TIP: When setting up ADFS, the ADFS website should only have a single binding: port 443. You should remove the default port 80 binding. Notice that in the error above, the address is http (not https) which means that there is communication taking place across port 80 to ADFS. This is not the desired configuration. By removing the port 80 binding in IIS from the ADFS website, and restarting the ADFS server, you should be able to avoid this error. If not, read some of the tips below.
If you see this error when trying to register or connect with ClickDimensions, there are several possible causes, all due to CRM/ADFS configuration:
To resolve this error:
First, make sure the user you have set up as the service account has Read/Write access to CRM and has a security role assigned that enables it to log into CRM remotely.
Next, make sure the Username endpoint is configured in the ADFS deployment that this CRM org is using:
Lastly, if the above looks okay, it could be a resolution or routing issue blocking the connection. Make sure that there are external DNS entries for the path to your ADFS server (for example, https://sts.mydomain.com needs to resolve externally). Also, make sure that your firewall permits external access to the ADFS server. If you are able to, try to use a computer that is outside of your domain to navigate directly to the ADFS server to test its accessibility.
NOTE: This error also prevents connections from the Outlook client for CRM when connecting from outside of a network.