Share
Report
105Hi,
Microsoft Dynamics 365 Version 1612 (8.2.2.112) on premises.
As I understand, in order to impersonate through the web api, one must have authority to impersonate and then merely add the request header MSCRMCallerID to the request, like so:
req.setRequestHeader("MSCRMCallerID", "10A2E81B-EC44-E411-9401-005056B6433E");
I'm logged into our Dynamics implementation as a system administrator and am running the following request:
var entity = {};
entity.bi_name = "test4";
var req = new XMLHttpRequest();
req.open("POST", Xrm.Page.context.getClientUrl() + "/api/data/v8.2/bi_zzzperformancetestingwo6044s", true);
req.setRequestHeader("OData-MaxVersion", "4.0");
req.setRequestHeader("OData-Version", "4.0");
req.setRequestHeader("Accept", "application/json");
req.setRequestHeader("Content-Type", "application/json; charset=utf-8");
req.setRequestHeader("Prefer", "odata.include-annotations=\"*\",return=representation");
req.setRequestHeader("MSCRMCallerID", "10A2E81B-EC44-E411-9401-005056B6433E");
req.onreadystatechange = function() {
if (this.readyState === 4) {
req.onreadystatechange = null;
if (this.status === 201) {
var uri = this.getResponseHeader("OData-EntityId");
var regExp = /\(([^)]+)\)/;
var matches = regExp.exec(uri);
var newEntityId = matches[1];
//Handle returned attributes
} else {
Xrm.Utility.alertDialog(this.statusText);
}
}
};
req.send(JSON.stringify(entity));
The guid associated with the MSCRMCallerID request header is associated with the user that I'd like to create the record on behalf of. What I find is that the row gets created successfully, but the createdbyname, modifiedbyname, and ownername are not the names associated with the MSCRMCallerID. Instead, they are simply the values of the logged in user. In other words, the directive to impersonate is totally ignored. CreatedOnBehalfByName and ModifiedOnBehalfByName stay null in the database as well.
I've tried using different User ID's, both as the delegator and delagatee. I've also spelled the MSCRMCallerID header incorrectly and I've used invalid GUID's in some calls in an attempt to have the interface throw an error. It does not, just ignores the request entirely.
I reviewed the event log and I find no entries related to an impersonation attempt.
Could there be something in our implementation that causes Dynamics to ignore the attempt? Something related to Active Directory like the app pool settings or the claims setup for IFD?
*This post is locked for comments
All responses (
Answers (
