ADFS 2.0 and CRM 2011 IFD – Error 403 when being redirected


I'm not sure what happened here, but let me give you the rundown.

I have a CRM 2011 IFD that by all accounts was functioning. Out of nowhere, I find that when being redirected to ADFS 2.0 login page by CRM, instead of seeing the login page, I get the following error:

403 - Forbidden: Access is denied.

You do not have permission to view this directory or page using the credentials that you supplied.

I'm not sure what is going on here. The certs are good, as best as I can tell, the logins are good. More specifically, nothing has been modified. This all worked just fine, and now it doesn't. I'm really stumped.

Best Answer

As it turns out, the issue had to do with modifying the logic on the ADFS 2.0 proxy server. The AppPool that it runs in must be configured for .NET 2.0 Integrated, otherwise it will fail and throw this error (which helps none).

Now we know!