BCS and External List Learning – Part2

In Part1, I covered a specific scenario related to viewing external list and BDC throttling settings.  In this post, I’ll cover a similar specific scenario but related to authentication.

When we create an external content type using SPD2010, the screen where we specify the data source information has 3 options for authentication mode as shown in Screen1.




The “Connect with User’s Identity” is the “PassThrough” authentication mode we had in MOSS 2007 BDC.  The other 2 relates to SSO.  Now that we have Secure Store Service Application, we can use “Connect with Impersonated Windows Identity” OR if we are using claims token we can use “Connect with Impersonated Custom Identity” [This is my guess at this point in time, will post another blog or update this post when I get a chance to confirm it] types.


This is all good.  But what happens in scenarios when we are required to use “RevertToSelf” authentication mode???


The BCS architecture still supports it, but unfortunately, it is not available to us in this initial screen.  If the authentication mode isn’t set to “RevertToSelf” in scenarios where users who don’t have specific object or metadata store permissions, we would see errors like: “Login failed for user "NT AUTHORITY\ANONYMOUS LOGON" while browsing to external list.


Below are steps we need to follow to get this corrected!


1. We have to first enable BCS model to accept “RevertToSelf” as one of the authentication modes.  Yes, it’s disabled by default.  We can do this using SharePoint 2010 Management Console.


2. As shown from the above commands, the “ReverToSelfAllowed” property is set to false by default.  We can now change it to true.


3. Now, we can set RevertToSelf authentication mode in our external content type.  To do this, open the external content type in SPD2010, click the external system name against “External System” property in the “External Content Type Information” section.  And change the “Authentication Mode” property to “BDC Identity” as shown in Screen2.





Note that the “BDC Identity” option would still be available even if we don’t enable revert to self in the BCS service application.  However, when we use it without setting revert to self to true, we’ll see an error shown in Screen3.



Hope this was helpful! Stay tuned for more learning notes on BCS in SharePoint 2010.

Comments (12)

  1. Jeff says:

    I don’t see the RevertToSelfAllowed property and cannot set it. Is there some other dependency to be resolved?

  2. Surya Penmetsa says:

    I got it working. Try:

    $bdc.Properties["ReverToSelfAllowed"] = $true

    and make sure your sharepoint service account has access to the database.

  3. J.P. says:

    What authentication option do you pick when you want to store and use SQL Server native userid/password (not a NT account)?

  4. Khaleb says:

    i dont want to use nt account,  i need to use sql server native uiserid/password, please how can i make it???

  5. Fraser says:

    Thanks for this…helped me get it working!

  6. sowmyancs says:

    Thanks Immortal….this post really helped me !

  7. Lance Chung says:

    Thanks a lot. This post is really helped.

    After set $bdc.Properties["ReverToSelfAllowed"] = $true

    Either you set authentication mode to "User's Identity" or "BDC Identity", the “Login failed for user "NT AUTHORITYANONYMOUS LOGON" message disappear.

  8. Sidhanta says:

    It is not working properly…Thanks for guidence.

  9. SC Vinod says:


    How do we set authentication in a Visual Studio BCS solution?

  10. Majid says:

    I want to show a field as hyper link in my external list. The link is present in the table from where I am getting data. please tell me how I can make a field hyperlink in external list…..?

  11. Viviane says:

    Jeff, I have done the same, check what is your Server Application Name, as I have recreated I wasn't using Business Data Connectivity, so replace this word with your app name.

  12. SharePoint Administration Training Online says:

    Information was good, I like your post.

    Looking forward for more on this topic.

    <a href="staygreenacademy.com/…/">SharePoint Administration Training Online</a>