24.05.2012, 14:11 | #1 |
Участник
|
emeadaxsupport: Dynamics AX 2012: Some problems with setting up Form Authentication for Enterprise Portal
Источник: http://blogs.msdn.com/b/axsupport/ar...se-portal.aspx
============== Lately we run into two issues while setting up Form authentication for Dynamics AX 2012 Enterprise Portal. We could go into Enterprise Portal and we select Form based authentication provider, after that we specify the user and password. After clicking sign in we get immediately SharePoint error "An unexpected error has occurred." In event log we could see following error: Cannot open database "aspnetdb" requested by the login. The login failed. Login failed for user CONTOSO\bcproxy'.System.Data.SqlClient.SqlException at System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection) at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj) at System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj) The issue happens when we run command $Cred = Get-Credential - here I used bcproxy accountAdd-AXSharepointClaimsAuthenticationProvider -Type Forms -Name FormsAuth -SigningCertificate $SigningCert -Credential $Cred -Port 7000 -SSLCertificate $SSLCert with account which is not local admin on machine. The Form based provider web application will be created with application pool which run as contoso\bcproxy user. And this user needs to have access to aspnetdb to authenticate form user. The solution to this problem is to CONTOSO\bcproxy user as login to aspnetdb. We can give him db_owner role for database or db_datareader + db_datawrite + execute permission for all aspnet_* stored procedure in dbo schema. After we went through login to database problem, we got new error in event log: Keyset does not exist System.Security.Cryptography.CryptographicException at System.Security.Cryptography.Utils.CreateProvHandle(CspParameters parameters, Boolean randomKeyContainer) at System.Security.Cryptography.Utils.GetKeyPairHelper(CspAlgorithmType keyType, CspParameters parameters, Boolean randomKeyContainer, Int32 dwKeySize, SafeProvHandle& safeProvHandle, SafeKeyHandle& safeKeyHandle) at System.Security.Cryptography.RSACryptoServiceProvider.GetKeyPair() at System.Security.Cryptography.RSACryptoServiceProvider..ctor(Int32 dwKeySize, CspParameters parameters, Boolean This problem was a little more complicated as error is not straight forward. The issue is that the provider after authenticating user is unable to sign the claims correctly because again application pool account does not have access to private key. To solve the problem:
Источник: http://blogs.msdn.com/b/axsupport/ar...se-portal.aspx
__________________
Расскажите о новых и интересных блогах по Microsoft Dynamics, напишите личное сообщение администратору. |
|
|
|