow type scenarios.

Google claim that as 0.004% of web sites use them (from Google anonymous statistics gathering that you can opt into in Chrome) they are justified in removing support for them – but they have not removed other things that have the same level of support!

With this version of Chrome (or the Chromium open source browser) there is a work around until April 30th 2015 that will allow modal dialogs to work again. Without this work around clicking links in OWA and ECP in Exchange 2010 and OWA and EAC in Exchange Online and Exchange 2013 will not popup. This can cause issues such as the inability to attach files in OWA and to create objects in ECP/EAC for the administrator. Popups in Microsoft CRM also do not work.

As a work around you could use a different browser, but if Chrome works for you (or does not in this case) and you are joined to a domain then you can download the following GPO export file and import it into your Active Directory to enable modal dialogs to work again in Exchange Server, Office 365 and Microsoft CRM products.

To download and import this GPO file to enable Chrome modal dialog box functionality to resume (until 30th April 2015, when Google stop allowing the work around) follow these steps:

  1. Download Google Chrome Show Modal Dialog Before 30 April
  2. Copy to a domain controller and expand the zip file. Ensure the contents of the zip file are not placed directly on your desktop as you cannot import from the desktop directly, so if you expand the zip to the desktop then copy the one folder that was created into a new subfolder.
  3. Start Group Policy Management MMC admin tool.
  4. Expand Forest > Domain > Your Domain > Group Policy Objects.
  5. Right click “Group Policy Objects” and choose New
  6. Create a new GPO called “Chrome and Chromium Modal Dialog Box Allow”:
  7. Right click “Chrome and Chromium Modal Dialog Box Allow” GPO that you just made and choose Import Settings
  8. Proceed through the import wizard. You do not need to backup this new GPO on the second page of the dialog as the new GPO is empty.
  9. On the third page of the wizard browse to the parent folder containing the contents of the download above:
  10. Click Next and you should see one backed up GPO listed:
  11. Click Next to import this. If you click View Settings first a web page will open showing you that this GPO sets two registry keys for the computer and two registry keys for the user. These set SOFTWARE\Policies\Chromium\EnableDeprecatedWebPlatformFeatures and Software\Policies\Google\Chrome\EnableDeprecatedWebPlatformFeatures (for both Chromium and Chrome browsers) with a reg key (type string) 1:ShowModalDialog_EffectiveUntil20150430
  12. Proceed with Next and then Finish and the import will begin:
  13. Click OK.
  14. Now link the GPO object to the root of your domain so it impacts all users and to the root of any OU that blocks inheritance. Import to other domains as above or link from this domain depending upon your current policy for managing GPO cross domains.
  15. Delete the zip and folder you downloaded. They are not needed any more.
2007 2010 2013 crm exchange

CRM Router and Exchange 2010

To configure the CRM Email Router with Exchange 2010 you need to do the following. Not all of these points are clearly documented on the internet.

  1. Create a mailbox (
  2. Set password never to expire
  3. Ensure that the mailbox is not hidden from the address list
  4. Login to above mailbox
  5. Enable impersonation with the following Exchange Management Shell commandNew-ManagementRoleAssignment –Name: “ApplicationImpersonation-CRM Router” -User: “” –Role:”ApplicationImpersonation”
  6. [Optional] See for EMS commands to limit the scope of the CRM_Router user account
  7. Configure the CRM Email Router as per
  8. Ensure that is a CRM System Administrator level account.
crm ts gateway

CRM 4 Fails to Run In Outlook on Terminal Services

If CRM 4 Client is installed on a Citrix/Terminal Services server and the initial installation (done when in CHANGE USER /INSTALL mode) also includes starting Outlook for the first time then a registry key is set in the Terminal Services registry shadow. This means that once you go into CHANGE USER /EXECUTE mode and a new user logs in they get the registry keys set during installation as part of their profile.

This is by design if the registry keys that are set are not needed to be unique per person. And CRM has one registry key that needs to be unique for each user logged into the terminal server. This is the ClientRemotingChannel registry value located at HKCU\Software\Microsoft\MSCRMClient.

If more than one person is connected to the terminal server and running Outlook with CRM configured then behind the scenes the CRM hoster application will be running. The ClientRemotingChannel registry key controls the ability of this application to communicate with Outlook and the CRM server and therefore this registry value must be unique for every logged in user on the terminal server at the same time. If more than one user has the same value (which they will if initial installation is done as above) then the 2nd concurrent user will fail to connect to CRM via Outlook – web access will work fine.

Therefore ensure that the shadow registry value for this (HKLM\SOFTWARE\Windows N\…\MSCRMClient) is not set and that all users that already have a duplicate value have the registry value deleted. The hoster application will recreate the registry value when it starts with a unique value if the registry setting is missing.

A clue to the existence of this error will be the application event log error “Failed to create an IPC Port: Access is denied”.

crm sql express

Giving a laptop to a new user when CRM 4.0 Offline Mode is installed on it

When someome leaves a company, or their laptop is replaced and they get a new laptop, their old laptop goes somewhere. If that somewhere is to a new user and that laptop had an installation of CRM 4.0 configured in Offline Mode installed on it then you will get the following error message when you attempt to run the Configuration Wizard to set up CRM within Outlook for the new user:

Microsoft Dynamics CRM for Outlook with Offline Access has already been configured for a user on this computer. Only one user can be configured per computer for Microsoft Dynamics CRM for Outlook with Offline Access.

This problem is down to the existance of the CRM SQL Server 2005 Express Edition database on that computer. Uninstalling CRM and reinstalling it does not fix the issue, and it would be fixed by removing SQL Server 2005 Express Edition as well – but that is overkill.

All you need to do is to remove the MSCRM_MSDE database. And the easiest way to do this is to use the osql command line tool.

  1. Start > Run > type cmd and press Enter (or type cmd in the search box in Vista/Windows 7).
  2. In the Command Prompt type osql -E -S pcname\CRM and press Enter.
  3. At the number prompt type drop database mscrm_msde and press Enter.
  4. At the next number prompt type go and press Enter.
  5. Finally type quit followed by Enter to exit from osql.

You can now run the CRM 4.0 Configuration Wizard for this new user and choose Offline Mode if you wish – a new database will be created.

citrix crm terminal server

How to Configure CRM 4 on a Terminal Server When Not All The Users Use Microsoft Dynamics CRM 4.0

The Microsoft Dynamics CRM 4.0 Outlook client software, when installed on a terminal server (Microsoft or Citrix) results in the CRM toolbar (which is part of the CRM Outlook Add-in) appearing for all users of the server regardless of whether or not they require the functionality of CRM and irrespective of whether or not they have an account on the CRM system.

The CRM toolbar appears because the Outlook CRM Add-in is loaded, and the add-in is loaded because of the following registry key:


Removal of this key from the users’ registry stops the add-in appearing under Outlook and stops the add-in loading. There is though one problem with this. At the users login a program runs that recreates this key if it is missing, so that registry key needs to be removed as well. This one is:

HKLM\SOFTWARE\Microsoft\Windows\Current Version\run and the deletion of the MSCRM value (keeping a copy of the data in this value for later).

For all users logging into a computer running the CRM Outlook client would now only get the add-in if the first registry key above exists, so existing CRM users are not affected by this change. Remove the first registry key above from any user who does not use CRM and remove the second key one from the machine and all new users will not get CRM. To give new users the CRM Outlook add-in just run the command line that was the data of the MSCRM registry value (where x is the drive where the CRM software is installed):

x:\program files\microsoft dynamics
crm\client\configwizard\crmforoutlookinstaller.exe /activateaddin

All the above works fine on a standard client, but if you need to do the above on a terminal server then you need to be aware of the shadow copy of the registry keys that terminal servers use to create the initial users profile the first time they login. Because the CRM client is initially installed with the CHANGE USER /INSTALL command active the registry stores a copy of the first registry key above so that it can be applied to users when their profile is created. This registry key needs to be removed as well. You will find this key at:

HKLM\SOFTWARE\Microsoft\Windows NT\Terminal

Note that you do not need to be in change user install mode when you make this change, as we are not uses these changes to affect existing user profiles, just stopping new user profiles from loading the CRM add-in if they do not need to. To change existing user profiles just delete the first registry key above from their profile using a script or manual action or whatever method you prefer. Of course you will need to have done the other steps above before this or the registry key will be recreated the next time they login.


CRM 3.0 Disaster Recovery

Updated 9 Jan 2009 as I needed to repeat these steps again, and so have
clarified them a bit!

I am in the process of performing a CRM restore, when I came across this cryptic message: “One or more Microsoft CRM groups do not exist”.

I am restoring into a new Active Directory so the groups do not exist, but the installer does not create them or tell me what they should be (in full). It tells me via help that the groups need to be called:

  • PrivUserGroup
  • ReportingGroup
  • SQLAccessGroup
  • UserGroup

But what it misses out is that these groups are to be suffixed with the Organisation GUID for the previous installation (who’s databases I have, and am restoring CRM using).

The organisation GUID is stored in the database, and you need to run the following SQL query on the MSCRM SQL database to get the answer:

  • SELECT TOP 1 OrganizationID, Name FROM organizationbase

Also ensure that during the reinstall of CRM 3.0, you set the Organisation name to that which is returned from the database and use the same product key as before. The product key can be obtained using “SELECT licensekey FROM license”

You also need to set the buildnumber in the BuildVersion table to 0 and delete any mentioned Qfe values, noting them down so that you can install these hotfixes later on.

Finally you need to change the GUID in OrganisationBase for each of the four groups above to the new objectGUID value for each group that you have just created. Using adsiedit.msc (part of the Windows Support Tools on the Windows Server installation CD-ROM) view the objectGUID value for each in hex. Then copy the value to notepad and reverse the first four groups of characters, reverse the next two groups of characters, reverse the third group of two and copy and paste the fourth group of two and the final group of six (the last two groups are not reversed). Note that you do not reverse each pair of characters individually, but treat each pair as a group and reverse the groups as shown below. Put curly braces on the new GUID and paste into SQL Enterprise Manager (or if using SQL 2005 run a script as shown below.

For example:

  • objectGUID=0x 1x 2x 3x 4x 5x 6x 7x 8x 9x Ax Bx Cx Dx Ex Fx


  • GUID in database={3x2x1x0x-5x4x-7x6x-8x9x-AxBxCxDxExFx}
  • SQL 2005 Script (no {} in GUIDs here though): UPDATE OrganizationBase SET UserGroupID=’GUID’, PrivilegeUserGroupID=’GUID’, ReportingGroupID=’GUID’, SQLAccessGroupID=’GUID’

During the installation you need to ensure that the installation user does not exist in SystemUserBase. To do this find the current installation user in the DomainName column and rename this users domain name (for example DOMAIN\administrator becomes DOMAIN\xxAdministrator). A new user will then be created during this installation.

Finally once installed, start the Deployment Manager tool and reassociate all the users with the newly created user in the new Active Directory. Restoring CRM into an existing AD is much simpler – just the Organisation Name and Product Key need to be retreived.


Invalid Visibility When Sending Email in Microsoft CRM

Having recently installed Microsoft Dynamics CRM 3.0 I found that when I wanted to send an email to a contact in the system it failed with the error message “Invalid Visibility”.

This error occurs because the code that sends the email does not complete successfully, and in my case because of anti-spam restrictions enabled on the Exchange Server that was being used as the SMTP gateway. The Exchange Server is the organisations only SMTP server, and the corporate firewall allows SMTP inbound and outbound only from this machine. Therefore this Exchange Server has a series of global message filters enabled which where activated on the SMTP virtual server on this machine. One of these anti-spam settings was to reject any mail on the SMTP virtual server that was from the domain name of the company and not authenticated. This stops lots of spam from outside the network that poses as if it where from inside the network, but as the CRM SMTP session was not authenticated, it too fell into this category.

So when CRM tried to send email, it received behind the scenes a 550 error – Sender Denied and so it generated the Invalid Visibility message.

Therefore, in this case, the fix was to authenticate the session, but alternatives exist such as providing a dedicated SMTP virtual server for the CRM application and additional routes outbound through the firewall for SMTP.

In addition to the above, the same error can be caused by other SMTP failures, so if you are getting the same error then open a command prompt on the CRM server and enter the following commands, waiting for an error and then using this to diagnose the reason why CRM 3.0 will not send emails for you (if anonymous email is allowed).

TELNET smtp_server_name 25
HELO crm_server_name
MAIL FROM: email_address@yourdomain
RCPT TO: recipient@externaldomain
TO: email_address@yourdomain
FROM: recipient@externaldomain
blank line needed here
Some text to act as the body of the message
Always finish the email with a full-stop on a line on its own