Authentication through Physical Path Credentials in CRM 4.0 and CRM 2011


I have been working in my CRM server for a long time without any issue. I was under the impression that everything was working as expected until I realized that something went wrong with the authentication mechanism. I found that all my CRM users are getting logged in as the account which I used to install the CRM Server.

To verify this I created a “test user” in Active Directory, added this user in CRM server, and did not assign any security role to this newly created CRM user. Then I logged into my client machine as “test user “ and after hitting the URL : http://crmservername:portno/  I found CRM web page is loading without any error message, but at the top right corner the logged in CRM user is showing the CRM installed on user  account, which is not expected behavior.

After spending some time and looking into different settings I found this impersonation was happening from IIS, and I was able to resolve this issue after changing the below settings:

In IIS manager right click the CRM Website>Manage Website>Advanced Settings>Under Physical Path Credentials>Select: Application user (pass through authentication) radio button >click on ok>ok to save the settings.

*No IIS reset is required after doing the above changes.


Skip to main content