Dynamics Community Forum Thread Details

Problem Statement - Every year we have to renew the SSL certificate and use that for SSS so that Microsoft Dynamics 365 On Premise v 8.2 is able to sync emails with outlook exchange online.

This time, not able to set up SSL for Server Side Synchronization (SSS) for Emails in Microsoft Dynamics 365 On Premise v 8.2 with outlook Exchange Online.

Detailed Information -

Our Environment - We have Microsoft Dynamics 365 On Premise v 8.2

- This server is not public facing.

- Till last year we used Self signed SSL certificate , using powershell command,

we connected to Exchange online to set up the SSL Certificate for CRM

Things Tried at our end

- Created self signed certificate

- Using powershell below commands , which worked last year, we tried below but faced issues

Commands tried (there are some more )

$msolcred = get-credential

connect-msolservice -credential $msolcred

New-MsolServicePrincipalCredential -AppPrincipalId $CRMAppId -Type asymmetric -Usage Verify -Value $CredentialValue

$CRM = Get-MsolServicePrincipal -AppPrincipalId $CRMAppId

$ServicePrincipalName = $CRM.ServicePrincipalNames

$ServicePrincipalName.Remove("$CRMAppId/$RootDomain")

$ServicePrincipalName.Add("$CRMAppId/$RootDomain")

Set-MsolServicePrincipal -AppPrincipalId $CRMAppId -ServicePrincipalNames $ServicePrincipalName

dd-PSSnapin Microsoft.Crm.PowerShell

$setting = New-Object "Microsoft.Xrm.Sdk.Deployment.ConfigurationEntity"

$setting.LogicalName = "ServerSettings"

$setting.Attributes = New-Object "Microsoft.Xrm.Sdk.Deployment.AttributeCollection"

$attribute1 = New-Object "System.Collections.Generic.KeyValuePair[String, Object]" ("S2SDefaultAuthorizationServerPrincipalId", "10XXXXXX-XXXX-XXXXXX-a1XX-XXXXXXXX")

$setting.Attributes.Add($attribute1)

$attribute2 = New-Object "System.Collections.Generic.KeyValuePair[String, Object]" ("S2SDefaultAuthorizationServerMetadataUrl", "https://accounts.accesscontrol.windows.net/metadata/json/1")

$setting.Attributes.Add($attribute2)

Set-CrmAdvancedSetting -Entity $setting

$CRMContextId = (Get-MsolCompanyInformation).ObjectID

$CRMContextId

$organizationName = "XXXXX"

$CRMContextId = "10XXXXXX-XXXX-XXXXXX-a1XX-XXXXXXXX"

$orgInfo = Get-CrmOrganization -Name $organizationName

$ID = $orgInfo.id

if($ID)

{

Set-CrmAdvancedSetting -ID $orgInfo.ID -configurationEntityName "Organization" -setting "S2STenantId" -value $CRMContextId

}

Issue Faced Today -

- We get error while using commmand $msolcred = get-credential, it says its deprecated.

- We then tried the new msgraph api to connect, we were able to connect from powershell

but then faced issues with other commands

Quick Research Done till now -

- A quick search indicates that the process to set up SSS has been changed by microsoft recently

- The old approach that we used above is not supported (this we are not sure if there is a workaround)

- we need to use below things also (not sure if these are mandatory)

a) Msgraph api to connect to exchange online

b) IFD - Public facing website, we need to make our crm website public as per few articles which we cannot

c) expose CRM via HTTPS (IFD), even behind a reverse proxy / WAF

Constraints -

1 - Client may not allow us to make CRM site as public or IFD.

2 - We cannot migrate to v 9.1 as of now, so we need to stay on v8.2 on premise for some time and want to renew the SSL certificate by 13th Jan 26

Our questions -

Q1 - What do we need to connect our v8.2 Dynamcis 365 CRM onpremise with Exchange Online using SSS for email sync?

[We were able to connect using SSS till last year using above commands, facing issue now]

Q2 - What are the detailed steps and powershell commands etc so that we can set up the SSS ?

[Since the old commands are not working any more]

Q3 - Earlier we were using self signed SSL certifcates or do we need CA certificates with new commands

(But we cannot make it public - No IFD) ?

Q4 - Any other requirement for this to work

Let us know if any more information is needed. Appreciate any help on this as its little urgent.

#Dyanmic 365 , #On-Premise , #Server Side Syncronization