Error when reading a RCDC (permission issue)

Hello,

I have created a MPR to grant right for a specific set (set 1) of user to read somes attributes (DisplayName) of a specific set of objects (set 2).
For you information this set contains in fact all objects of a custom type.

I have created a RCDC for viewing this object.
In a first time the XML template of this RCDC contains only a control for the DisplayName attribute.

<my:Control my:Name="DisplayName" my:TypeName="UocLabel" my:Caption="{Binding Source=schema, Path=DisplayName.DisplayName}" my:Description="{Binding Source=schema, Path=DisplayName.Description}" my:RightsLevel="{Binding Source=rights, Path=DisplayName}">
	<my:Properties>
		<my:Property my:Name="Text" my:Value="{Binding Source=object, Path=DisplayName, Mode=OneWay}" />
	</my:Properties>
</my:Control>


When I try to read the object with a user belonging to the set 1, I meet the error below. However if I modify my MPR to grant right on all attributes, I am able to read the RCDC. This is why I think the error is related to a permission issue.

Error page on the FIM web portal:
Unable to process your request.  
Please contact your help desk or system administrator. 
> Go to Forefront Identity Manager home page 

More information on the error in the Windows Event Viewer:
Requestor: urn:uuid:2dabeb0a-e780-447c-9f2b-6f715997f716
Microsoft.ResourceManagement.Service: Microsoft.ResourceManagement.WebServices.Exceptions.PermissionDeniedException: Exception of type 'Microsoft.ResourceManagement.WebServices.Exceptions.PermissionDeniedException' was thrown.
   at Microsoft.ResourceManagement.WebServices.RequestDispatcher.ExecuteGetAction(RequestType request)
   at Microsoft.ResourceManagement.WebServices.RequestDispatcher.ExecuteAction(RequestType request)
   at Microsoft.ResourceManagement.WebServices.RequestDispatcher.ExecuteAction[ResponseBodyType](RequestType request)
   at Microsoft.ResourceManagement.WebServices.RequestDispatcher.DispatchRequest[ResponseBodyType](RequestType request, Guid requestIdentifier, Object redispatchSingleInstanceKey, Boolean isRedispatch)
   at Microsoft.ResourceManagement.WebServices.RequestDispatcher.DispatchRequest[ResponseBodyType](RequestType request)
   at Microsoft.ResourceManagement.WebServices.ResourceManagementService.Get(Message request)

Does anyone have an idea of a way to solve this issue? Thank you ;)

Regards,

Serge


  • Edited by Serge_B Thursday, January 09, 2014 12:31 PM
January 9th, 2014 3:30pm

Finally, I found the solution. I had to add ObjectID in the list of attributes in the MPR.

If the user can't read the object id, he will not able to read the RCDC.

  • Marked as answer by Serge_B Thursday, January 09, 2014 3:24 PM
Free Windows Admin Tool Kit Click here and download it now
January 9th, 2014 6:23pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics