Search code examples
dynamics-crmdynamics-crm-4

Ruby and MS Dynamics CRM Authentication

I'm attempting to access MS CRM that's exposed via IFD, and I'm having authentication issues.

The SOAP endpoint is behind NTLM, which I've been able to access. The problem is, I'm getting 401 responses when passing requests like the following:

    <?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
    <soap:Body>
        <Execute xmlns="http://schemas.microsoft.com/crm/2007/CrmDiscoveryService">
            <Request xsi:type="RetrieveCrmTicketRequest">
                <OrganizationName>#{CRM_CONFIG[:org_name]}</OrganizationName>
                <UserId>#{CRM_CONFIG[:username]}</UserId>
                <Password>#{CRM_CONFIG[:password]}</Password>
            </Request>
        </Execute>
    </soap:Body>
</soap:Envelope>

Is there any way of debugging this on the server? Any logs I can check to get a more meaningful error message?

I'm also getting a 401 when attempting the following request (this time to the CrmService.asmx endpoint):

<?xml version=\"1.0\" encoding=\"utf-8\"?>
<soap:Envelope xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\">
  <soap:Header>
    <CrmAuthenticationToken xmlns=\"http://schemas.microsoft.com/crm/2007/WebServices\">
      <AuthenticationType xmlns=\"http://schemas.microsoft.com/crm/2007/CoreTypes\">2</AuthenticationType>
      <OrganizationName xmlns=\"http://schemas.microsoft.com/crm/2007/CoreTypes\">#{CRM_CONFIG[:org_name]}</OrganizationName>
      <CallerId xmlns=\"http://schemas.microsoft.com/crm/2007/CoreTypes\">#{TOUCH}</CallerId>
    </CrmAuthenticationToken>
  </soap:Header>
  <soap:Body>
    <RetrieveMultiple xmlns=\"http://schemas.microsoft.com/crm/2007/WebServices\">
      <query xmlns:q1=\"http://schemas.microsoft.com/crm/2006/Query\" xsi:type=\"q1:QueryExpression\">
        <q1:EntityName>contact</q1:EntityName>
      </query>
    </RetrieveMultiple>
  </soap:Body>
</soap:Envelope>
Solution

  • Ok, the problem was a misunderstanding of the setup:

    When using NTLM, Active Directory authentication is used, meaning that the CrmAuthenticationToken should have looked like this:

    <CrmAuthenticationToken xmlns=\"http://schemas.microsoft.com/crm/2007/WebServices\">
  <AuthenticationType xmlns=\"http://schemas.microsoft.com/crm/2007/CoreTypes\">0</AuthenticationType>
  <OrganizationName xmlns=\"http://schemas.microsoft.com/crm/2007/CoreTypes\">#{CRM_CONFIG[:org_name]}</OrganizationName>
</CrmAuthenticationToken>

    Note that the CallerId element isn't needed.