I have a webservice using AX 2012 R2 AIF Service. When i call a function that use the CustCustomerService.create i am getting the following error:
An error has occurred in the services framework. Method: AifMessageInspector::AfterReceiveRequest. Error: System.ServiceModel.FaultException: Failed to logon to Microsoft Dynamics AX.
the Custom Webservice i created is on the same server of the Dynamics AX, and the user i am using to login to Windows has access to the AX Client.
Any ideas why this is happening and how can i solve it?
That a user can log into AX doesn’t mean that he has permissions to call the service operation. He must have CustCustomerServiceCreate privilege to be allowed to call CustCustomerService.create.
and how can i achieve that?
I am getting now “User is not authorized for this port.” on the CustCustomerService.Create action
How to work with role-based security is well-documented. Look at MSDN, for instance. It’s really important, so I recommend spending some time with it,
I can’t tell you what exactly to do, because it depends on what you want to achieve. You can assign the user to a role that already has the privilege (Sales manager and IT manager have it by default). Or you add the privilege to another role. Or you can create a new role.
If you used the Restrict users checkbox on the inbound port, you have to add the user to authorized users.
i guess i don’t have any problem on this level, please note the scenarios below which will explain to you the whole situation:
In Visual Studio 2010, I press F5 to debug, and i run the function and all is working fine. The action is taken in AX 2012 R2. I am trying to create a customer.
If I open the hosted webservice (that i tried to debug in scenario #1) in the browser using the Webservice’s URL. I am getting the mentioned issue when calling the same function.
Any ideas? I read all the MSDN Article that you have mentioned, but in my case it is not helpful.
Thank you Martin.
So you’re using the HTTP adapter with Windows Authentication, correct?
Maybe your application in VS has some configuration that isn’t available when running the service in browser. Or your credentials are not passed to the browser, therefore it’s another account that tries to connect to AX. (It would be the application pool account, which should set to BC proxy, which mustn’t be set up as AX user.)
In your Visual Studio code, are you explicitly mentioning the AX user name and password to log into AX?
This user credentials should exist as user in AX.
Usually when we activate any inbound port , by default it has security mode=“TransportCredentialOnly” and clientCredentialType=“Windows” that means you can only access the service from the same domain. if you need to access the service from other domain you need to configure the port with the “Basic” clientCredentialType. because even if you are passing the username and password from code it will not be used if it is “Windows” auth type.
Simply your issue is just because of the wrong site pool publish , just publish your service under MicrosoftDynamicsAXAIF60 and it will work, because it will take the poolId user which is same as of AIF service user.
Try to use similar code in your VS
SampleServiceClient client = new SampleServiceClient(binding, address);
CallContext context = new CallContext();
context.Company = “usmf”;
client.ClientCredentials.Windows.ClientCredential.Domain = “contoso”;
client.ClientCredentials.Windows.ClientCredential.UserName = “Admin”;
client.ClientCredentials.Windows.ClientCredential.Password = “pass@word1”;