Skyrim. What ever you do, don't hurt the chicken

System.ServiceModel.FaultException: The security context token is expired or is not valid

A colleague and I encountered this error when trying to connect to CRM 2011 via the Organization.svc from a custom web page. It takes approximately ten minutes for the process to run and partway through we would get the error

“System.ServiceModel.Fault.Exception: The security context is expired or is not valid”.

Some basic googling point us in the direction of the security tokens on the OrganizationServiceProxy but when we dug deeper it turned out that there was no token assigned; very confusing. Eventually we found this blog comment which talked about when using Kerbros authentication if you use negotiateServiceCredential="false". When calling the service it must be running under the same machine name SVN. So we changed the calling custom web page to run under the same credentials as the service running CRM 2011 and lo and behold it started magically working.

I hope this saves someone else the 4 hours we spent bashing our heads against the computer.