We recently started seeing the following error in the server’s application event log after we configured ADFS, IFD and update the email router to point to the IFD url.

#26234 – The E-mail Router service could not process a provider work item using assembly: Microsoft.Crm.Tools.EmailProviders.dll and class: Microsoft.Crm.Tools.Email.Providers.SmtpPollingSendEmailProvider. System.NotSupportedException: The authentication endpoint Username was not found on the configured Secure Token Service! at Microsoft.Crm.ServiceProxyCache`1.BuildServiceProxy(Uri serviceUrl, Credential credentials, Uri homeRealmUrl, String passportEnvironment, IServiceConfiguration`1 serviceConfiguration) at Microsoft.Crm.ServiceProxyCache`1.GetNewServiceProxy(Uri serviceUrl, Credential credentials, Uri homeRealmUrl, String passportEnvironment) at Microsoft.Crm.Tools.Email.Providers.Utility.GetOrganizationUrl(Uri discoveryServiceUrl, Credential credentials, String organizationName) at Microsoft.Crm.Tools.Email.Providers.Utility.GetCrmService(Uri discoveryUri, String authMode, String userName, String password) at Microsoft.Crm.Tools.Email.Providers.CrmPollingSendEmailProvider.Run() at Microsoft.Crm.Tools.Email.Agent.ServiceCore.ExecuteProviderWork(Object providerQueueRequestObject)

To resolve the issue we enabled the following endpoint in ADFS 2.0:


Hope this helps someone out there – if you need more assistance please reach out to the MSCRM Experts at PowerObjects

Happy CRM’ing

  • http://andrewbschultz.com Andy Schultz

    Just what I needed! Thanks you PowerObjects. This seems to be a post-rollup 2 issue (I never had rollup 1 installed, so I guess it was either Rollup 1 or 2 that did this to us).

  • http://www.bizitpro.com Stephen Noe

    Good one, saved us today when it began. Very weiry, just started today out of the blue, no new patches. CRM server was hanging on the shutdown due to the huge number of errors being logs and no users could access CRM via Outlook.

    We are on Rollup 2 but have been there for quite a while.

    Thank you for the post!

  • http://www.bizitpro.com Stephen Noe

    Well, actually….when I did that it caused problems for all remote Outlook clients, who could no longer connect remotely, even though the web client still worked remotely. Had to turn it back off again, as I found the CRM support said his machine did bnot have that enabled….After several days of messing with this,
    *** FYI: I have concluded that this should NOT be enabled.

    • Nang Fang

      I also observed this:

      ** Email-Router stopped working with error messages described above (“The authentication endpoint Username was not found on the configured Secure Token Service! at …”)
      ** I enabled the AD FS 2 Endpoint Username
      ** Email-Router worked again after restarting the email router service
      ** Outlook Integration did not work any more, neither did the Visual Studio CRM Integration.
      ** So I disabled the Endpoint Username again.
      ** Outlook Integration works again, but Email-Router is broken again.

      So is there a known solution which fixes both the Email Router and Outlook integration?

      Thanks!
      Nang.

  • Nang Fang

    The solution is:

    The email router service must be started AFTER the AD FS 2.0 service.
    So simply stopping and restarting the email router service helped.
    AD FS 2.0 endpoint Username must not be enabeled.

    Nang.

    • Lisa

      Thanks so much, it helps us.

  • http://www.ethertech.com.au Jason Kelton

    Thanks Nang, we noticed this error too but have not had anywhere to really go with this. As we have both ADFS and Email Router on the same node, it would make sense. We periodically see the email router go bezerk, most of the time after a server restart.

    As ADFS is set for delayed start, the email router is obviously not dependent on ADFS and starts beforehand.

    We will monitor our progress on this and let you know how we go…

  • http://www.sberetta.it Stefano Beretta

    …but….
    if the CRM is online???

  • http://www.powerobjects.com alex fagundes

    Hi – we are now recomending NOT doing this. With the latest update rollup we seem to NOT need the username enabled and it CAN interfere with adfs authentication in the outlook crm client.

  • Reggie Parks

    Hello. I’m seeing an erro message stating “The Authentication Endpoint Assymetric token was not found on secure token service” error message. This service was working fine a couple weeks ago and then the email router just stop configuring thus allowing a backup of emails in the queue. Any suggestions?

    • alexfagundes

      Hi – check that the adfs server properties has the correct url and it starts with https and not http. If this was incorrect, then after fxing, you may need to re-run the crm claims wizard and the crm adfs wizard in deployment manager.

Return to Top ▲Return to Top ▲