Within our community server site, when I navigate to the UserList.aspx page, I get the following error every time: User Not Found, The user you requested cannot be found.
When I check the event log, I see asp.net warnings as follows:
Event Type: Warning
Event Source: ASP.NET 2.0.50727.0
Event Category: Web Event
Event ID: 1309
Date: 4/17/2013
Time: 9:39:43 AM
User: N/A
Computer: SV3369
Description:
Event code: 3005
Event message: An unhandled exception has occurred.
Event time: 4/17/2013 9:39:43 AM
Event time (UTC): 4/17/2013 2:39:43 PM
Event ID: f121eb3cd0a847b2a53972a09f802235
Event sequence: 11116
Event occurrence: 1072
Event detail code: 0
Application information:
Application domain: /LM/W3SVC/8022/ROOT-1-130105941980617500
Trust level: Full
Application Virtual Path: /
Application Path: C:\Inetpub\wwwroot\wisdomresearch.org\wwwroot\
Machine name: SV3369
Process information:
Process ID: 4148
Process name: w3wp.exe
Account name: NT AUTHORITY\NETWORK SERVICE
Exception information:
Exception type: CSException
Exception message: User Username not found in membership store does not exist.
Request information:
Request URL: http://wisdomresearch.org/themes/basic/Arete/UserList.aspx?interest=European+History
Request path: /themes/basic/Arete/UserList.aspx
User host address: 173.199.116.83
User:
Is authenticated: False
Authentication Type:
Thread account name: NT AUTHORITY\NETWORK SERVICE
Thread information:
Thread ID: 8
Thread account name: NT AUTHORITY\NETWORK SERVICE
Is impersonating: False
Stack trace: at CommunityServer.Users.AddMembershipDataToUser(UserSet users)
at CommunityServer.Users.GetUsers(UserQuery query, Boolean cacheable)
at Arete.Common.GetGlobalUsersTable()
at PageBase.GetUsersTableFromCache()
at Themes_basic_Arete_userlist.BindUsers()
at Themes_basic_Arete_userlist.ExecuteSearch()
at Themes_basic_Arete_userlist.Page_Load()
at System.Web.Util.CalliHelper.ArglessFunctionCaller(IntPtr fp, Object o)
at System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e)
at System.Web.UI.Control.OnLoad(EventArgs e)
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
Also, I've seen this post, but I'm unsure of what I need to do if this is my problem.
First of all, I'm not familiar with community server site, although I used ASP.Net Membership extensively.
According to the SO link in your question, the problem is users are missing in cs_Users table (or might be other table).
1 - You need to find those orphaned rows. Something like this -
SELECT * FROM aspnet_Users WHERE UserId NOT IN (SELECT UserId FROM cs_Users)
2 - Then you either need to delete them or do something.
Related
I have deployed a DotNet Core application on Heroku but I m receiving the following error when I'm trying to open the application
fail: ShopApi.Program[0]
An error occurred while migrating the database.
Npgsql.PostgresException (0x80004005): 28000: no pg_hba.conf entry for host "3.249.151.147", user "ddojar225ki3s4", database "ddojar225ki3s4", SSL off
at Npgsql.NpgsqlConnector.<ReadMessage>g__ReadMessageLong|194_0(NpgsqlConnector connector, Boolean async, DataRowLoadingMode dataRowLoadingMode, Boolean readingNotifications, Boolean isReadingPrependedMessage)
at Npgsql.NpgsqlConnector.Authenticate(String username, NpgsqlTimeout timeout, Boolean async, CancellationToken cancellationToken)
at Npgsql.NpgsqlConnector.Open(NpgsqlTimeout timeout, Boolean async, CancellationToken cancellationToken)
at Npgsql.NpgsqlConnection.<>c__DisplayClass41_0.<<Open>g__OpenAsync|0>d.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at Npgsql.NpgsqlConnection.Open()
at Npgsql.EntityFrameworkCore.PostgreSQL.Storage.Internal.NpgsqlDatabaseCreator.Exists()
at Microsoft.EntityFrameworkCore.Migrations.HistoryRepository.Exists()
at Microsoft.EntityFrameworkCore.Migrations.Internal.Migrator.Migrate(String targetMigration)
at Microsoft.EntityFrameworkCore.RelationalDatabaseFacadeExtensions.Migrate(DatabaseFacade databaseFacade)
at ShopApi.Extensions.MigrateDatabaseExtension.MigrateDatabase[T](IHost webHost) in /src/ShopApi/Extensions/MigrateDatabaseExtension.cs:line 22
Exception data:
Severity: FATAL
SqlState: 28000
MessageText: no pg_hba.conf entry for host "3.249.151.147", user "ddojar225ki3s4", database "ddojar225ki3s4", SSL off
File: auth.c
Line: 496
Routine: ClientAuthentication
I have added an Add-On for Postgresql.
I am connecting to the database like this :
services.AddDbContext<DataContext>(optionsBuilder =>
optionsBuilder.UseNpgsql(Configuration.GetConnectionString("PostgresSqlDatabaseConnection")));
My Connection String
"PostgresSqlDatabaseConnection": "User ID=ddojar225ki3s4;Password=correct_password;Server=ec2-34-242-89-204.eu-west-1.compute.amazonaws.com;Port=5432;Database=ddojar225ki3s4;Integrated Security=true; Pooling=true"
Solution
I had to add
SSL Mode=Require; to the connection string.
Be careful NOT to type Required or SSL Mode=SSL.Require
So as a pretext, I've got less than no idea what to do about this. I've researched for about two hours and normally I would just keep going but none of the information I've found has been useful. I suspect this would have something to do with the YAML (serverless.yml) file but I am unsure. I've made several updates to the file so I will post the initial code and the current code though no difference has been made. The code worked flawlessly in development but throws errors in production. You can see https://www.evote.space to replicate this.
Current
myNextApplication:
service: myService
component: "#sls-next/serverless-component#1.18.0"
provider:
name: aws
runtime: nodejs12.x
stage: dev
profile: evote
iam:
role: rolenamegoesherebutnotonstackoverflow
inputs:
domain: "evote.space"
functions:
createuser:
handler: data.createuser
readTable:
handler: data.readTable
resources:
Resources:
usersTable:
Type: AWS::DynamoDB::Table
Properties:
TableName: Users
AttributeDefinitions:
- AttributeName: userHash
AttributeType: N
KeySchema:
- AttributeName: userHash
KeyType: HASH
votersTable:
Type: AWS::DynamoDB::Table
Properties:
TableName: Voters
AttributeDefinitions:
- AttributeName: voterHash
AttributeType: N
KeySchema:
- AttributeName: voterHash
KeyType: HASH
electionsTable:
Type: AWS::DynamoDB::Table
Properties:
TableName: Elections
AttributeDefinitions:
- AttributeName: electionHash
AttributeType: N
KeySchema:
- AttributeName: electionHash
KeyType: HASH
ballotsTable:
Type: AWS::DynamoDB::Table
Properties:
TableName: Ballots
AttributeDefinitions:
- AttributeName: ballotHash
AttributeType: N
KeySchema:
- AttributeName: ballotHash
KeyType: HASH
Initial (At first deployment with error)
myNextApplication:
service: myService
component: "#sls-next/serverless-component#1.18.0"
provider:
name: aws
runtime: nodejs12.x
stage: dev
profile: evote
inputs:
domain: "evote.space"
My code base is massive and made up of many pages and components. So far all that I've made is a login function but on the sign up page where it calls the api to return users (for duplicate email validation), it returns the error we're all too familiar with "Unexpected token < in JSON at position 0" if you go back then load the page again you can get the console to reveal a source on that error which reads:
503 ERROR
The request could not be satisfied.
The Lambda function associated with the CloudFront distribution is invalid or doesn't have the required permissions. We can't connect to the server for this app or website at this time. There might be too much traffic or a configuration error. Try again later, or contact the app or website owner.
If you provide content to customers through CloudFront, you can find steps to troubleshoot and help prevent this error by reviewing the CloudFront documentation.
Generated by cloudfront (CloudFront)
Request ID: No0_qVJ3gcOpg48rMXqvgyipx4wKWmV-hRewQblZ-loyaaiVJLqGIA==
So yeah, if you can help, please do.
Edit:
The code that's causing the issue is the following block
NewUser.getInitialProps = async ({ req }) => {
if (req) {
// this is server side
return {
users: await data.readTable("Users")
};
} else {
// we are client side
const response = await fetch("/api/users");
return { users: await response.json() };
}
};
And the api that handled this originally looked like this:
import data from "../../../data"
export default async (req, res) => {
console.log("/api/users HIT!");
res.status(200).json(await data.readTable("Users"));
};
But I changed it so that it can be marked as a lambda so now it looks like this (though it made no difference):
import data from "../../../data";
module.exports.read = async (event, context, callback) => {
console.log("/api/users HIT!");
callback(null, {statusCode: 200}).json(await data.readTable("Users"));
}
So after careful research I did the following and this is apparently a pretty common issue so I recommend anyone else suffering from this issue do exactly the following. Please remember this is with the serverless-nextjs component not just the serverless framework although the same may apply there:
I carefully dug through the repository README and followed all instructions.
I logged into the AWS Console and found what I thought was the primary issue but was actually a tertiary problem; The Lambda#Edge was only configured with basic CloudWatch Logging permissions. I updated it with all of the necessary privileges while ensuring best practices
After updating your Lambda make sure you deploy it to Lambda#Edge (Under Actions Menu)
Then I navigated to CloudWatch and checked the logs in the correct region and found errors after calling into the API.
Somehow my DynamoDB tables got deleted or weren't properly replicated so I redeployed them from my SDK with npm run infra and after.
This experience is always a good one to have. Your by no means invincible to really stupid errors in your code. And 99% of the time if you're stuck and thinking it's complex and that it's unrealistic that you'll fix it, step back and ask, "What's the dumbest thing it could be?"
And it's always that.
For me, using the Alpha version of Serverless, solved this error message
'The Lambda function associated with the CloudFront distribution is invalid or doesn't have the required permissions'
serverless.yml file:
# component: "#sls-next/serverless-component#1.19.0"
component: "#sls-next/serverless-component#3.4.0-alpha.12"
We can find the latest version here: https://www.npmjs.com/package/#sls-next/serverless-component
I am using the AWS Node SDK to try and use a launch template to launch an EC2 instance. In the web console for the same user I have access to the Launch Template ID, but in the Node API it tells me the Launch Template with ID does not exist:
version: aws-sdk#2.606.0
Screenshot in AWS Console
Screenshot in my config file
(I've blocked the last few characters for security but they are the same)
This is the Node
AWS = require('aws-sdk');
AWS.config.update({region: global.settings.aws.region});
let instanceParams = {
LaunchTemplate: {
LaunchTemplateId: global.settings.aws.ltId
},
InstanceType: 't2.micro',
MinCount: 1,
MaxCount: 1
};
let instancePromise = new AWS.EC2().runInstances(instanceParams).promise();
instancePromise.then(
function(data) {
console.log(data);
}).catch(
function(err) {
console.error(err, err.stack);
});
This is the error the API returns:
InvalidLaunchTemplateId.NotFound: The specified launch template, with template ID lt-03969d13638b5XXXX, does not exist.
at Request.extractError (/ApplicationPath/node_modules/aws-sdk/lib/services/ec2.js:50:35)
at Request.callListeners (/ApplicationPath/node_modules/aws-sdk/lib/sequential_executor.js:106:20)
at Request.emit (/ApplicationPath/node_modules/aws-sdk/lib/sequential_executor.js:78:10)
at Request.emit (/ApplicationPath/node_modules/aws-sdk/lib/request.js:683:14)
at Request.transition (/ApplicationPath/node_modules/aws-sdk/lib/request.js:22:10)
at AcceptorStateMachine.runTo (/ApplicationPath/node_modules/aws-sdk/lib/state_machine.js:14:12)
at /ApplicationPath/node_modules/aws-sdk/lib/state_machine.js:26:10
at Request. (/ApplicationPath/node_modules/aws-sdk/lib/request.js:38:9)
at Request. (/ApplicationPath/node_modules/aws-sdk/lib/request.js:685:12)
at Request.callListeners (/ApplicationPath/node_modules/aws-sdk/lib/sequential_executor.js:116:18)
at Request.emit (/ApplicationPath/node_modules/aws-sdk/lib/sequential_executor.js:78:10)
at Request.emit (/ApplicationPath/node_modules/aws-sdk/lib/request.js:683:14)
at Request.transition (/ApplicationPath/node_modules/aws-sdk/lib/request.js:22:10)
at AcceptorStateMachine.runTo (/ApplicationPath/node_modules/aws-sdk/lib/state_machine.js:14:12)
at /ApplicationPath/node_modules/aws-sdk/lib/state_machine.js:26:10
at Request. (/ApplicationPath/node_modules/aws-sdk/lib/request.js:38:9)
at Request. (/ApplicationPath/node_modules/aws-sdk/lib/request.js:685:12)
at Request.callListeners (/ApplicationPath/node_modules/aws-sdk/lib/sequential_executor.js:116:18)
at callNextListener (/ApplicationPath/node_modules/aws-sdk/lib/sequential_executor.js:96:12)
at IncomingMessage.onEnd (/ApplicationPath/node_modules/aws-sdk/lib/event_listeners.js:307:13)
at IncomingMessage.emit (events.js:214:15)
at IncomingMessage.EventEmitter.emit (domain.js:476:20) {
message: 'The specified launch template, with template ID lt-03969d13638b5XXXX, does not exist.',
code: 'InvalidLaunchTemplateId.NotFound',
time: 2020-01-22T15:29:18.641Z,
requestId: '16082702-49c0-4451-a3b7-570b930b5238',
statusCode: 400,
retryable: false,
retryDelay: 47.92654090836894
}
The IAM access includes both:
AmazonEC2FullAccess
AmazonEC2FullAccess
(The JSON are super long but I am happy to post those in here if needed)
My thought is that there is some permissioning error for the IAM but I can't determine what that might be. Thank you for the help and please let me know if there is any other clarity I can provide.
When you can see that a given AWS resource exists in the AWS console, but it is not returned by the awscli or SDK calls, (or vice-versa) then one of the following is likely the cause:
you have queried the wrong region
you have queried the wrong AWS account (your effective credentials are for a 2nd, different account)
you have mis-typed the resource name/id
your browser has cached results that no longer exist (refresh your browser)
I have a definition of a report object. I have another definition of reports object that has an array of report objects (via a $ref).
In the report definition, I have an example defined, which works fine in swagger UI.
In the reports definition, I want it to use the example from the report definition.
How can I do this? I've tried several things using $ref, the closest I got was what I have in the following YAML...
definitions:
report:
type: object
properties:
ID:
type: number
format: int
description: "DB record ID of the report."
readOnly: true
ErrorContent:
type: string
description: "The actual problem or error infomation for this report. This can be exception stack, etc."
readOnly: true
UserComments:
type: string
description: "Any user comments collected by the app and submitted with the report."
readOnly: true
ReportedBy:
type: string
description: "The person using the app when it triggered the error this report is for."
readOnly: true
ReportedDateTime:
type: string
description: "The date/time the report was submitted."
readOnly: true
required:
- ID
- ErrorContent
- ErrorType
- UserComments
- ReportedBy
- ReportedDateTime
example:
ID: 11367
ErrorContent: "Operation is not valid due to the current state of the object."
ErrorType: "Exception"
UserComments: "Was clicking this and that and then Boom!"
ReportedBy: "domain\\name"
ReportedDateTime: "2016-01-19 14:07:00"
reports:
properties:
message:
type: string
reports:
type: array
items:
$ref: '#/definitions/report'
example:
message: "success"
reports:
- $ref: '#/definitions/report'
However, in Swagger UI, the above results in...
{
"message": "success",
"reports": [
{
"$ref": "#/definitions/report"
}
]
}
One interesting note, in Swagger UI, when I look at the model view, it does have all of report even with descriptions.
This behavior is correct--the examples section cannot be referenced with a JSON pointer. See the OAI Specification for what is currently supported.
If you feel this is a common use case, please open an issue on the spec repository.
I created domain user 'jsmith' in Active Directory and i've added that domain account as a user in Dynamics CRM. My goal here is to execute code with a service account that is in the PrivUserGroup for the organization while impersonating 'jsmith'. I instantiate the CrmDataContext by passing it an instance of CrmConnection. When calling the constructor of the CrmConnection I pass it the name of my connection string in the application config file then I set the ImpersonatedUser property to the system user id of 'jsmith'. One thing to note is that I'm using a console application to run this. View my code below:
Connection String in app.config:
<add name="Crm" connectionString="Authentication Type=AD; Server=http://dev01/myorg; User ID=myorgdomain\sv-crm; Password=password123" />
CrmDataContext and GetEntities code:
var connection = new CrmConnection("Crm");
connection.ImpersonatedUser = Guid.Parse("1937F45C-8EB4-E011-8FE4-005056887B79");
var crm = new CrmDataContext(connection);
var contacts = crm.GetEntities("contacts")
if(contacts.Count() > 0) //the call to Count() is where the error gets thrown. Invalid user auth.
//do something
I have no issues when trying to impersonate with my own system user id which is tied to my AD domain account that I'm logged in as while running the tests. I get results back just fine so I know there is no issue with the service account that is being used to execute the code. I've even assigned 'jsmith' to the same business unit and put him in the same roles that I'm in (which is System Administrator) and I still get the Invalid user auth. What could I possibly be missing. Below is error information in the trace file on the server. In the trace information below the one thing that does stick out is the first line: "[2011-07-22 18:14:08.0] Process: w3wp |Organization:f827deb3-c6cc-df11-bc07-005056887b79 |Thread: 6 |Category: Exception |User: 822138f1-c574-e011-9dca-005056887b79 |Level: Error | CrmException..ctor*". The User id that is being display is my system user id. It seems like it would show the id of the service account from the connection string or the id 'jblow' who is being impersonated. Any ideas would be greatly appreciated.
[2011-07-22 18:14:08.0] Process: w3wp |Organization:f827deb3-c6cc-df11-bc07-005056887b79 |Thread: 6 |Category: Exception |User: 822138f1-c574-e011-9dca-005056887b79 |Level: Error | CrmException..ctor
at CrmException..ctor(Int32 errorCode, Object[] arguments)
at SecurityHelper.VerifyAndReturnCurrentCallerId(Guid userId, Guid callerId, Guid orgId)
at CrmWebService.get_CurrentCallerId()
at CrmService.Execute(Request request)
at RuntimeMethodHandle._InvokeMethodFast(Object target, Object[] arguments, SignatureStruct& sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)
at RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks)
at RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
at LogicalMethodInfo.Invoke(Object target, Object[] values)
at WebServiceHandler.Invoke()
at WebServiceHandler.CoreProcessRequest()
at SyncSessionlessHandler.ProcessRequest(HttpContext context)
at CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
at ApplicationStepManager.ResumeSteps(Exception error)
at HttpApplication.System.Web.IHttpAsyncHandler.BeginProcessRequest(HttpContext context, AsyncCallback cb, Object extraData)
at HttpRuntime.ProcessRequestInternal(HttpWorkerRequest wr)
at HttpRuntime.ProcessRequestNoDemand(HttpWorkerRequest wr)
at ISAPIRuntime.ProcessRequest(IntPtr ecb, Int32 iWRType)
>Crm Exception: Message: Invalid user auth., ErrorCode: -2147220988
[2011-07-22 18:14:08.0] Process: w3wp |Organization:f827deb3-c6cc-df11-bc07-005056887b79 |Thread: 6 |Category: Platform.Sdk |User: 822138f1-c574-e011-9dca-005056887b79 |Level: Error | CompositeSoapExtensionExceptionHandler.Handle
at CompositeSoapExtensionExceptionHandler.Handle(Stream to, Stream from, Exception exception)
at CrmAuthenticationSoapExtensionBase.ProcessMessage(SoapMessage message)
at SoapMessage.RunExtensions(SoapExtension[] extensions, Boolean throwOnException)
at SoapServerProtocol.WriteException(Exception e, Stream outputStream)
at WebServiceHandler.WriteException(Exception e)
at WebServiceHandler.Invoke()
at WebServiceHandler.CoreProcessRequest()
at SyncSessionlessHandler.ProcessRequest(HttpContext context)
at CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
at ApplicationStepManager.ResumeSteps(Exception error)
at HttpApplication.System.Web.IHttpAsyncHandler.BeginProcessRequest(HttpContext context, AsyncCallback cb, Object extraData)
at HttpRuntime.ProcessRequestInternal(HttpWorkerRequest wr)
at HttpRuntime.ProcessRequestNoDemand(HttpWorkerRequest wr)
at ISAPIRuntime.ProcessRequest(IntPtr ecb, Int32 iWRType)
>CrmSoapExtension detected CrmException:
System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> Microsoft.Crm.CrmException: Invalid user auth.
at Microsoft.Crm.Sdk.SecurityHelper.VerifyAndReturnCurrentCallerId(Guid userId, Guid callerId, Guid orgId)
at Microsoft.Crm.WebServices.Crm2007.CrmWebService.get_CurrentCallerId()
at Microsoft.Crm.Sdk.Crm2007.CrmService.Execute(Request request)
--- End of inner exception stack trace ---
UPDATE 7/25:
I decided to perform a test by making a call like I've been doing using the CrmDataContext where the CrmConnection.ImpersonatedUser is set to the jsmith id. Then I made another call (exact same query) using the old school approach where you build the QueryExpression and pass it into the CrmService where the CallerId property of the CrmAuthenticationToken is set to the id for jsmith. The using CrmDataContext failed with the "Invalid user auth" error but the other call using the CrmService and QueryExpression ran fine. I used fiddler to look at the raw http request for each of those calls. The raw request was the exact same for both calls except for one thing.... The Negotiate token in the Authorization header of the request. I made both calls, one right after the other, in my console app and they produce different Negotiate tokens. That's got to be the problem although I don't know how to fix. Seems like this is a bug in the Advanced Developer Extensions. Below are the raw http for both.
--using CrmDataContext
POST http://myserver/MSCRMServices/2007/CrmService.asmx HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; MS Web Services Client Protocol 4.0.30319.235)
VsDebuggerCausalityData: uIDPo6mcKDyuc+pPqk3LRv81TrIAAAAA/j8K/SLE5EivZ+mzg1+doYkmNLjkHbFHmbD9UyYmHFEACQAA
Content-Type: text/xml; charset=utf-8
SOAPAction: "http://schemas.microsoft.com/crm/2007/WebServices/Execute"
Accept-Encoding: gzip,gzip
Authorization: Negotiate YIIIrgYGKwYBBQUCoIIIojCCCJ6g.....
Host: myserver
Content-Length: 1281
Expect: 100-continue
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Header>
<CrmAuthenticationToken xmlns="http://schemas.microsoft.com/crm/2007/WebServices">
<AuthenticationType xmlns="http://schemas.microsoft.com/crm/2007/CoreTypes">0</AuthenticationType>
<OrganizationName xmlns="http://schemas.microsoft.com/crm/2007/CoreTypes">myorg</OrganizationName>
<CallerId xmlns="http://schemas.microsoft.com/crm/2007/CoreTypes">1937f45c-8eb4-e011-8fe4-005056887b79</CallerId>
</CrmAuthenticationToken>
</soap:Header>
<soap:Body>
<Execute xmlns="http://schemas.microsoft.com/crm/2007/WebServices">
<Request xsi:type="RetrieveMultipleRequest" ReturnDynamicEntities="true">
<Query xmlns:q1="http://schemas.microsoft.com/crm/2006/Query" xsi:type="q1:QueryExpression">
<q1:EntityName>contact</q1:EntityName>
<q1:ColumnSet xsi:type="q1:AllColumns" />
<q1:Distinct>false</q1:Distinct>
<q1:PageInfo>
<q1:PageNumber>1</q1:PageNumber>
<q1:Count>100</q1:Count>
</q1:PageInfo>
<q1:LinkEntities />
<q1:Criteria>
<q1:FilterOperator>And</q1:FilterOperator>
<q1:Conditions />
<q1:Filters />
</q1:Criteria>
<q1:Orders />
</Query>
</Request>
</Execute>
</soap:Body>
</soap:Envelope>
--call using CrmService with QueryExpression
POST http://myserver/MSCrmServices/2007/CrmService.asmx HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; MS Web Services Client Protocol 4.0.30319.235)
VsDebuggerCausalityData: uIDPo8cVsRu/YZBCl+8cnC9j5fwAAAAAGni8rU7A/Uy4JYm/bi/S6d/soXPiw+xBoKSYCD/1KRIACQAA
Content-Type: text/xml; charset=utf-8
SOAPAction: "http://schemas.microsoft.com/crm/2007/WebServices/Execute"
Authorization: Negotiate YIIG5wYGKwYBBQUCoIIG2zCCBtegMDAuBgkqhk.....
Host: myserver
Content-Length: 1219
Expect: 100-continue
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema- instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Header>
<CrmAuthenticationToken xmlns="http://schemas.microsoft.com/crm/2007/WebServices">
<AuthenticationType xmlns="http://schemas.microsoft.com/crm/2007/CoreTypes">0</AuthenticationType>
<OrganizationName xmlns="http://schemas.microsoft.com/crm/2007/CoreTypes">myorg</OrganizationName>
<CallerId xmlns="http://schemas.microsoft.com/crm/2007/CoreTypes">1937f45c-8eb4-e011-8fe4-005056887b79</CallerId>
</CrmAuthenticationToken>
</soap:Header>
<soap:Body>
<Execute xmlns="http://schemas.microsoft.com/crm/2007/WebServices">
<Request xsi:type="RetrieveMultipleRequest" ReturnDynamicEntities="false">
<Query xmlns:q1="http://schemas.microsoft.com/crm/2006/Query" xsi:type="q1:QueryExpression">
<q1:EntityName>contact</q1:EntityName>
<q1:ColumnSet xsi:type="q1:AllColumns" />
<q1:Distinct>false</q1:Distinct>
<q1:PageInfo>
<q1:PageNumber>1</q1:PageNumber>
<q1:Count>100</q1:Count>
</q1:PageInfo>
<q1:Criteria>
<q1:FilterOperator>And</q1:FilterOperator>
</q1:Criteria>
</Query>
</Request>
</Execute>
</soap:Body>
</soap:Envelope>
Sounds like you may have found a bug. I would open a free support ticket with Microsoft # 1-877-276-2464. They would be faster with resolution than what you're finding here and the outcome would be conclusive.
I never figured out the problem. But, my work-around is to just build a connection string at runtime that contains the username and password of the person i would want to impersonate via the CallerId property. So I want really be impersonated and I guess for my situation it really does not matter.