We recently installed the Microsoft CRM web part for Sharepoint/MOSS 2007, and we're excited to share our findings with everyone. First, let's show the finished product (screenshot below). By installing this web part, you can display Microsoft CRM grids/views directly within Sharepoint! As the screenshot shows, you can even access all of your views and the "quick find" features from CRM. This particular web part is displaying our custom entity "Item" that we use to track work assignments related to each customer project.
So the good news is that this integration provides tons of great functionality for your users. The bad news is that it can be a bear to setup! Consequently, we asked our guru system administrator Neil to tackle this ball of wax to get it working. He documented everything he did so that I could share it on the blog, so I want to make sure that we give him credit for all of his hard work!
- Go to the Microsoft Dynamics CRM 3.0 List Web Part page on the Microsoft Download Center
- On the Microsoft Dynamics CRM 3.0 List Web Part download page, double-click Download
- Save the contents to the Windows SharePoint Services server in C:\Program Files\Microsoft CRM\Web Parts\
- In the Web Parts folder, extract the files to your SharePoint Products and Technologies server
- Double-click CRMListWebPart.MSI. The List Web Part will install
Our Network Topology
1. Verify Internet Explorer Configuration
By default, Internet Explorer is set up to use Integrated Windows Authentication, which in turn uses Kerberos authentication. However, if you upgraded any of your client computers to Internet Explorer 6 or Internet Explorer 6 with Service Pack 1 (SP1), the upgrade might have changed the security settings so that Integrated Windows Authentication is not used. To verify that Internet Explorer is set up correctly, follow these steps.
For each client computer, verify that Enable Integrated Windows Authentication is enabled
A. In Internet Explorer, on the Tools menu, click Internet Options, and then click the Advanced tab.
B. Scroll down to the Security section, and verify that Enable Integrated Windows Authentication (requires restart) is selected.
C. If it is not, select it, and then restart Internet Explorer.
2. Configure SharePoint site to use integrated Windows authentication
A. On the SharePoint Products and Technologies server, open Internet Information Services (IIS) Manager.
B. Expand the computer name, expand Web Sites, right-click the SharePoint Products and Technologies site on which the List Web Part is being used, and then click Properties.
C. On the Directory Security tab, look in the Authentication and access control section, and click the Edit button.
D. In the Authenticated access section, check Integrated Windows authentication, verify that Enable anonymous access is not checked, and then click OK.
E. Click OK to close the site properties dialog.
F. Stop and restart IIS.
3. Configure SharePoint to use Kerberos authentication
A. Open SharePoint Central Administration.
B. Click Application Management, and then Authentication Providers (listed under Application Security)
C. Choose the Web Application that will be using the CRM Web Part
D. For each of that zones that will be using the CRM Web Part click on the zone and verify that IIS Authentication Settings are configured to use Kerberos
4. Configure Service Principal Names (SPNs)
5. Use the Setspn.exe tool (available from the Windows 2003 Operating System CD) to add an SPN for the SharePoint Server’s HTTP service. To do so, type the following line at the command prompt, and then press ENTER.
Setspn –A HTTP/<servername> <servername>
Setspn –A HTTP/< server_FQDN> <servername>
6. Set up trust for delegation for the SharePoint Computer
A. On your domain controller, open Active Directory Users and Computers.
Note: If constrained delegation is available, use a computer running Windows Server 2003 to open Active Directory Users and Computers. Otherwise, you will not see the options for setting constrained delegation.
B. In Computers, right-click the server name for the SharePoint Products and Technologies server, and then click Properties.
Using constrained delegation:
- Click the Delegation tab.
- Select Trust this computer for delegation to specified services only.
- Select Use Kerberos only.
- Click Add.
- Click Users or Computers, click Advanced, click Find Now, select the computer running Microsoft Dynamics CRM, and then click OK two times.
- Select the http service, and then click OK.
- Click Add.
- Click Users or Computers, click Advanced, click Find Now, select the computer running Microsoft SQL Server, and then click OK two times.
- Select the MSSQLSVC service, and then click OK.
7. Stop and restart the Sharepoint IIS Server
Add the List Web Part to an existing Windows SharePoint Services Web Part page
The following instructions are specific to MOSS2007. Configuration instructions for SharePoint 2003 can be found from the Microsoft website at the end of the document.
After installing the List Web Part, it will appear in the list of available Web Parts on the Modify Shared Web page. To start the example of how you can use the List Web Part for Microsoft Dynamics CRM, add the List Web Part to a Web Parts page.
- Open the Web Part page to which you want to add the List Web Part for Microsoft Dynamics CRM.
- Click Site Actions, then Edit Page.
- In the portion of the page where you would like to place the Web Part click Add a Web Part.
- Under All Web Parts > Miscellaneous select Microsoft CRM List Web Part and click Add.
- On the Microsoft CRM List Web Part pane, click the down arrow and click Modify Shared Web Part
- Under the Microsoft CRM Node enter the URL of the CRM Server.
- Select the Record Type and View, and then click OK.
Most of the information above came directly from http://www.microsoft.com/dynamics/crm/using/deploy/crmwebpart.mspx and the documentation (crm list web part.doc) which is included with the installation files.