Pages

Saturday, 31 August 2013

CRM 2011: Integration using SQL Server Integration Services (SSIS) 2008 throws SOAP Security Negotiation Exception

Objective: 

Microsoft Dynamics CRM 2011 Integration using Microsoft SQL Server Integration Services 2008 (SSIS)

Issue:

SOAP security negotiation with 'http://CRMServer/Org/xrmservices/2011/Organization.svc' for target 'http://CRMServer/Org/xrmservices/2011/Organization.svc' failed. See inner exception for more details.

Server stack trace: 
   at System.ServiceModel.Security.IssuanceTokenProviderBase`1.DoNegotiation(TimeSpan timeout)
   at System.ServiceModel.Security.SspiNegotiationTokenProvider.OnOpen(TimeSpan timeout)
   at System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(TimeSpan timeout)
   at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
   at System.ServiceModel.Security.CommunicationObjectSecurityTokenProvider.Open(TimeSpan timeout)
   at System.ServiceModel.Security.SecurityUtils.OpenTokenProviderIfRequired(SecurityTokenProvider tokenProvider, TimeSpan timeout)
   at System.ServiceModel.Security.SymmetricSecurityProtocol.OnOpen(TimeSpan timeout)
   at System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(TimeSpan timeout)
   at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
   at System.ServiceModel.Channels.SecurityChannelFactory`1.ClientSecurityChannel`1.OnOpen(TimeSpan timeout)
   at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout)
   at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.CallOpenOnce.System.ServiceModel.Channels.ServiceChannel.ICallOnce.Call(ServiceChannel channel, TimeSpan 

timeout)
   at System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan timeout, CallOnceManager cascade)
   at System.ServiceModel.Channels.ServiceChannel.EnsureOpened(TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan 

timeout)
   at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs)
   at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
   at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)

Exception rethrown at [0]: 
   at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
   at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
   at NECCrmProxy.Crm.IOrganizationService.Create(Entity entity)
   at NECCrmProxy.Crm.OrganizationServiceClient.Create(Entity entity)
   at ScriptMain.Input0_ProcessInputRow(Input0Buffer Row)
   at UserComponent.Input0_ProcessInput(Input0Buffer Buffer)
   at UserComponent.ProcessInput(Int32 InputID, PipelineBuffer Buffer)
   at Microsoft.SqlServer.Dts.Pipeline.ScriptComponentHost.ProcessInput(Int32 inputID, PipelineBuffer buffer)

Resolution: 

Change EndpointIdentity.CreateUpnIdentity() to EndpointIdentity.CreateDnsIdentity() in your code.

Posted by at No comments:

Wednesday, 14 August 2013

CRM 2011: Impersonation in Plug-ins

Impersonation is used in Microsoft Dynamics CRM platform to execute the business logic on behalf of a system user, this includes the custom code execution governed by Microsoft Dynamics CRM security privileges of the impersonated user. Pre-entity and Post-entity images as passed to plug-ins as the execution context on behalf of the impersonated user.

Plug-ins not executed by sandbox or asynchronous service execute under CRMAppPool Identity service account. By default, CRMAppPool uses Network Service account but it can be changed by the administrator. If it is changed then administrator will need to add this identity account to the PrivUserGroup in the Active Directory.

Impersonation during Plug-in Registration

A user can be impersonated during the plug-in registration, administrator can specify a user account to execute the plug-in.
If the plug-in is getting registered programmatically then impersonation can be done by setting the property ImpersonatingUserId to a specific user, web service calls made by the plug-in execute on behalf of the impersonated user.

Impersonation during Plug-in Execution

Impersonation defined at the registration level can be overridden at run time during plug-in execution. 
For security purposes, the plug-ins can also be impersonated as the user who actually initiated this process/plug-in (by doing a specific action within the CRM application) by using the property InitiatingUserId. 

// Get a reference to the Organization service.
IOrganizationServiceFactory factory = (IOrganizationServiceFactory)serviceProvider.GetService(typeof IOrganizationServiceFactory));
IOrganizationService service = factory.CreateOrganizationService(context.InitiatingUserId);

Refer to Microsoft's documentation for more information.

Posted by at No comments:

Thursday, 1 August 2013

CRM 2013 (Orion): Upgrade to CRM 2013 (Orion)

Upgrade to CRM 2013

Upgrade/Re-implement Legacy features

The following legacy features will no longer be supported in Microsoft Dynamics CRM 2013

  • CRM 4 plug-ins and custom workflow activities
  • CRM 4 client-side scripting
  • 2007 web service endpoint
  • ISV folder support for custom web applications
  • Solution down level tool
Legacy Feature Check tool can be used to detect legacy feature usage in the solution.

Dynamics CRM 2011 Custom Code Validation Tool can be used to detect unsupported client-side code in the solution. 

Refer to Microsoft's documentation for further information.


more to follow on this topic ....
Posted by at No comments:
Subscribe to: Posts (Atom)