Archive for the ‘Development’ Category

Recently one of my customers started getting insufficient permissions messages and having issues accessing files on the CRM.

image

Exception detail was as below.

Unhandled Exception: System.ServiceModel.FaultException`1[[Microsoft.Xrm.Sdk.OrganizationServiceFault, Microsoft.Xrm.Sdk, Version=8.0.0.0, Culture=neutral, PublicKeyToken=31bf3s344d364e35]]: System.Web.HttpUnhandledException: Microsoft Dynamics CRM has experienced an error. Reference number for administrators or support: #CBE39829Detail:

<OrganizationServiceFault xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.microsoft.com/xrm/2011/Contracts">

  <ActivityId>f6dfec3a-6114-4eef-9544-a9396f5d1572</ActivityId>

  <ErrorCode>-2147220970</ErrorCode> 

<ErrorDetails xmlns:d2p1="http://schemas.datacontract.org/2004/07/System.Collections.Generic" />

  <Message>System.Web.HttpUnhandledException: Microsoft Dynamics CRM has experienced an error. Reference number for administrators or support: #CBE39829</Message>

  <Timestamp>:44:42.8709171Z</Timestamp>

  <ExceptionRetriable>false</ExceptionRetriable>

  <ExceptionSource i:nil="true" />

  <InnerFault>

    <ActivityId>GUID</ActivityId>

    <ErrorCode>-2147220960</ErrorCode>   

<ErrorDetails xmlns:d3p1="http://schemas.datacontract.org/2004/07/System.Collections.Generic" />

    <Message>Principal user (Id=GUID, type=8) is missing prvReadComplexControl privilege (Id=GUID)</Message>

    <Timestamp>2019-07-04T07:44:42.8709171Z</Timestamp>

    <ExceptionRetriable>false</ExceptionRetriable>

    <ExceptionSource i:nil="true" />

    <InnerFault i:nil="true" />

    <OriginalException i:nil="true" />

    <TraceText i:nil="true" />

  </InnerFault>

  <OriginalException i:nil="true" />

  <TraceText i:nil="true" />

</OrganizationServiceFault>

The actual error is given in the inner fault section, the same error is logged in the event log of the CRM server as below.

Exception information:

Exception type: CrmException

Exception message: Principal user (Id=GUID, type=8) is missing prvReadComplexControl privilege (Id=GUID)  at Microsoft.Crm.Application.Platform.ServiceCommands.PlatformCommand.XrmExecuteInternal()

   at Microsoft.Crm.Application.Platform.ServiceCommands.RetrieveCommand.Execute()   at Microsoft.Crm.Caching.ComplexControlLoader.LoadCacheData(Guid key, IOrganizationContext context)   at Microsoft.Crm.Caching.CrmMultiOrgCacheBase`2.CreateEntry(TKey key, IOrganizationContext context)   at Microsoft.Crm.Caching.CrmMultiOrgCacheBase`2.LookupEntry(TKey key, IOrganizationContext context)   at Microsoft.Crm.Application.Components.Sdk.InlineEditControls.Web.CompositionLinkControl.GetFlyOutDescriptor()    at Microsoft.Crm.Application.Components.Sdk.InlineEditControls.Web.LinkControl.GetRequiredColumns(Int32 entityTypeCode)   at Microsoft.Crm.Application.Forms.CompositeControlVisitor.HandleColumnProvider(Control control, FormDescriptor formDescriptor)   at Microsoft.Crm.Application.InlineEdit.Mediators.FormMediator.AddControlProperties(ICrmControl crmControl, ControlDescriptor controlDescriptor)   at Microsoft.Crm.Application.InlineEdit.Mediators.FormMediator.ProcessControlHierarchy(Action`2 controlHandler)   at Microsoft.Crm.Application.InlineEdit.Mediators.FormMediator.GetInstance(FormFactor formFactor, FormDescriptor descriptor, Guid processId, Int64 processVersionNumber, IOrganizationContext organizationContext)   at Microsoft.Crm.Application.InlineEdit.ReadFormDataBuilder..ctor(String recordId, String entityTypeCode, Guid formId, FormFactor formFactor)   at Microsoft.Crm.Application.Pages.Form.FormDataPage.Render(HtmlTextWriter writer)   at System.Web.UI.Control.RenderControlInternal(HtmlTextWriter writer, ControlAdapter adapter)   at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)

After a while found the “Complex Control” privileges are listed as “Process Configuration” in CRM security roles. To fix the issue go to CRM Security Roles and open Customization tab. There you will find Process Configuration for which you need to provide Read permission.

image

Giving permissions according to the error you see will fix the issue, for example if your error showed your were missing prvCreateComplexControl, then you need to provide Create permissions.

More details about security role UI and privilege mapping can be obtained from the Microsoft article.

Advertisements

I recently received an error while trying to run a SSIS package in Visual Studio. The full error is seen as below.

Error: The SSIS Runtime has failed to enlist the OLE DB connection in a distributed transaction with error 0x8004D024 "The transaction manager has disabled its support for remote/network transactions.".

This error is happening when a component with transactions try to connect and manipulate data on a remote server.

To avoid this error, two things can be done.

* Remove the transaction handling from the component. – This should be done only if the transactions are not required or as a temporary measure.

You can do this by selecting the properties of the component, also check the package properties to make sure transactions are not enabled at the package level.

image

For an explanation of the options please visit the URL.

* Configure the Distributed Transaction Coordinator (DTC).

For a component to work correctly with transactions, below two things are required.
1. Running Distributed Transaction Coordinator (DTC) Service

This service should be running on the database server the component connects to and on  the machine where the package is running. This will coordinate the work between two machines / servers.

This can be checked and started by going to Windows Services.

image

2. Properly configuring the security of DTC.

To make the DTC service work properly, it should be given permission as required. This can be done by opening the Component Services window. In the component services window, navigate to Component Services –> Computers –> My Computer –> Distributed Transaction Coordinator. Right click Local DTC and click on Properties to open properties window.

If you are intending to run any workloads with transactions via any external servers you should enable “Network DTC Access”.

Depending on the situation you should allow Inbound, Outbound or both transaction manager communication options.

image

For complete list of explanations on each property please refer the following URL.

Recently I needed to filter the results of a Stored Procedure, After some searching I found 2 options for this as below.

1. Using OpenRowSet Command

SELECT * FROM OPENROWSET (‘SQLOLEDB’, ‘Server=ServerName;TRUSTED_CONNECTION=YES;’, ‘EXEC sp_Who2’)

Remember in this method this feature should be enabled in the server.

2. Using Temporary Tables.

— Creating a temporary table.
CREATE TABLE #tblSPWho2
(SPId INT, Status NVARCHAR(200), LoginName NVARCHAR(200), HostName NVARCHAR(200), BlockedBy NVARCHAR(200), DBName NVARCHAR(200),
Command NVARCHAR(200), CPUTime BIGINT, DiskIO BIGINT, LastBatch NVARCHAR(200), ProgramName NVARCHAR(200), SPId2 INT, RequestId NVARCHAR(200))

— Inserting the results of the Stored Procedure into the temporary table.
INSERT INTO #tblSPWho2
EXEC sp_Who2

— Doing the required filtering using the temporary table.
SELECT * FROM #tblSPWho2 WHERE LoginName = ‘Domain\UserName’

— Removing the temporary table.
DROP TABLE #tblSPWho2

SP_Who2 Stored Procedure will bring all the processes that is currently active in SQL server with the relevant information, the above query will filter the results and will only display the processes that are initiated by the given username (Domain\UserName).

Today a friend of mine started getting this error while he tried to deploy his solution to a server. This only started when ‘Precompiling during publishing’ option is selected.

image

“Error 20 It is an error to use a section registered as allowDefinition=’MachineToApplication’ beyond application level. This error can be caused by a virtual directory not being configured as an application in IIS.”

After having a look, I identified this was caused by a temporary copy of a Web.Config file. Earlier developer created a copy of the Web.Config and placed it inside a folder named Backup within the solution. This backup config file had authentication tag (<authentication>), which is a tag that can be only used in global Web.Config file or the Web.Config file in applications root. Due to the presence of authentication tag, compiler started complaining that there is a virtual directory not configured as a application in IIS.

The solution for my friend’s issue was to simply exclude the copy of the Web.Config file from project by right clicking the file. Then the project started deploying happily.

Recently in one of my Virtual Machine (VM)s I received the above error message when trying to connect to a SQL Server which I used to connect on other times.

image

After having a look I found that the trust between my virtual machine and the domain was broken. You can find the status of the secure channel by using the PowerShell command Test-ComputerSecureChannel.

image

This will also be evident when you try to login to the computer using a domain account. It will generate the following message.

image[6]

To fix this you can try using the below methods.

1. PowerShell

Use the command Test-ComputerSecureChannel.

If your current login has the required access in the domain you can use the below command.

Test-ComputerSecureChannel –Repair

If you need to use another account than the current logged user then you need to use the –Credential parameter when calling the command.

Test-ComputerSecureChannel –Repair –Credential MyDomain\MyUser

2. Joining the domain again.

This will also get fixed by removing the machine from the domain and adding it back. Before removing the computer from the domain make sure you have access to a local administrator account on the computer. Otherwise you will not have a way to login to the computer.

This can be achieved by going to computer system properties,

  1. removing the computer from the current domain,
  2. restarting the computer.
  3. adding the computer to the domain again
  4. restarting the computer

To avoid the two restarts you can try using the following PowerShell commands.

$myPC = Get-WmiObject Win32_ComputerSystem
$myPC.UnjoinDomainOrWorkGroup("Account Password", "Account Username”, 0)
$myPC.JoinDomainOrWorkGroup("Domain", "Account Password", "Account Username", $null, 3)
Restart-Computer -Force

While trying to setup and use the Code Plugin by Rich Hewlett I had trouble getting the plugin loaded into Live Writer. I did add the registry entry required as mentioned in the site, but still the plugin did not load.

Registry

Location – HKEY_CURRENT_USER\SOFTWARE\OpenLiveWriter\PluginAssemblies

Key – SyntaxHighlight_WordPressCom_OLWPlugIn

Value – C:\Users\Arjuna\AppData\Local\OpenLiveWriter\Plugins\SyntaxHighlight_WordPressCom_OLWPlugIn.dll

After a while I figured out that, when loading the plugin Live Writer encounters the following error.

"System.IO.FileLoadException: Could not load file or assembly ‘file:///C:\Users\Arjuna\AppData\Local\OpenLiveWriter\Plugins\SyntaxHighlight_WordPressCom_OLWPlugIn.dll’ or one of its dependencies. Operation is not supported. (Exception from HRESULT: 0x80131515)
File name: ‘file:///C:\Users\Arjuna\AppData\Local\OpenLiveWriter\Plugins\SyntaxHighlight_WordPressCom_OLWPlugIn.dll’ —> System.NotSupportedException: An attempt was made to load an assembly from a network location which would have caused the assembly to be sandboxed in previous versions of the .NET Framework. This release of the .NET Framework does not enable CAS policy by default, so this load may be dangerous. If this load is not intended to sandbox the assembly, please enable the loadFromRemoteSources switch. See http://go.microsoft.com/fwlink/?LinkId=155569 for more information.

This is due to a security feature of .Net Framework 4 or later. Before framework 4, if a DLL is downloaded (which is created in another computer), they used to run in full trust in the zone the assembly is running, but with frameworks 4 and later, downloaded DLLs will not run by default. To make them run, simply grant the DLL full access by going to file properties and selecting the Unblock checkbox in the security section as seen in the below image. This will apply to any plugin you download from internet. Also keep in mind to do this to DLLs you trust safe. Otherwise your computer will be unsafe.

image

To troubleshoot plugin and other errors you can refer to Open Live Writer log file located in C:\Users\Arjuna\AppData\Local\OpenLiveWriter\Open Live Writer.log.

Recently I was interested in finding a way to monitor a windows service. What I needed was to check whether the service is running and if not running get a notification and try to restart the service. Following PowerShell script does exactly that, it checks for Microsoft CRM Asynchronous Service and the Microsoft CRM Asynchronous Maintenance Service activity and send 2 emails to Admin and Dev. This needs to be then scheduled using Windows Task Scheduler or SQL Server Job.

### Checking for CRM Async and Maintenance service failure and try restarting, if failing send an email notification.

 

## Function to send mail notification.

function Send_Email ([string]$strEmailSubject, [string]$strEmailBody)

{

       $EmailFrom = "Arjuna@Email.com"

       $EmailTo = "Admin@Email.com, Dev@Email.com"

       $EmailSubject = $strEmailSubject

       $EmailBody = $strEmailBody

       $EmailSMTPServer = "SMTP.server.com"

       ## Creating Mail Message object.

       $SMTPMessage = New-Object System.Net.Mail.MailMessage $EmailFrom, $EmailTo, $EmailSubject, $EmailBody

       ## Enabling HTML mail body.

       $SMTPMessage.IsBodyHtml = $true

       ## Creating SMTP client object.

       $SMTPClient = New-Object System.Net.Mail.SMTPClient $EmailSMTPServer

       ## Sending mail.

       $SMTPClient.Send($SMTPMessage)

       ## Sending mail method 2.

       ##send-mailmessage -from "Arjuna@Email.com" -to "Admin@Email.com, Dev@Email.com" -subject "CRM Async Service Failed" -body "Please check." -smtpserver "SMTP.server.com"

       ## Sending mail method 2 using parameters.

       ##send-mailmessage -from $EmailFrom -to $EmailTo -subject $EmailSubject -body $EmailBody -smtpserver $EmailSMTPServer

}

 

## Function to check the service activity.

function Check_Service

{

       ## Get all services which has a Name like MSCRMAsyncService, Start Mode is Auto and service State is Running.

       $FailedAsyncService = Get-WmiObject Win32_Service | Where-Object {$_.Name -like ‘MSCRMAsyncService’ -and $_.StartMode -eq ‘Auto’ -and $_.State -ne ‘Running’} | Select-Object DisplayName

       ## For Testing.

       ##Write-Host "A: " $FailedAsyncService

 

       ## Get all services which has a Name like MSCRMAsyncService$maintenance, Start Mode is Auto and service State is Running.

       $FailedAsyncMainteService = Get-WmiObject Win32_Service | Where-Object {$_.Name -like ‘MSCRMAsyncService$maintenance’ -and $_.StartMode -eq ‘Auto’ -and $_.State -ne ‘Running’} | Select-Object DisplayName

       ## For Testing.

       ##Write-Host "B: " $FailedAsyncMainteService

 

       ## Checking whether the Async Service has failed.

       if ($FailedAsyncService -ne $NULL)

       {

              ## Trying to start the failed Async Service.

              Start-Service -displayname "Microsoft Dynamics CRM Asynchronous Processing Service"

              ## Service Name can also be used to start the servie.

              ##Start-Service MSCRMAsyncService

              ## Get all services which has a Name like MSCRMAsyncService, Start Mode is Auto and service State is Running.

              $AsyncServiceStarted = Get-WmiObject Win32_Service | Where-Object {$_.Name -like ‘MSCRMAsyncService’ -and $_.StartMode -eq ‘Auto’ -and $_.State -ne ‘Running’} | Select-Object Name

              ## Checking the service to see whether it started.

              if ($AsyncServiceStarted -ne $NULL)

              {

                     ## Calling Send_Mail function to notify.

                     Send_Email ("CRM Async Service Failed.") ("System has detected that the following CRM Async Service has failed. System automatically tried restarting the service but it was unsuccessful. Try manual start. <BR/><BR/>" + $FailedAsyncService)

              }

              else

              {

                     ## Calling Send_Mail function to notify.

                     Send_Email ("CRM Async Service Restarted.") ("System has detected that the following CRM Async Service has failed. System automatically tried restarting the service and it was successful. <BR/><BR/>" + $FailedAsyncService)

              }

       }

 

       ## Checking whether the Async Maintenance Service has failed.

       if ($FailedAsyncMainteService -ne $NULL)

       {

              ## Trying to start the failed Async Maintenance Service.

              Start-Service -displayname "Microsoft Dynamics CRM Asynchronous Processing Service (maintenance)"

              ## Get all services which has a Name like MSCRMAsyncService$maintenance, Start Mode is Auto and service State is Running.

              $AsyncMainteServiceStarted = Get-WmiObject Win32_Service | Where-Object {$_.Name -like ‘MSCRMAsyncService$maintenance’ -and $_.StartMode -eq ‘Auto’ -and $_.State -ne ‘Running’} | Select-Object Name

              ## Checking the service to see whether it started.

              if ($AsyncMainteServiceStarted -ne $NULL)

              {

                     ## Calling Send_Mail function to notify.

                     Send_Email ("CRM Async Service Failed.") ("System has detected that the following CRM Async Service has failed. System automatically tried restarting the service but it was unsuccessful. Try manual start. <BR/><BR/>" + $FailedAsyncMainteService)

              }

              else

              {

                     ## Calling Send_Mail function to notify.

                     Send_Email ("CRM Async Service Restarted.") ("System has detected that the following CRM Async Service has failed. System automatically tried restarting the service and it was successful. <BR/><BR/>" + $FailedAsyncMainteService)

              }

       }

}

 

## Calling the Check_Service function.

Check_Service