Sonoma Partners Microsoft CRM Blog

« "Fake" Steve Jobs gives Salesforce.com the business | Main | Reaction to Salesforce.com's quarterly earnings »

Microsoft CRM Web Part for SharePoint/MOSS 2007 Configuration

We recently installed the Microsoft CRM web part for Sharepoint/MOSS 2007, and we're excited to share our findings with everyone. First, let's show the finished product (screenshot below). By installing this web part, you can display Microsoft CRM grids/views directly within Sharepoint! As the screenshot shows, you can even access all of your views and the "quick find" features from CRM. This particular web part is displaying our custom entity "Item" that we use to track work assignments related to each customer project.

So the good news is that this integration provides tons of great functionality for your users. The bad news is that it can be a bear to setup! Consequently, we asked our guru system administrator Neil to tackle this ball of wax to get it working. He documented everything he did so that I could share it on the blog, so I want to make sure that we give him credit for all of his hard work!

Installation

1. Go to the Microsoft Dynamics CRM 3.0 List Web Part page on the Microsoft Download Center
2. On the Microsoft Dynamics CRM 3.0 List Web Part download page, double-click Download
3. Save the contents to the Windows SharePoint Services server in C:\Program Files\Microsoft CRM\Web Parts\
4. In the Web Parts folder, extract the files to your SharePoint Products and Technologies server
5. Double-click CRMListWebPart.MSI. The List Web Part will install

Our Network Topology

 

Configuration

1. Verify Internet Explorer Configuration

By default, Internet Explorer is set up to use Integrated Windows Authentication, which in turn uses Kerberos authentication. However, if you upgraded any of your client computers to Internet Explorer 6 or Internet Explorer 6 with Service Pack 1 (SP1), the upgrade might have changed the security settings so that Integrated Windows Authentication is not used. To verify that Internet Explorer is set up correctly, follow these steps.

For each client computer, verify that Enable Integrated Windows Authentication is enabled

A. In Internet Explorer, on the Tools menu, click Internet Options, and then click the Advanced tab.

B. Scroll down to the Security section, and verify that Enable Integrated Windows Authentication (requires restart) is selected.

C. If it is not, select it, and then restart Internet Explorer.

2. Configure SharePoint site to use integrated Windows authentication

A. On the SharePoint Products and Technologies server, open Internet Information Services (IIS) Manager.

B. Expand the computer name, expand Web Sites, right-click the SharePoint Products and Technologies site on which the List Web Part is being used, and then click Properties.

C. On the Directory Security tab, look in the Authentication and access control section, and click the Edit button.

D. In the Authenticated access section, check Integrated Windows authentication, verify that Enable anonymous access is not checked, and then click OK.

E. Click OK to close the site properties dialog.

F. Stop and restart IIS.

3. Configure SharePoint to use Kerberos authentication

A. Open SharePoint Central Administration.

B. Click Application Management, and then Authentication Providers (listed under Application Security)

C. Choose the Web Application that will be using the CRM Web Part

D. For each of that zones that will be using the CRM Web Part click on the zone and verify that IIS Authentication Settings are configured to use Kerberos

4. Configure Service Principal Names (SPNs)

5. Use the Setspn.exe tool (available from the Windows 2003 Operating System CD) to add an SPN for the SharePoint Server’s HTTP service. To do so, type the following line at the command prompt, and then press ENTER.

Setspn –A HTTP/<servername> <servername>

Setspn –A HTTP/< server_FQDN> <servername>

6. Set up trust for delegation for the SharePoint Computer

A. On your domain controller, open Active Directory Users and Computers.

Note: If constrained delegation is available, use a computer running Windows Server 2003 to open Active Directory Users and Computers. Otherwise, you will not see the options for setting constrained delegation.

B. In Computers, right-click the server name for the SharePoint Products and Technologies server, and then click Properties.

Using constrained delegation:

1. Click the Delegation tab.
2. Select Trust this computer for delegation to specified services only.
3. Select Use Kerberos only.
4. Click Add.
5. Click Users or Computers, click Advanced, click Find Now, select the computer running Microsoft Dynamics CRM, and then click OK two times.
6. Select the http service, and then click OK.
7. Click Add.
8. Click Users or Computers, click Advanced, click Find Now, select the computer running Microsoft SQL Server, and then click OK two times.
9. Select the MSSQLSVC service, and then click OK.

7. Stop and restart the Sharepoint IIS Server

 

Add the List Web Part to an existing Windows SharePoint Services Web Part page

The following instructions are specific to MOSS2007. Configuration instructions for SharePoint 2003 can be found from the Microsoft website at the end of the document.

After installing the List Web Part, it will appear in the list of available Web Parts on the Modify Shared Web page. To start the example of how you can use the List Web Part for Microsoft Dynamics CRM, add the List Web Part to a Web Parts page.

1. Open the Web Part page to which you want to add the List Web Part for Microsoft Dynamics CRM.
2. Click Site Actions, then Edit Page.
3. In the portion of the page where you would like to place the Web Part click Add a Web Part.
4. Under All Web Parts > Miscellaneous select Microsoft CRM List Web Part and click Add.
5. On the Microsoft CRM List Web Part pane, click the down arrow and click Modify Shared Web Part
1. Under the Microsoft CRM Node enter the URL of the CRM Server.
2. Select the Record Type and View, and then click OK.

Most of the information above came directly from http://www.microsoft.com/dynamics/crm/using/deploy/crmwebpart.mspx and the documentation (crm list web part.doc) which is included with the installation files.

Posted by Mike Snyder on August 15, 2007 | Permalink

Comments

Hi,

We are having an issue with the CRM List Webpart. THe webpart works for system entities, but when we configure it to show the grid for any custom entities, it only shows one line, regardless of how we have sized the webpart. Did you run into this problem at all?
Thanks,
andy

Posted by: andy | Aug 17, 2007 5:14:26 PM

No, we didn't see this problem. As you can see from our screenshot, the list web part works just fine with custom entities for us.

Posted by: Mike Snyder | Aug 18, 2007 10:11:45 PM

My biggest question is regarding access sharepoint outside of the company. We are currently using NTLM authentication and if we change this to kerberos authenication will it cause any issues?

I know I could very easily just change it and then try and see what happens. I would just like some input before I made this change.

Any help would be greatly apprecaited.

Thanks,
Joe

Posted by: Joe | Aug 21, 2007 5:11:41 PM

Kerberos will not work from outside the company. I believe that the procedure listed at http://support.microsoft.com/?id=832769 will allow the use of both authentication providers. This is because both are included in the following command.

cscript adsutil.vbs set w3svc/##/root/NTAuthenticationProviders "Negotiate,NTLM"

I have not tried this though, and I would not expect the CRM Webpart to work for users outside the company since they would still be using NTLM authentication.

Neil

Posted by: Neil | Aug 23, 2007 1:49:40 PM

Andy-

Check out this post and see if it helps!

http://blog.sonomapartners.com/2007/08/sharepoint-list.html

Mike

Posted by: Mike Snyder | Aug 27, 2007 9:40:06 PM

Hi,

I have a personalization requirement, where the user should be able to set the number of records displayed displayed by this list web part. Is there a way to achieve the requirement in this list web part. I tried, but couldn't find a solution.

Thanks,
Mahalax

Posted by: Mahalax | Oct 10, 2007 4:41:52 AM

Hello,
Has anyone ran into a problem where you can't change the CRM Server URL in the web part area? I need to change teh server URL and it's currently greyed out, any ideas on how to change that?

Thanks
Chris

Posted by: Chris Mollet | Oct 15, 2007 12:30:00 PM

If I have Publishing web under Publishing site, anonymous works great for father (site) and still brings auth dialog for son (web). For other templates, like Team, it works without issues.Breaking the inheritance and explicit defining of anonymous access on son site doesn't help.

Posted by: Yehiel | Jan 1, 2008 7:02:05 AM

Nice pictorial presentation... thanks for sharing this important information...

Posted by: Microsoft CRM Implementation | Aug 12, 2008 5:46:03 AM

Hi - will the 3.0 crm webpart work with CRM 4.0?

Posted by: henrik | Aug 12, 2008 8:49:59 AM

Post a comment

Name:

Email Address:

URL:

Remember personal info?

Comments: