Permisos para escribir en la lista externa desde el flujo de trabajo
https://sharepoint.stackexchange.com//questions/97154
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianPregunta
Estoy intentando crear un flujo de trabajo de SharePoint que crea un nuevo elemento en una lista externa utilizando la acción "Crear elemento en [Nombre de la lista externa]" disponible en SharePoint Designer.
Actualmente, sigo recibiendo un error que afirma "El flujo de trabajo no pudo crear el elemento en la fuente de datos externos. Asegúrese de que el usuario tenga permisos para acceder a la fuente de datos externa y crear elementos". La ID de usuario asociada es la "Cuenta del sistema" (SharePoint \ System).
De alguna investigación que hice, me di cuenta de que el flujo de trabajo usa la cuenta SP WebApp Siempre que cree un nuevo elemento en una lista externa. Como se describe en ¿Cómo autenticar BDC al sistema externo? , le otorgé permisos de objetos de SP WebApp y permisos de la tienda de metadatos en el tipo de contenido externo y en el sistema externo. También le otorgé permisos de TI en la lista externa y en el servidor SQL de la lista externa. Sin embargo, esto no funcionó para mí.
¿Hay otras soluciones potenciales que pueda estar pasando por alto?
Solución
EDIT: I updated my solution because I found a more reliable way to fix the problem:
For anyone else that has this problem in the future, I figured out what the issues were.
With regards to the SHAREPOINT\system account, it turns out that is more or less an alias used by other accounts (usually service accounts) in SharePoint. In this case, it is the account used by my application pool. Reference: About SHAREPOINT\system - what account is it? how is it determined?.
The workflow appears to actually use whatever account the designated SSS or BDC is using. In my case, my "Partitioned Secure Store Service" that my SharePoint site was using by default was running the SP_serviceapps account. I determined this by launching my IIS Manager on my SharePoint server, and finding the appropriate SSS among the various application pools. The SP_serviceapps account was listed as the identity.
Due to running into some difficulties getting my SSS to work, I decided to instead use my BDC identity. In SharePoint Designer, I first determined the service account used by my custom Business Data Connectivity service (SP_serviceapps). Second, I gave both the Sp_serviceapps and SHAREPOINT/System accounts "Full Control", "Design", and "Contribute" permissions in my External List. This is probably overkill, but I wanted to be sure that they were allowed to access the External List. Further, they originally appeared to have "Full Control" permissions, but after clicking on "Edit User Permissions" for each, the resulting dialog box did not have any permissions checked. After this, I enabled RevertToSelf on my SharePoint server: BCS problem with AuthenticationMode and RevertToSelf. Last, I went to Central Admin -> Application Management -> Manage Service Application-> [Name of business data connectivity service] -> External Systems (from view in the ribbon) -> [External System Name] -> [External System Instance Name] -> Set Authentication Mode to "BDC Identity".
Last (and this was a dumb mistake on my part), I had an incorrectly mapped identifier in my External Content Type. I had mistakenly selected "VendorEmail" as the identifier when I meant to select "VendorName". Later, when I created my "Create Item" operation, I mapped "VendorName" to identifier without noticing that it was being mapped to the mistakenly-selected "VendorEmail" and not "VendorName". I fixed this problem by creating a new External Content Type that had the correct identifiers.
After this, my workflow successfully wrote to my External List.
