Berechtigungen, um in die externe Liste aus dem Workflow zu schreiben
https://sharepoint.stackexchange.com//questions/97154
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianFrage
Ich versuche, einen SharePoint-Workflow zu erstellen, der ein neues Element in einer externen Liste mit dem "Element in [externe Listenname erstellen]" erstellt, der im SharePoint Designer verfügbar ist.
Derzeit bekomme ich immer wieder einen Fehler, der besagt, "der Workflow konnte den Artikel in der externen Datenquelle nicht erstellen. Stellen Sie sicher, dass der Benutzer die Berechtigungen auf die externe Datenquelle aufweist und Elemente erstellen." Die zugehörige Benutzer-ID ist das "Systemkonto" (SharePoint \ System).
Von einigen Forschungen, die ich tat, wurde ich dazu geführt, dass der Workflow das SP-WebApp-Konto verwendet, wenn er in einer externen Liste einen neuen Element erstellt. Wie beschrieben in So authentifizieren Sie BDC an das externe System? , habe ich SP WebApp-Objektberechtigungen und Metadaten-Speicherberechtigungen im externen Inhaltstyp und im externen System gewährt. Ich erteilte es auch Berechtigungen auf der externen Liste und den SQL-Server der externen Liste. Das funktionierte jedoch nicht für mich.
Gibt es andere potenzielle Lösungen, die ich übersehen kann?
Lösung
EDIT: I updated my solution because I found a more reliable way to fix the problem:
For anyone else that has this problem in the future, I figured out what the issues were.
With regards to the SHAREPOINT\system account, it turns out that is more or less an alias used by other accounts (usually service accounts) in SharePoint. In this case, it is the account used by my application pool. Reference: About SHAREPOINT\system - what account is it? how is it determined?.
The workflow appears to actually use whatever account the designated SSS or BDC is using. In my case, my "Partitioned Secure Store Service" that my SharePoint site was using by default was running the SP_serviceapps account. I determined this by launching my IIS Manager on my SharePoint server, and finding the appropriate SSS among the various application pools. The SP_serviceapps account was listed as the identity.
Due to running into some difficulties getting my SSS to work, I decided to instead use my BDC identity. In SharePoint Designer, I first determined the service account used by my custom Business Data Connectivity service (SP_serviceapps). Second, I gave both the Sp_serviceapps and SHAREPOINT/System accounts "Full Control", "Design", and "Contribute" permissions in my External List. This is probably overkill, but I wanted to be sure that they were allowed to access the External List. Further, they originally appeared to have "Full Control" permissions, but after clicking on "Edit User Permissions" for each, the resulting dialog box did not have any permissions checked. After this, I enabled RevertToSelf on my SharePoint server: BCS problem with AuthenticationMode and RevertToSelf. Last, I went to Central Admin -> Application Management -> Manage Service Application-> [Name of business data connectivity service] -> External Systems (from view in the ribbon) -> [External System Name] -> [External System Instance Name] -> Set Authentication Mode to "BDC Identity".
Last (and this was a dumb mistake on my part), I had an incorrectly mapped identifier in my External Content Type. I had mistakenly selected "VendorEmail" as the identifier when I meant to select "VendorName". Later, when I created my "Create Item" operation, I mapped "VendorName" to identifier without noticing that it was being mapped to the mistakenly-selected "VendorEmail" and not "VendorName". I fixed this problem by creating a new External Content Type that had the correct identifiers.
After this, my workflow successfully wrote to my External List.
