Reputation: 198
How can I fix a missing permission for an outside resource in a CRM2011 custom workflow running in the sandbox?
My custom workflow fails when it attempts to connect to an SQL database - NOT the CRM database, but another one, which happens to be on the same server instance. I am attempting to open a connection with these credentials, which work from SSMS:
string strConnect = "server=vm-tlsdev-data;database=TLS_Match;user id=ContactMatch.Test;password=c8NFrZ7L;Trusted_Connection=false;";
SqlConnection sqlClient = newSqlConnection(strConnect);
sqlClient.Open();
The Open() method fails:
Unhandled Exception: Microsoft.Crm.CrmException: Unexpected exception from plug-in (Execute): TP24408ContactMatch.Workflow.ContactMatch: System.Security.SecurityException: Request for the permission of type 'System.Data.SqlClient.SqlClientPermission, System.Data, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. at Microsoft.Crm.Sandbox.SandboxCodeUnit.Execute(IExecutionContext context) at Microsoft.Crm.Workflow.Services.ProxyCustomActivity.Execute(CodeActivityContext executionContext)
I've looked for similar issues and they lead me to wonder whether the problem is getting permission to 'see' outside the sandbox. I cannot think of a viable way to change the architecture so that everything is either inside CRM or outside it; I need to cross the boundary somewhere and the workflow is the obvious place.
I would be grateful for any suggestions.
Upvotes: 0
Views: 2737
Answers (3)
Reputation: 21
The only type of communication from within the Sandbox is HTTP/HTTPS. You cannot access the registry, file system, SQL databases etc.
You will also find certain DLLs can't be referenced or ILMerged into the Sandbox.
If you want to connect to an SQL database within your plugin or workflow it will have to be registered full trust.
Upvotes: 0
Reputation: 7224
Assuming this isn't running in CRM Online, which I presume is the case because your SQL connection is not a FQDN, you should be able to register the DLL containing the custom workflow activity to run in full trust (not the sandbox.)
Upvotes: 1
Reputation: 886
I would presume that some application might be using the external database that you are trying to connect to. Why don't you create a web service that will get the required data for you from that external data source and then you consume this service in a CRM web-resource and process your logic. If not a web-resource then there is always an option to call that service from custom workflow activity.
The problem that you are seeing is because of the logical boundary of sand-boxing.
Upvotes: 0
Related Questions
- Workflow Reference issues between Sandbox and Production
- How do I give a workflow permissions without giving them to the user?
- Dynamics CRM 2011 InvalidWorkflowException
- Dynamics CRM 2013 - Workflow terminates with error 'systemuser wWith Id = xxx Does Not Exist'
- CRM 2015 Custom workflow activity, getting error: The entity is read-only and the 'Id' property cannot be modified
- Custom Workflow: timed-out at the Sandbox Client.System.TimeoutException
- How do I run a CRM 2011 custom workflow activity as a privileged user?
- WorkFlow Context System.NullReferenceException
- Security Role Issue in CRM 2011 for Workflow on Custom Entity
- Microsoft CRM dynamics 2011: crmsvcutil Access is denied exception