无法在 Dynamics CRM 中使用 CrmService API 添加用户
我们将 Dynamics CRM 4 更新汇总 6 配置为 IFD,并使用部署配置工具设置了 UserRootPath。通过 CRM 界面添加用户效果非常好。但是,当尝试通过 CrmService API 添加用户时,未添加用户,我们收到下面包含的跟踪消息。如果我们从组织中删除 UserRootPath 设置,则可以通过 CrmService API 添加用户。该路径似乎正确,可以在其他 LDAP 工具中使用,并且用户位于指定的 OU 内。我们使用路径“LDAP://dcserver/OU=testorg;OU=Hosting;DC=domain;DC=local”。
[2009-09-29 13:19:54.7] Process: w3wp |Organization:---- |Thread: 9 |Category: Platform.Sdk |User: ---- |Level: Error | CompositeSoapExtensionExceptionHandler.Handle >CrmSoapExtension detected CrmException: System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.DirectoryServices.DirectoryServicesCOMException (0x80072020): An operations error occurred. at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) at System.DirectoryServices.DirectoryEntry.Bind() at System.DirectoryServices.DirectoryEntry.get_AdsObject() at System.DirectoryServices.DirectorySearcher.FindAll(Boolean findMoreThanOne) at System.DirectoryServices.DirectorySearcher.FindOne() at Microsoft.Crm.ObjectModel.SystemUserServiceInternal`1.CheckUserUnderRootPath(String domainAccountName, ExecutionContext context) at Microsoft.Crm.ObjectModel.SystemUserServiceInternal`1.CreateInternal(Guid organizationId, IBusinessEntity systemuser, ExecutionContext context) at Microsoft.Crm.ObjectModel.SystemUserServiceInternal`1.Create(IBusinessEntity systemuser, ExecutionContext context) --- End of inner exception stack trace --- at System.RuntimeMethodHandle._InvokeMethodFast(Object target, Object[] arguments, SignatureStruct& sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner) at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks) at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) at System.Web.Services.Protocols.LogicalMethodInfo.Invoke(Object target, Object[] values) at Microsoft.Crm.Extensibility.InternalOperationPlugin.Execute(IPluginExecutionContext context) at Microsoft.Crm.Extensibility.PluginStep.Execute(PipelineExecutionContext context) at Microsoft.Crm.Extensibility.Pipeline.Execute(PipelineExecutionContext context) at Microsoft.Crm.Extensibility.MessageProcessor.Execute(PipelineExecutionContext context) at Microsoft.Crm.Extensibility.InternalMessageDispatcher.Execute(PipelineExecutionContext context) at Microsoft.Crm.Extensibility.ExternalMessageDispatcher.Execute(String messageName, Int32 primaryObjectTypeCode, Int32 secondaryObjectTypeCode, PropertyBag fields, CorrelationToken correlationToken, CallerOriginToken originToken, UserAuth userAuth, Guid callerId) at Microsoft.Crm.Sdk.RequestBase.Process(Int32 primaryObjectTypeCode, Int32 secondaryObjectTypeCode, CorrelationToken correlationToken, CallerOriginToken originToken, UserAuth userAuth, Guid callerId) at Microsoft.Crm.Sdk.RequestBase.Process(CorrelationToken correlationToken, CallerOriginToken originToken, UserAuth userAuth, Guid callerId) at Microsoft.Crm.Sdk.CrmServiceInternal.Execute(RequestBase request, CorrelationToken correlationToken, CallerOriginToken originToken, UserAuth userAuth, Guid callerId) at Microsoft.Crm.Sdk.Crm2007.CrmService.Execute(Request request) --- End of inner exception stack trace ---
We have Dynamics CRM 4 update rollup 6 configured as an IFD and have set the UserRootPath using the deployment configuration tool. Adding users through the CRM interface works perfectly. However, when trying to add a user through the CrmService API, the user is not added and we get the trace message included below. Adding users through the CrmService API works if we remove the UserRootPath setting from the organization. The path appears to be correct, works within other LDAP tools, and the user is within the specified OU. We are using the path "LDAP://dcserver/OU=testorg;OU=Hosting;DC=domain;DC=local".
[2009-09-29 13:19:54.7] Process: w3wp |Organization:---- |Thread: 9 |Category: Platform.Sdk |User: ---- |Level: Error | CompositeSoapExtensionExceptionHandler.Handle >CrmSoapExtension detected CrmException: System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.DirectoryServices.DirectoryServicesCOMException (0x80072020): An operations error occurred. at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) at System.DirectoryServices.DirectoryEntry.Bind() at System.DirectoryServices.DirectoryEntry.get_AdsObject() at System.DirectoryServices.DirectorySearcher.FindAll(Boolean findMoreThanOne) at System.DirectoryServices.DirectorySearcher.FindOne() at Microsoft.Crm.ObjectModel.SystemUserServiceInternal`1.CheckUserUnderRootPath(String domainAccountName, ExecutionContext context) at Microsoft.Crm.ObjectModel.SystemUserServiceInternal`1.CreateInternal(Guid organizationId, IBusinessEntity systemuser, ExecutionContext context) at Microsoft.Crm.ObjectModel.SystemUserServiceInternal`1.Create(IBusinessEntity systemuser, ExecutionContext context) --- End of inner exception stack trace --- at System.RuntimeMethodHandle._InvokeMethodFast(Object target, Object[] arguments, SignatureStruct& sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner) at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks) at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) at System.Web.Services.Protocols.LogicalMethodInfo.Invoke(Object target, Object[] values) at Microsoft.Crm.Extensibility.InternalOperationPlugin.Execute(IPluginExecutionContext context) at Microsoft.Crm.Extensibility.PluginStep.Execute(PipelineExecutionContext context) at Microsoft.Crm.Extensibility.Pipeline.Execute(PipelineExecutionContext context) at Microsoft.Crm.Extensibility.MessageProcessor.Execute(PipelineExecutionContext context) at Microsoft.Crm.Extensibility.InternalMessageDispatcher.Execute(PipelineExecutionContext context) at Microsoft.Crm.Extensibility.ExternalMessageDispatcher.Execute(String messageName, Int32 primaryObjectTypeCode, Int32 secondaryObjectTypeCode, PropertyBag fields, CorrelationToken correlationToken, CallerOriginToken originToken, UserAuth userAuth, Guid callerId) at Microsoft.Crm.Sdk.RequestBase.Process(Int32 primaryObjectTypeCode, Int32 secondaryObjectTypeCode, CorrelationToken correlationToken, CallerOriginToken originToken, UserAuth userAuth, Guid callerId) at Microsoft.Crm.Sdk.RequestBase.Process(CorrelationToken correlationToken, CallerOriginToken originToken, UserAuth userAuth, Guid callerId) at Microsoft.Crm.Sdk.CrmServiceInternal.Execute(RequestBase request, CorrelationToken correlationToken, CallerOriginToken originToken, UserAuth userAuth, Guid callerId) at Microsoft.Crm.Sdk.Crm2007.CrmService.Execute(Request request) --- End of inner exception stack trace ---
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
0x80072020 错误与 AD 中的通用“访问被拒绝”相关。
根据您的配置,您可以尝试通过修改以下内容来查明问题:
1) 使用 Active Directory 用户和计算机向应用程序池用户授予“委托”选项。
2) 将 web.config 添加到 MSCRMServices 文件夹并打开模拟,例如:
<身份模拟=“true”用户名=“mydomain\bob”密码=“builder”/>
The 0x80072020 error is related to a generic "Access Denied" in AD.
Depending on your configuration, you could try to pinpoint the issue by modifying the following:
1) Grant the "delegate" option to the application pool user using Active Directory Users and Computers.
2) Add a web.config to the MSCRMServices folder and turn impersonation on such as:
< identity impersonate="true" userName="mydomain\bob" password="builder" />