BCS Authentication issues Login failed for user NT Authority\ANONYMOUS LOGON or access denied by Business Data Connectivity


I created a external content type to import SQL  server table data into SharePoint 2010 list, i got couple of errors  as below

you need to give permission to users

Open Central Admin — Application Management — Manage Service Applications — Business Data Connectivity Service and select the check box next to the content type that we just created and then click “Set Object Permissions”. Add the users –  in my case all authenticated windows users see below or specific user if u want

when i refresh the list i see the error msg says

Login failed for user ‘NT Authority\ANONYMOUS LOGON

then i read some blog posts and they suggested its authentication issue of BCS when communicating with  external systems and configured as   using claims or default  windows authentication providers

when external content type is created using SPD 2010 default authentication mode is “User’s Identity” to get rid off above error i changed  the Authentication Mode from “User’s Identity” to “BDC Identity”

then other new error msg displayed says – meta data object has a property with name ‘AuthenticationMode’ and value ‘RevertToSelf’ etc….

We have to first enable BCS model to accept “RevertToSelf” as one of the authentication modes.
The “ReverToSelfAllowed” property is set to false by default. to change true i ran below power shell script in management shell

$bdc = Get-SPServiceApplication | where {$_ -match “Business Data Connectivity Service”};
$bdc.RevertToSelfAllowed = $true;
$bdc.Update();

i can now successfully read the list items.. add,delete etc

Ref:  Link1  , Link2

About these ads

About niranjanrao

Tech savy intrested in knowing things
This entry was posted in SharePoint. Bookmark the permalink.

6 Responses to BCS Authentication issues Login failed for user NT Authority\ANONYMOUS LOGON or access denied by Business Data Connectivity

  1. Pav says:

    $bdc = Get-SPServiceApplication | where {$_ -match “Business Data Connectivity Service”};
    should actually be
    $bdc = Get-SPServiceApplication | where {$_ -match “Business Data Connectivity”};

    Cheers

  2. mysite says:

    Thanks niranjanrao.. it works for me

  3. Eugenia says:

    If I want to see that list on my local station, I still have the same message with “Login failed for user ‘NT Authority\ANONYMOUS LOGON“. On server it is working ok. I have done all the setting you specified bellow. What I should do to see if the property $bdc.RevertToSelfAllowed is true now?
    Thank you for your answer.

  4. Eugenia says:

    I’ve checked the property. It is TRUE. I don’t know why is not working on my local station.

  5. neo says:

    very good post. worked for me

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s