Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. From BDC to CRM
I had a requirement to bring MS CRM data as search results in MOSS search centre. So I start doing my research. First, I found this nice blog post that explains there is already BDC definition file for CRM is available from MS,
BDC metadata definition file for Microsoft Dynamics CRM 3.0
I follow the instruction in the post and change my SQL server and database name to mach my environment. It worked fine. But, it was only displaying the data when I was accessing it from the SharePoint server. When I try to access the BDC data fro my client machine, I was getting following error message in the event log,
Event Type: Error
Event Source: Office SharePoint Server
Event Category: Business Data
Event ID: 5700
Date: 3/07/2007
Time: 6:04:33 PM
User: N/A
Computer: XXXXX
Description:
Could not open connection using 'data source=daustcd01;initial catalog=nea_MSCRM;integrated security=SSPI;pooling=false;persist security info=false' in App Domain '/LM/W3SVC/1229638185/Root-1-128279213588223440'. The full exception text is: Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.
The BDC definition file is using “PassThrough” authentication mode. I was sure the problem was to do with the authentication. Then I start looking at what are my options here and found following are supported in BDC,
Pass through : The ability of the operating system to pass a client’s authentication information to the back end server. When you use this method, you simply authenticate as the identity of the end user. To avoid losing the logged on users identity when the BDC authenticate to the back end server, you must enable the Kerberos delegation.
RevertToSelf: this allows you to revert this impersonation and authenticate as the underling account that is configured for the IIS application pool. So while IIS runs under the application pool identity, it impersonates the logged on users, and the request runs under the user’s impersonation before it is passed forward.
WindowsCredentials: MOSS authenticates by using MS windows credentials from its default single sign-on (SSO) services.
So I change the BDC definition file to use RevertToSelf authentication mode. Make sure that application pool account in IIS for the MOSS site has access to CRM data. It’s all working fine now!!!!
Labels: authentication, BDC
posted by Gayan Peiris @ 11:17 AM
10 comments
10 Comments:
Thanks Hayan,
The solution helped me a lot. However, wondering how should I make it work usng Passthorugh Authentication?? I made imperonate ='true in all web.config files of MOSS
Nice one Gayan - thanks.
Hi Gayan, great post. I was also wondering how you get this to work with PassThrough in the ADF? I have setup a site using Kerberos and get the same error, but need to use PassThrough for delegation to work correctly.
Hi there,
I've got the exact problem. Require clarification though, when you say that "Make sure that application pool account in IIS for the MOSS site has access to CRM data", how is this done? As a reader in CRM? Anything to do with permissions in Central Administration?
If you can mail me back on uz_my_naz@hotmail.com, that'll be real great.
Uzma
I am having the same, change the PassThrough to RevertToSelf but no luck in getting BDC to pull data from the database... my database is sitting in different vmware environment than Moss...please help
wkangong@itechnocrat.com
Hi folks.
I enjoyed your topics on "Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. From BDC to CRM" and i think this could be browser problem. Change it and try again. Anyway, you have a nice blog. Nice for share this usefull article. Keep up the good work.
------
Free Poker Capital.
Just what i was looking for... thanks!!
Microsoft Dynamics CRM is a multi-lingual Customer Relationship Management software package developed by Microsoft. Out of the box, the product focuses mainly on Sales, Marketing and Service (helpdesk) sectors but Microsoft has been marketing Dynamics CRM as an XRM platform and have been encouraging partners to use its proprietary (but .NET based) framework to customise it to meet many different demands.
I recently came across your blog and have been reading along. I think I will leave my first comment. I don’t know what to say except that I have enjoyed reading. Nice blog. I will keep visiting this blog very often.
Grateful to check out your website, I seem to be ahead to more excellent sites and I wish that you wrote more informative post for us. Well done work.
Post a Comment
<< Home