Probably, the title of this post summaries it well, but there is some detail worth explanation. I was developing an Azure Function app which was basically integrating data between CRM and another system. The major functionality of this application was complete and tested. Two weeks ago, when I came back from leave, I found my application which was working fine before could not connect to CRM. I was using Microsoft.Xrm.Tooling assembly with the following code, but now it started returning null:
public static IOrganizationService GetOrganizationService(ref TraceWriter log)
{
IOrganizationService _orgService = null;
string connectionstring = ConfigurationManager.AppSettings["connectionstring"].ToString();
CrmServiceClient conn = new Microsoft.Xrm.Tooling.Connector.CrmServiceClient(connectionstring);
_orgService = (IOrganizationService)conn.OrganizationWebProxyClient != null
? (IOrganizationService)conn.OrganizationWebProxyClient
: (IOrganizationService)conn.OrganizationServiceProxy;
return _orgService;
}
CrmServiceClient has two very useful properties LastCRMError and LastCRMException which were showing this error message:
Unable to Login to Dynamics CRMOrganizationWebProxyClient is nullOrganizationServiceProxy is null
Tried looking for solutions and found the following suggestions:
- In connection string, try Organization unique name instead of friendly name
- May be assembly version is not compatible or code/ connection string should be written differently
- Use
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12; before connection
but none of these worked in my case. I contacted Microsoft support and they confirmed there was no such update or roll out that might have caused this but the good thing is they were still willing to help.
I tried different types of applications, environments and versions, but no luck.
At last, while testing the following code, the error was a little more meaningful:
IServiceManagement orgServiceManagement
= ServiceConfigurationFactory.CreateManagement
(new Uri("https://myCrmInstance.crm5.dynamics.com/XRMServices/2011/Organization.svc"));
AuthenticationCredentials authCredentials = new AuthenticationCredentials();
authCredentials.ClientCredentials.UserName.UserName = "user@email.com";
authCredentials.ClientCredentials.UserName.Password = "*********";
AuthenticationCredentials tokenCredentials = orgServiceManagement.Authenticate(authCredentials);
OrganizationServiceProxy organizationProxy = new OrganizationServiceProxy(orgServiceManagement,
tokenCredentials.SecurityTokenResponse);
Entity contact = new Entity("contact");
contact.Attributes["firstname"] = "Yawer";
contact.Attributes["lastname"] = "Iqbal";
var contactId = organizationProxy.Create(contact)
“The security timestamp is invalid because its creation time (‘2018-04-01T12:30:45.790Z’) is in the future. Current time is ‘2018-04-01T12:24:29.185Z’ and allowed clock skew is ’00:05:00′.”
Getting hint about time, I found time on my machine is 6 minutes behind. What caused this time change, I still don’t know but since it was the difference of just 6 minutes, I couldn’t notice this change. I corrected the time and everything started working as it was. I thought of doing a little experiment and moved the clock 6 minutes ahead of the current time and as per expectation, the error was different:
An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail.
and inner exception:
An error occurred when verifying security for the message.
Hope this sharing will save someone’s time.
