I am trying to call a Web API endpoint(https) using client certificate in Dynamics CRM plugin on Sandbox environment and I am getting the following error message.
Unhandled Exception:
System.ServiceModel.FaultException`1[[Microsoft.Xrm.Sdk.OrganizationServiceFault, Microsoft.Xrm.Sdk, Version=9.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]]: Unexpected exception from plug-in (Execute): MyTestPlugin.PatchOnRevise: System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.KeyContainerPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.Detail:
<OrganizationServiceFault xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.microsoft.com/xrm/2011/Contracts">
<ActivityId>9eb9f246-31da-42d4-a8ad-a93b16c783d7</ActivityId>
<ErrorCode>-2147220956</ErrorCode>
<ErrorDetails xmlns:d2p1="http://schemas.datacontract.org/2004/07/System.Collections.Generic" />
<Message>Unexpected exception from plug-in (Execute): MyTestPlugin.PatchOnRevise: System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.KeyContainerPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.</Message>
<Timestamp>2018-07-08T22:01:17.969528Z</Timestamp>
<ExceptionRetriable>false</ExceptionRetriable>
<ExceptionSource i:nil="true" />
<InnerFault i:nil="true" />
<OriginalException i:nil="true" />
<TraceText>
This is the code wherein I am attaching the certificate to WebClient.
protected override WebRequest GetWebRequest(Uri _address)
{
X509Certificate2 x509Certificate2 = new X509Certificate2(_bytes);
HttpWebRequest request = (HttpWebRequest)base.GetWebRequest(_address);
request.ClientCertificates.Add(x509Certificate2);
return request;
}
I have tried to disable Sandbox, but no luck. Is there anything else I need to do to fix this issue.
You can't disable sandbox in an online environment.
I suspect the issue is related to this, I'm not sure if certificate based security is supported.
Plug-in isolation, trusts, and statistics
Web access
Sandboxed plug-ins and custom workflow activities can access the
network through the HTTP and HTTPS protocols. This capability provides
support for accessing popular web resources like social sites, news
feeds, web services, and more. The following web access restrictions
apply to this sandbox capability.
Only the HTTP and HTTPS protocols are allowed.
Access to localhost (loopback) is not permitted.
IP addresses cannot be used. You must use a named web address that requires DNS name resolution.
Anonymous authentication is supported and recommended. There is no provision for prompting the logged on user for credentials or
saving those credentials.
Related
I am searching for availability of a resource and getting a not particularly helpful error. The subgrid fails to refresh.
This is OOTB functionality with no custom actions
Any Ideas?
Schedule Service Activity
Select the customers, service, and resources for this activity.
Select the date, time, and duration, and click Find Available Times.
Select the time you want from the list of available times, and click Schedule
POST:
GridControl.js?ver=-821682931:1 POST https://****.****/****/AppWebServices/AppGridWebService.ashx?operation=Refresh 500 (Internal Server Error)
execute # VM66800 global.ashx?ver=-821682931:7
executeInternal # GridControl.js?ver=-821682931:1
$5f_3 # GridControl.js?ver=-821682931:1
$4T_3 # GridControl.js?ver=-821682931:1
set_pageNumber # GridControl.js?ver=-821682931:1
Search # schedulingdialog.js?ver=-821682931:1
onclick # schedulingdialog.aspx?ActivityId=&ActivityTypeCode=4214&dType=1:380
Unhandled Exception:
System.ServiceModel.FaultException`1[[Microsoft.Xrm.Sdk.OrganizationServiceFault, Microsoft.Xrm.Sdk, Version=7.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]]: System.Xml.XmlException: Microsoft Dynamics CRM has experienced an error. Reference number for administrators or support: #59FB87F1Detail: <OrganizationServiceFault xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.microsoft.com/xrm/2011/Contracts"> <ErrorCode>-2147220970</ErrorCode> <ErrorDetails xmlns:d2p1="http://schemas.datacontract.org/2004/07/System.Collections.Generic" /> <Message>System.Xml.XmlException: Microsoft Dynamics CRM has experienced an error. Reference number for administrators or support: #59FB87F1</Message> <Timestamp>2018-01-09T12:24:52.7024342Z</Timestamp> <InnerFault> <ErrorCode>-2147220970</ErrorCode> <ErrorDetails xmlns:d3p1="http://schemas.datacontract.org/2004/07/System.Collections.Generic" /> <Message>System.NullReferenceException: Microsoft Dynamics CRM has experienced an error. Reference number for administrators or support: #E9DAA4DE</Message> <Timestamp>2018-01-09T12:24:52.7024342Z</Timestamp> <InnerFault i:nil="true" /> <TraceText i:nil="true" /> </InnerFault> <TraceText i:nil="true" /> </OrganizationServiceFault> System.NullReferenceException: Object reference not set to an instance of an object. at Microsoft.Crm.Core.Application.WebServices.AppGridWebServiceHandler.GetGridDataProvider(String gridXml) at Microsoft.Crm.Core.Application.WebServices.AppGridWebServiceHandler.Refresh(String gridXml, StringBuilder sbXml, StringBuilder sbHtml, Boolean returnJsonData) at Microsoft.Crm.Core.Application.WebServices.AppGridWebServiceHandler.ProcessRequestInternal(HttpContext context) Not available Not available
Details
Not available
https://**.**/***/AppWebServices/AppGridWebService.ashx?operation=Refresh /***/AppWebServices/AppGridWebService.ashx?operation=Refresh ASHX_XML
I am using dynamic CRM 2015 version 7.0.1.129 On-Premise. When user click on notes in social pane. An error shows up which is "Generic SQL Error".
Here is the log
Unhandled Exception:
System.ServiceModel.FaultException`1[[Microsoft.Xrm.Sdk.OrganizationServiceFault, Microsoft.Xrm.Sdk, Version=7.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]]: Generic SQL error.Detail:
<OrganizationServiceFault xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.microsoft.com/xrm/2011/Contracts">
<ErrorCode>-2147204784</ErrorCode>
<ErrorDetails xmlns:d2p1="http://schemas.datacontract.org/2004/07/System.Collections.Generic" />
<Message>Generic SQL error.</Message>
<Timestamp>2016-04-12T17:00:52.6982705Z</Timestamp>
<InnerFault i:nil="true" />
<TraceText i:nil="true" />
</OrganizationServiceFault>
Actually the main issue is that the error is only showing for a single user not all of them and this happens every time when he click on Notes within a Pipeline Opportunity.
Any kind of Help/Suggestion will be appreciated.
Thanks
My website has Windows Authentication enabled with Negotiate provider listed first as I want to use Kerberos for delegating. It works fine when I run the website from a browser on the web server itself. When I use IE from another machine in the domain, I get the login box. After 3 tries I get a HTTP 401.2 error: Unauthorized.
I've made sure the domain account used by the Application Pool has Read and Execute rights to the website folder, and so does the domain account I'm logging in under when hitting the website (and I've also thrown in 'Authenticated Users' for good measure).
Interestingly if I try to access the site using the web server's IP instead of the name, it loads fine.
Anyone have thoughts?
One year after my first encountering this problem I've solved it.
Got the tip from http://blogs.technet.com/b/proclarity/archive/2011/03/08/useapppoolcredentials-true-with-kerberos-delegation-on-2008.aspx
Need to set useAppPoolCredentials="true" on the windowsAuthentication element in applicationHost.config (can set via IIS Manager)
<system.webServer>
<security>
<authentication>
<anonymousAuthentication enabled="false" />
<windowsAuthentication enabled="true" useKernelMode="true" useAppPoolCredentials="true">
<providers>
<clear />
<add value="Negotiate" />
</providers>
<extendedProtection tokenChecking="None" />
</windowsAuthentication>
</authentication>
</security>
</system.webServer>
The reason you're getting a 401.2 when using a DNS name is most likely due to the fact register the name you're using as a service principle name (SPN) in AD.
Here's a couple of links that should help you out:
Service Principal Name (SPN) checklist for Kerberos authentication with IIS 7.0/7.5
http://blogs.msdn.com/b/webtopics/archive/2009/01/19/service-principal-name-spn-checklist-for-kerberos-authentication-with-iis-7-0.aspx
Register a Service Principal Name for Kerberos Connections:
http://technet.microsoft.com/en-us/library/ms191153.aspx
Hi I met the following problem when achieve a function "send an email to members" in my membership application. I did some research and add
<system.web>
<securityPolicy>
<trustLevel name="Full" policyFile="internal"/>
</securityPolicy>
</system.web>
to my Web.config, then deployed to server again, but the problem still exists. Any ideas? Thanks in advance.
Server Error in '/TestApp' Application.
Security Exception
Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.
Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Net.Mail.SmtpPermission, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
When sending the email you might be specifying the SMTP port number which might not be allowed.
Here is an example of what I'm talking about:
SecurityException: Request for the permission of type 'System.Net.Mail.SmtpPermission'
I've CRM 2011 on-premise installation. When a workflow (both custom and crm workflow) try to a create note in Account entity, an error occurred. When I check the workflow status it shows ‘Waiting’ and showing below error message.
“A SQL Server error occurred. Try this action again. If the problem continues check the Microsoft Dynamics CRM Community for solutions or contact your organization's Microsoft Dynamics CRM Administrator. Finally, you can contact Microsoft Support”
Workflow paused due to error: Unhandled Exception: System.ServiceModel.FaultException`1[[Microsoft.Xrm.Sdk.OrganizationServiceFault, Microsoft.Xrm.Sdk, Version=5.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]]: Generic SQL error.Detail:
-2147204784
Generic SQL error.
2012-10-25T11:11:01.2064949Z
<ErrorCode>-2147204784</ErrorCode>
<ErrorDetails xmlns:d3p1="http://schemas.datacontract.org/2004/07/System.Collections.Generic" />
<Message>Generic SQL error.</Message>
<Timestamp>2012-10-25T11:11:01.2064949Z</Timestamp>
<InnerFault>
<ErrorCode>-2147220970</ErrorCode>
<ErrorDetails xmlns:d4p1="http://schemas.datacontract.org/2004/07/System.Collections.Generic" />
<Message>System.Data.SqlClient.SqlException: Microsoft Dynamics CRM has experienced an error. Reference number for administrators or support: #6F1D18EA</Message>
<Timestamp>2012-10-25T11:11:01.207495Z</Timestamp>
<InnerFault i:nil="true" />
<TraceText i:nil="true" />
</InnerFault>
<TraceText i:nil="true" />
at Microsoft.Crm.Extensibility.OrganizationSdkServiceInternal.RetrieveMultiple(QueryBase query, CorrelationToken correlationToken, CallerOriginToken callerOriginToken, WebServiceType serviceType)
at Microsoft.Crm.Extensibility.InprocessServiceProxy.RetrieveMultipleCore(QueryBase query)
at Microsoft.Crm.Workflow.RegardingObjectUtility.CreateLookup(String entityName, Guid entityId)
at Microsoft.Crm.Workflow.WorkflowContextBase.SetStepRegardingRecord(String entityName, Guid entityId)
at Microsoft.Crm.Workflow.Services.UpdateActivityService.<>c_DisplayClass1.b_0(IOrganizationService sdkService)
at Microsoft.Crm.Workflow.Services.ActivityServiceBase.ExecuteInTransactedContext(ActivityDelegate activityDelegate)
at Microsoft.Crm.Workflow.Services.UpdateActivityService.UpdateInternal(Entity entity, String stepId)
at Microsoft.Crm.Workflow.Services.UpdateActivityService.ExecuteInternal(ActivityContext executionContext, UpdateEntity updateEntity)
at Microsoft.Crm.Workflow.Services.UpdateActivityService.Execute(ActivityContext executionContext, UpdateEntity updateEntity)
at System.Activities.CodeActivity.InternalExecute(ActivityInstance instance, ActivityExecutor executor, BookmarkManager bookmarkManager)
at System.Activities.Runtime.ActivityExecutor.ExecuteActivityWorkItem.ExecuteBody(ActivityExecutor executor, BookmarkManager bookmarkManager, Location resultLocation)
I checked trace also.
Please suggest,
Thanks
Kiran
Enable tracing (using this tool easiest) and take a look at the resulting trace file for the Async service (can't remember the file name but it will have "async" in it somewhere). This should give you some additional detail.
Do you have any plugins registered on your system (especially against the Account or Annotation (Note) entity?