Using Windows Integrated Authentication with IIS-hosted Dynamics AX Services



    Version: Dynamics AX 4, Dynamics AX 2009.


     


    Problem


    When you host Dynamics AX web services on Microsoft Internet Information Services (IIS) v6 you might see an error message similar to the one shown in Figure 1 at runtime.


     


    Possible Cause


    This may happen when IIS is configured to use Integrated Windows authentication to authenticate client requests and thus needs to exchange Negotiate security headers with the client.


     


    Resolution


    IIS needs to be configured to support both the Kerberos protocol and the NTLM protocol for network authentication; see http://support.microsoft.com/kb/215383 for details.

Figure 1 – Error Message.png

Comments (1)

  1. Hi Friend,

    My query is related to AIF webservices which i want to host on IIS of a different machine which is in the Same domain itself.

    I am able to run all the services in netTCP adapter which are the basic integration ports of dynamics ax 2012.

    But i am unable to run this services using HTTP adapter.

    I have deployed some standard AIF services onto the IIS of my IIS Server machine using HTTP adapter.

    It is allowing me to add service reference into the .net application but when i am going to run my application its giving me error in the AIF service method line itself.

    an error related to authentication that user is not authorized to view contents of this page or directory.I have tried with Ax administrator login.

    I have implemented the standard code which is available on msdn for calling and AIF web service using HTTP adapter.

    This is my code of Console application. I have added Sales Order Service as service reference which is deployed on iis.

    static void Main(string[] args)

           {

               // Create the sales order objects

               // Service client        

               ServiceReference1.SalesOrderServiceClient cl = new ServiceReference1.SalesOrderServiceClient();

        // Sales order object to receive response
    

               ServiceReference1.AxdSalesOrder resp;

               // Create the entity key list for the request

               ServiceReference1.EntityKey[] readRespKeys = new ServiceReference1.EntityKey[1];

               readRespKeys[0] = new ServiceReference1.EntityKey();

               readRespKeys[0].KeyData = new ServiceReference1.KeyField[1];

               readRespKeys[0].KeyData[0] = new ServiceReference1.KeyField();

               readRespKeys[0].KeyData[0].Field = "SalesId";

               // Ask the user for a sales order ID

               Console.WriteLine("Enter the sales order ID:");

               // Add the result to the entity key value

               readRespKeys[0].KeyData[0].Value = Console.ReadLine();

               try

               {

                   // Try to read the sales order

                   resp = cl.read(null, readRespKeys);

                   // Display the information from the first sales table

                   Console.WriteLine("For sales order: " + resp.SalesTable[0].SalesId);

                   Console.WriteLine("Customer Account is: " + resp.SalesTable[0].CustAccount);

               }

               catch (Exception e)

               {

                   Console.WriteLine("Exception: " + e.Message);

                   Console.ReadKey();

                   cl.Abort();

               }

               cl.Close();

           }

    Please provide some needful help that i can come out of this problem as soon as possible, and also third party should be able to use my services so ho can i pass credentials, because users wont be our Dynamics Ax users.

    Thanks in advance….