Sign in
Microsoft.com
 
SharePoint Products TechCenter
 
 
 
SharePoint Products TechCenter > SharePoint Products and Technologies Forums > SharePoint - Business Data Catalog > BDC Column Refresh - Access Denied
Ask a questionAsk a question
Search Forums:
 

QuestionBDC Column Refresh - Access Denied

  • Wednesday, February 18, 2009 4:18 PMloomy79 Users MedalsUsers MedalsUsers MedalsUsers MedalsUsers Medals
     
    Sign In to Vote
    0
    Sign In to Vote
    Hello,

    I have created a BDC definition file and I have imported the def file to MOSS via Central Administration.
    Inside the def file in the LobSystemInstance I use SSO (which is configured also to MOSS). I then create a Sharepoint List and add a business data column using my new BDC.
    Everybody can use the BDC (while creating new items - updating olders) but unfortunately they can not update (refresh) the BDC column using the BDC-Refresh button (next to column name). Despite other users I can!!
    All the other users get an "Access Denied" Message.

    Any ideas ?
    TY.
     

All Replies

  • Monday, March 02, 2009 1:04 PMSudeepGhatak Users MedalsUsers MedalsUsers MedalsUsers MedalsUsers Medals
     
    Sign In to Vote
    0
    Sign In to Vote
    Do the users have permissions to the BDC Entity?

    Give permissions to the LOB and its descendants.

    http://blogs.msdn.com/mutaz/archive/2008/12/14/ssp-admin-cannot-manage-existing-bdc-applications.aspx

    Sudeep
     
  • Wednesday, March 04, 2009 9:25 AMloomy79 Users MedalsUsers MedalsUsers MedalsUsers MedalsUsers Medals
     
    Sign In to Vote
    0
    Sign In to Vote
    Hello Sudeep,

    Yes they all have.
    And for testing purposes I set Full permissions to the Entities etc...

    The site in which the list belongs is not a top level site inside the site collection.
    If I give permissions (Contribute) to the parent site then the user can update the BDC using the refresh button.
    (But this is not acceptable since I dont want for the user to have contribute permissions to the top site but to the site that list belongs to.)

    Then I try to remove permissions and the user gets the Access Denied page.

     
  • Thursday, November 05, 2009 7:05 PMjhsimh Users MedalsUsers MedalsUsers MedalsUsers MedalsUsers Medals
     
    Sign In to Vote
    0
    Sign In to Vote
    So far, nothing in the permissions page in the MOSS UI works for setting permissions to access BDC (for me anyway).  Repeated attempts to assign rights (and apply to descendants) makes no difference.  The only way I have found to control access (other than deny all except the owner) is to specify the access control entries in the adf.  You only need them for the system, and you can use domain groups there.  Make sure you check Permissions when importing your ADF in MOSS.  In the ADF, <LobSystem> between </Properties> and <LobSystemInstance>, use <AccessControlList><AccessControlEntry></AccessControlEntry></AccessControlList> to add your groups or users.
    i.e.

    <?

     

    xml version="1.0"?>
    <    LobSystem xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:schemaLocation="file://C:\Program Files\Microsoft Visual Studio 9.0\Xml\Schemas\1033"
    Type="Database" Version="1.0.0.0" Name="Just_LineItems_Flair" xmlns="http://schemas.microsoft.com/office/2006/03/BusinessDataCatalog">
    <    Properties><Property Name="WildcardCharacter" Type="System.String">%</Property></Properties>

    <

     

    AccessControlList>
    <    AccessControlEntry Principal="jhsi\marhen">
    <    Right BdcRight="Execute" />
    <    Right BdcRight="Edit" />
    <    Right BdcRight="SetPermissions" />
    <    Right BdcRight="SelectableInClients" />
    </    AccessControlEntry>

    <

     

    AccessControlEntry Principal=<Another User or Group>>
    <<Rights>>
    </AccessControlEntry>

    ...

    </

     

    AccessControlList>

    <

     

    LobSystemInstances>

    <

     

    LobSystemInstance Name=