Microsoft Dynamics AX Support

This blog contains posts by the Microsoft Dynamics AX Support teams Worldwide

Microsoft Dynamics AX 2012 Form based Authentication provider has wrong connection string when the aspnetdb is created on a separate server.

Microsoft Dynamics AX 2012 Form based Authentication provider has wrong connection string when the aspnetdb is created on a separate server.

Rate This
  • Comments 1

(Article updated 09/05/2013 --anup shah. The new updated "Deploy an Enterprise Portal site that uses forms-based authentication [AX 2012]" article 12 April 2013 is available at http://technet.microsoft.com/en-us/library/hh575253.aspx)

You may run into the following issue if you were following the Flexible Authentication in Microsoft Dynamics AX 2012 that was created prior to April 2013 when you create Form Based authentication provider using following command:

Add-AXSharepointClaimsAuthenticationProvider -Type Forms -Name FormsAuth - SigningCertificate $SigningCert -Credential $Cred -Port 7000 - SSLCertificate $SSLCert

That works perfectly fine when you aspnetdb database is located on the same server as SharePoint. If you have database on other server then in web.config located in:

C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\TEMPLATE\LAYOUTS\<ProviderName>\

So if you look on above example it will be

C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\TEMPLATE\LAYOUTS\FormsAuth\

You can see that connectionString tag has following value:

  <connectionStrings>

    <add name="FormsDB" connectionString="Data Source=.;Initial Catalog=aspnetdb;Trusted Connection=true"/>

  </connectionStrings>

In situation when your aspnetdb would is on different server in the minute you try to log using Form Based authentication you will get error and you will be unable to login. You can work around it in two ways:

  1. Add parameter –ConnectionString to above command with correct connection string (this solution is preferable). So the command would look like:
Add-AXSharepointClaimsAuthenticationProvider -Type Forms -Name FormsAuth -SigningCertificate $SigningCert -Credentail $Cred -Port 7000 -SSLCertificate $SSLCert -ConnectionString "Data Source=DAX2012;Initial Catalog=aspnetdb;Trusted Connection = True”
  1. If you already run the command you can:
    1. Manually change connection string in web.config as given above
    2. Delete file C:\Windows\System32\WindowsPowerShell\v1.0\powershell.config if it exists. If you don’t delete above file it can be that when you run command
                   New-AXUser -AccountType ClaimsUser -AXUserId jdd -UserName johndoe -UserDomain FormsAuth -CreateInProvider -ClearTextPassword "Yukon!!90"

                  You can get error

                  New-AXUser : The entry 'FormsDB' has already been added. (C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\TEMPLATE\Layouts\FormsAuth\web.config line 39)

 

 

 

Leave a Comment
  • Please add 7 and 7 and type the answer here:
  • Post
  • Flexible authentication download link has been broken long time. All the links i can found to it from MS pages are broken!

     

    --------------------------------

    --thank you for the feedback, the article has now been updated

    --anup

Page 1 of 1 (1 items)