46,614
Like
Share
ReportIssue statement or Error message
Stopped (error): X++ Exception: Work item could not be created. Insufficient rights for user Admin
Frequency of this error
Before I start talking, let me tell you, this is very common error message, in workflows and if you will search this error message on Google, you can find lot of posts.
Google search URL for demonstration
The story
So here is story.
This morning, as I got a call from one of our consultants about this error message.
Initially I thought it’s a permission/security issue, as was being depicted by error message. But at the same time I was in doubt that how come a user admin, who has all the access of AX, can come across this permission error.
With doubts in mind, I jumped in system and opened the CIL Debugger i.e. Visual Studio. As workflows work under batch jobs.
The nasty thing, debugger also, showed me it is permission issue and I wasn’t able to believe that system admin can have permissions issue.
Debugging further deep, it revealed that workflow engine is unable to get a record on which it should operate workflow.
I am SysAdmin and I am submitting a record, it’s getting fail, and debugger is showing me that I haven’t submitted a record. The record is being passed from submit or approve button and it is going but why Workflow engine is unable to identify record which is being passed as args.
This was the moment I thought to see query of workflow document and culprit was in hand. A developer previously modified document query and workflow document query main table was having inner join with child table. Due to inner join the null record was being retuned, and workflow engine was unable to operate on a null record.
Lessons for us (consultants)
- Avoid inner joins on queries of workflow document.
- If you think it’s always security issue, by this error message, it may not be true. The error message can be ambiguous. Get a developer to debug it.
Lesson/required Action for Microsoft:
- Fix the error message handling. If record is not being retuned, display proper message such as “Missing workflow document record” or put a best practice warning so that developer cannot use inner joins in queries which will be used in workflow.
- The current error message makes a confusion and it makes someone think that its security issue, whereas it is not security issue, sometime.(as demonstrated above)
*This post is locked for comments