Does the CRM installing user need to be a member of sysadmin on SQL Server?

Some companies keep tight control on which accounts can be a member of the sysadmin fixed server role in SQL Server. When installing CRM, although the installing user does not need to be a domain admin, the user does need to have certain administrativwe rights and this includes being a member of the sysadmin role on the SQL Server as per this article under the section Microsoft Dynamics CRM Server setup.

Install and Upgrade to Microsoft Dynamics CRM 2015

An on-premise install of Microsoft Dynamics CRM 2015 requires:

  • Windows Server 2012 or later
  • SQL Server 2012, SQL Server 2012 R2 or SQL 2014

Microsoft Dynamics CRM 2013 with Service Pack 1 (or later) can be upgraded to CRM 2015.

Client: Windows 7 or later

Browsers: IE10, IE11, Chrome, Safari and Firefox

Optional Items

ADFS 2.0, 2.1 2.2 (ADFS 2.0 must be installed on a different server from CRM)

Exchange 2010 or 2013

Outlook 2010 or 2013 (cached Exchange mode)

Windows SharePoint 2010 SP1 and 2013

ADFS Supported Configurations

CRM 2011 and 2013 uses Active Directory Federation Services for Internet-facing deployments.

The folowing table describes the supported configurations for combinations of ADFS an CRM versions.

    CRM 2011 CRM 2013 CRM 2015 Notes

ADFS 2.0

For Windows Server 2008 and 2008 R2

Must be downloaded and installed

Service Principal Names (SPN) for Dynamics CRM

When setting up Microsoft Dynamics CRM it is likely that you will have to configure Service Principal Names (SPN).

What is an SPN?

An SPN is a mapping that associates a service with the account responsible for the service and supports mutual Kerberos authentication.

I like the explanation provided by Brian Murphy-Booth. He describes an SPN as a name that identifies a program that deals with credentials.

Could not find GUID for server

I've had a situation where users could not access CRM and an error similar to "could not find GUID for server" was logged in the application log for the web server.

I discovered a resolution described at this link

Service Unavailable error for CRM Federation Metadata

I came across an error when configuring claims-based authentication for Microsoft Dynamics CRM 2011. The error, Service is Unavailable was returned when browsing to the CRM metadata URL.
In this installation, something was wrong with URL rewriting. Following the steps in this article resolved the issue:

Kernel-mode authentication for CRM 2011 Website

Following a CRM 2011 installation that seemed to work, users were getting 401.1 unauthorized errors when connecting to the CRM server from their PCs.

However, everything worked fine when connecting to CRM from the server.

The problem was found to be that kernel-mode authentication was not enabled on the CRM website. To resolve the issue, complete the following steps:

CRM 2011 Client for Outlook- problem communicating with server

The installating guide for CRM 2011 strongly recommends that a low privilege domain account is used for the CRM and ASP.NET services.

Having followed this advice I found I was unable to configure the Outlook Client to connect to the CRM server. The error I got was "there is a problem communicating with the server". Examining the log file, Crm50ClientConfig.log, revealed the following error:


Subscribe to Installation