views:

667

answers:

2

I am connecting to CRM with the intention of retrieving a list of picklist values. On my development machine I am working under my own login name and all works fine. On the test server, the code executes under the NETWORK SERVICE account. When it connects to the CRM web service everything is great. When it connects to the metadata service I get 401 Unauthorised messages.

This is the first time I have used the metadata service so I am hoping someone can tell me why I get the error. The connection is configured using the code below and the failure happens when you try to retrieve the picklist data.

CrmAuthenticationToken token = new CrmAuthenticationToken();
token.OrganizationName = config.AppSettings.Settings["CrmTargetOrganisation"].Value;
token.AuthenticationType = 0;

MetadataService service = new MetadataService();
service.Credentials = System.Net.CredentialCache.DefaultCredentials;
service.Url = config.AppSettings.Settings["CrmMetadataServiceUrl"].Value;
service.CrmAuthenticationTokenValue = token;
service.UnsafeAuthenticatedConnectionSharing = true;
A: 

Do you have impersonation enabled in web.config?

Donnelle
It's actually running from a service. Can I add this via another method?
BlackWasp
+1  A: 

I suspect it might be a Kerberos / delegation issue, to make sure it is try replacing DefaultCredentials with new System.Security.Net.NetworkCredentials("username","password","domain");

See if that still gives you a 401.

This is the quick way I normally try to see if it is kerbos/security related.

I need a bit more information about your environment to make any other intelligent comments.

Hope it helps.

Rihan Meij
Unfortunately I don't know the exact fix but our network guys sorted out something in kerberos and it works now.
BlackWasp