BCS and External List Learning – Part2
In Part1, I covered a specific scenario related to viewing external list and BDC throttling settings. In this post, I’ll cover a similar specific scenario but related to authentication.
When we create an external content type using SPD2010, the screen where we specify the data source information has 3 options for authentication mode as shown in Screen1.
The “Connect with User’s Identity” is the “PassThrough” authentication mode we had in MOSS 2007 BDC. The other 2 relates to SSO. Now that we have Secure Store Service Application, we can use “Connect with Impersonated Windows Identity” OR if we are using claims token we can use “Connect with Impersonated Custom Identity” [This is my guess at this point in time, will post another blog or update this post when I get a chance to confirm it] types.
This is all good. But what happens in scenarios when we are required to use “RevertToSelf” authentication mode???
The BCS architecture still supports it, but unfortunately, it is not available to us in this initial screen. If the authentication mode isn’t set to “RevertToSelf” in scenarios where users who don’t have specific object or metadata store permissions, we would see errors like: “Login failed for user "NT AUTHORITY\ANONYMOUS LOGON" while browsing to external list.”
Below are steps we need to follow to get this corrected!
1. We have to first enable BCS model to accept “RevertToSelf” as one of the authentication modes. Yes, it’s disabled by default. We can do this using SharePoint 2010 Management Console.
2. As shown from the above commands, the “ReverToSelfAllowed” property is set to false by default. We can now change it to true.
3. Now, we can set RevertToSelf authentication mode in our external content type. To do this, open the external content type in SPD2010, click the external system name against “External System” property in the “External Content Type Information” section. And change the “Authentication Mode” property to “BDC Identity” as shown in Screen2.
Note that the “BDC Identity” option would still be available even if we don’t enable revert to self in the BCS service application. However, when we use it without setting revert to self to true, we’ll see an error shown in Screen3.
Hope this was helpful! Stay tuned for more learning notes on BCS in SharePoint 2010.
Comments
Anonymous
March 28, 2010
I don't see the RevertToSelfAllowed property and cannot set it. Is there some other dependency to be resolved?Anonymous
April 05, 2010
I got it working. Try: $bdc.Properties["ReverToSelfAllowed"] = $true and make sure your sharepoint service account has access to the database.Anonymous
July 19, 2010
What authentication option do you pick when you want to store and use SQL Server native userid/password (not a NT account)?Anonymous
September 14, 2010
i dont want to use nt account, i need to use sql server native uiserid/password, please how can i make it???Anonymous
October 06, 2010
Thanks for this...helped me get it working!Anonymous
October 11, 2010
Thanks Immortal....this post really helped me !Anonymous
January 26, 2011
Thanks a lot. This post is really helped. After set $bdc.Properties["ReverToSelfAllowed"] = $true Either you set authentication mode to "User's Identity" or "BDC Identity", the “Login failed for user "NT AUTHORITYANONYMOUS LOGON" message disappear.Anonymous
December 04, 2011
It is not working properly...Thanks for guidence.Anonymous
April 03, 2012
Hi, How do we set authentication in a Visual Studio BCS solution?Anonymous
June 10, 2012
I want to show a field as hyper link in my external list. The link is present in the table from where I am getting data. please tell me how I can make a field hyperlink in external list.....?Anonymous
June 27, 2012
Jeff, I have done the same, check what is your Server Application Name, as I have recreated I wasn't using Business Data Connectivity, so replace this word with your app name.Anonymous
April 13, 2015
Information was good, I like your post. Looking forward for more on this topic. <a href="staygreenacademy.com/.../">SharePoint Administration Training Online</a>