When working with an Internet Facing Deployment of Dynamics CRM – we can often receive the ‘Your session has expired, please log in again’ message after a short period of working within the system.
This can be frustrating for the end-user, as this message can appear after a period of inactivity or worse during the middle of working within CRM.
Thankfully this Session Timeout is a setting which we can configure as part of our IFD Setup for Dynamics CRM.
To do this, we need to access our ADFS Server via a Remote Desktop Connection and then run Powershell. NOTE: this would typically the 64 bit version of Powershell, so not named (x86)
Once we have Powershell open, we need to invoke the following commands:
Add-PSSnapin Microsoft.Adfs.PowerShell
Loads the ADFS Powershell commands, so we can access them
Get-ADFSRelyingPartyTrust -Name “relying_party”
Shows us a screen-dump of all the settings in our ADFS Rely Party Trust – which is the element of ADFS that is allowing Security Tokens to be passed from ADFS and into Dynamics CRM
Set-ADFSRelyingPartyTrust -Targetname “relying_party” -TokenLifetime 480
Amends the Timeout of the Security Token to 480 minutes (8 hours)
Get-ADFSRelyingPartyTrust -Name “relying_party”
View that screen-dump again, so we can see our setting amended
The “relying_party” in this is the Name that we gave the ADFS Rely Party Trust when first setup in ADFS – this can be found in the ADFS 2.0 Management Console:
Once done – we can then see the new value of our Token Lifetime setting – this will change from 0 to 480 once we have run the Set- command.
As this is a common task for IFD Deployments of CRM, there is a number of good articles on this process:
