Friday, December 22, 2017

ApplicationPoolIdentity >> IIS 7 and Application Pool Shutting down behavior with Error 503 followed by HTTP Error 401.3

Recently while deploying one of our website to IIS of a new production server (Windows 2012 Server), I was facing a weird issue. Whenever a user tries to launch the website, the application pool was getting crashed with Error - 503. 

The application pool was running under "ApplicationPoolIdentity" account.

After investigating the event logs, I found the root cause of the issue as below: 

Windows cannot copy file \\?\C:\Users\Default\AppData\Local\Microsoft\VSCommon\14.0\SQM\sqmdata00.sqm to location \\?\C:\Users\XXXXX.IIS APPPOOL.008\AppData\Local\Microsoft\VSCommon\14.0\SQM\sqmdata00.sqm. This error may be caused by network problems or insufficient security rights.
 DETAIL - Access is denied.
The issue was related to security which is quite apparent from the error message, but it was something new for me, especially after successfully deploying more than 100 ASP.NET websites.

After a lot of research, I found following had to be done to resolve this issue -

1. Open the properties of "Default" user (i.e., "C:\Users\Default". Location may defer based on the installation).
2. Under Security, click "Advanced" followed to that click "Change Permissions". This should open "Advanced Security Settings for Default" dialog box.
3. Tick "Replace all child object permissions with inheritable permissions for this object" check box.
4. Click Apply and OK.

Now restart the application pool, and try accessing the website. This should fix the issue.

However, for me, it didn't end there. This resolved the 503 error, I was able to see the website getting loaded in the browser, and application pool was not shutting down which was perfect solution. But now, it was not loading any unmanaged resources (i.e., css, js, images, etc). 
Further more investigations suggested that all these resources were failing to load due to "401.3 Unauthorized" error.

After another round of research and googling, I found the root cause which was even more strange.

1. Open "Authentication" settings of the website under IIS.
2. Select "Anonymous Authentication", and click "Edit" button.
3. Check which option is selected under "Anonymous user identity". If it is "Specific user", then congratulations, your problem will be resolved in a minute.
4. Change the option to "Application pool identity", and click "OK"

Restart Application Pool, and relaunch the website.

This time, the website should load properly and all expected resources.

Hope this helps

Tuesday, March 7, 2017

Dynamics CRM 2016: Updating Lookup field value using CRM REST API

This article aims to guide you about the things to consider when making a REST API call to insert/ update a value in the lookup field in CRM.

Consider your CRM instance is having following two entities:

1) account >> This entity comes default with CRM instance
2) new_customer >> Custom entity having various fields, but we are typically interested in "new_account" which is a lookup to the account entity.

    public class Account
        public string name { get; set; }

        public Guid accountid { get; set; }


using Newtonsoft.Json;
public class Customer
        [JsonProperty(PropertyName = "new_accountid@odata.bind")]
        public string new_accountid { get; set; }        

        public string new_customerRefNo { get; set; }        

Notice, the JsonProperty in Customer class. This property needs to be set for all lookup fields in case if they are intended to be updated/ inserted using REST API. Name of this property should be set to - "[lookupfieldname]@odata.bind". In above case, [lookupfieldname] is "new_accountid"

Now you can populate values in Customer instance, and can send them in your REST API calls which will update lookup fields during PUT/ POST calls.