CRM 2015 and CRM 2016 IFD will Automatically Logout the user with a Message:
Your session in Microsoft Dynamics CRM is about to expire. To continue working, you must sin in again.
By Default this setting is 60 minutes, and the message will pop up around 20 minutes before logout.
Any unsaved changes will be lost as your session ends.
The Fix
To extend the automatic logout time in CRM 2015, we must extend the time set in ADFS 3.0 using the PowerShell command. First we need to know the name that was used to set up the Relying Party Trust in ADFS.
1. Open Server Manager and from the Tools menu select ADFS Management
2. in AD FS management, open Relying Party Trusts and find the Display name for the CRM IFD Relying Party Trust
In this case, we have called the Relying Party Trust – “CRM IFD Relying Party” as we keep things simple when we create things. Using the exact name for the title of the trust as we created it. But really it could be anything. One distinguishing feature is that the URL identifier is going to be optioning to the URL that displays in the browser window when you are in the process of login into your IFD CRM.
3. Start PowerShell
4. Check you have the correct name of the Relying Party Trust by typing the following command.
Get-ADFSRelyingPartyTrust -Name "relying_party"
Where you replace the “relying_party” with the name you identified in Step 2 above. In our case the command will be:
Get-ADFSRelyingPartyTrust -Name “CRM IFD Relying Party“
The result should look something like this if you get it correct.
5. Not type the command to set the time you want to set for Auto Logout.
Set-ADFSRelyingPartyTrust -Targetname “CRM IFD Relying Party“ -TokenLifetime 720
(Again replacing the “CRM IFD Relying Party” with the name used on your system.)
Note: The 720 is time in minutes. 12 Hours in this case. You can change the value up and down as liked.
Set-ADFSRelyingPartyTrust -Targetname “CRM IFD Relying Party“ -TokenLifetime 720
6. Close out the PowerShell and you are done.
Noticed small typo 720 minute is not = 8hr but 480min is.
Thanks. We updated the blog to 12 hours.
Hi,
thanks for your article.
I have recently updated the setting as per steps here. However I am having a issue with user being shown with the authentication popup after the Token life time. Even after providing the user details for login, the popup keeps appearing repeatedly. Is there any other thing I need to check or do to fix this issues. Appreciate your inputs a lot.
Thanks.
We advised users that they needed to hit the original URL (login url) again. Refreshing the page does not appear to stop this happening, but hitting the login url https://crmdomai.ect.com:444/default.aspx or similar does.
If we increase session time out to 8 hours this means many sessions will be active even if users are not using CRM. This is effect performance?
in step 5.:
5. Not type the command to set the time you want to set for Auto Logout.
I believe it is typo and needs to be “Now type …”
Thank you for the good how to
Thanks.