I had a requirement to bring MS CRM data as search results in MOSS search centre. So I start doing my research. First, I found this nice blog post that explains there is already BDC definition file for CRM is available from MS,BDC metadata definition file for Microsoft Dynamics CRM 3.0
I follow the instruction in the post and change my SQL server and database name to mach my environment. It worked fine. But, it was only displaying the data when I was accessing it from the SharePoint server. When I try to access the BDC data fro my client machine, I was getting following error message in the event log,Event Type: Error
Event Source: Office SharePoint Server
Event Category: Business Data
Event ID: 5700
Time: 6:04:33 PM
Could not open connection using 'data source=daustcd01;initial catalog=nea_MSCRM;integrated security=SSPI;pooling=false;persist security info=false' in App Domain '/LM/W3SVC/1229638185/Root-1-128279213588223440'. The full exception text is: Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.
The BDC definition file is using “PassThrough” authentication mode. I was sure the problem was to do with the authentication. Then I start looking at what are my options here and found following are supported in BDC,Pass through
: The ability of the operating system to pass a client’s authentication information to the back end server. When you use this method, you simply authenticate as the identity of the end user. To avoid losing the logged on users identity when the BDC authenticate to the back end server, you must enable the Kerberos delegation.RevertToSelf
: this allows you to revert this impersonation and authenticate as the underling account that is configured for the IIS application pool. So while IIS runs under the application pool identity, it impersonates the logged on users, and the request runs under the user’s impersonation before it is passed forward.WindowsCredentials:
MOSS authenticates by using MS windows credentials from its default single sign-on (SSO) services.
So I change the BDC definition file to use RevertToSelf authentication mode. Make sure that application pool account in IIS for the MOSS site has access to CRM data. It’s all working fine now!!!!
Labels: authentication, BDC