Microsoft Dynamics 365 Blog

(Article updated 09/05/2013 –anup shah. The new updated “Deploy an Enterprise Portal site that uses forms-based authentication [AX 2012]” article 12 April 2013 is available at

You may run into the following issue if you were following the Flexible Authentication in Microsoft Dynamics AX 2012 that was created prior to April 2013 when you create Form Based authentication provider using following command:

Add-AXSharepointClaimsAuthenticationProvider -Type Forms -Name FormsAuth – SigningCertificate $SigningCert -Credential $Cred -Port 7000 – SSLCertificate $SSLCert

That works perfectly fine when you aspnetdb database is located on the same server as SharePoint. If you have database on other server then in web.config located in:

C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\TEMPLATE\LAYOUTS\<ProviderName>\

So if you look on above example it will be

C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\TEMPLATE\LAYOUTS\FormsAuth\

You can see that connectionString tag has following value:


    <add name=”FormsDB” connectionString=”Data Source=.;Initial Catalog=aspnetdb;Trusted Connection=true”/>


In situation when your aspnetdb would is on different server in the minute you try to log using Form Based authentication you will get error and you will be unable to login. You can work around it in two ways:

  1. Add parameter –ConnectionString to above command with correct connection string (this solution is preferable). So the command would look like:
Add-AXSharepointClaimsAuthenticationProvider -Type Forms -Name FormsAuth -SigningCertificate $SigningCert -Credentail $Cred -Port 7000 -SSLCertificate $SSLCert -ConnectionString “Data Source=DAX2012;Initial Catalog=aspnetdb;Trusted Connection = True”
  1. If you already run the command you can:
    1. Manually change connection string in web.config as given above
    2. Delete file C:\Windows\System32\WindowsPowerShell\v1.0\powershell.config if it exists. If you don’t delete above file it can be that when you run command
                   New-AXUser -AccountType ClaimsUser -AXUserId jdd -UserName johndoe -UserDomain FormsAuth -CreateInProvider -ClearTextPassword “Yukon!!90”

                  You can get error

                  New-AXUser : The entry ‘FormsDB’ has already been added. (C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\TEMPLATE\Layouts\FormsAuth\web.config line 39)




We're always looking for feedback and would like to hear from you. Please head to the Dynamics 365 Community to start a discussion, ask questions, and tell us what you think!