Change lifetime of a Security token for a claims-based authentication

By |2017-12-01T15:28:44+00:00October 28th, 2011|Azure, Cloud, Windows|0 Comments

We had an issue recently when deploying ADFS 2.0 and claim based authentication for CRM 2011. Basically after 40 minutes we would get an error in CRM saying that we needed to re-authenticate.

This is due to “The lifetime of a default security token for a claims-based authentication deployment using AD FS 2.0 is 60 minutes. By default, Microsoft Dynamics CRM Server 2011 is configured to display the Authentication is Required dialog box 20 minutes before the token expires.”

To sort this we ran the following command on our ADFS server from PowerShell ( Please change setting in red to apply to your setup )

  1. Add-PSSnapin Microsoft.Adfs.PowerShell
  2. Get-ADFSRelyingPartyTrust -Name:"crmrelyingpartyname" | Set-ADFSRelyingPartyTrust -TokenLifetime 240

Leave A Comment

like what you see? 

Sign-up to our newsletter and never miss out on the latest blogs, events and tech news from the world of risual
Give it a try, you can unsubscribe anytime.