Comments (8)
It worked and I can continue further.
Thank you!
from bc2adls.
Thanks for writing to us. The ContainerExists
calls the ADLSEHttp.InvokeRestApi
function. So please put a breakpoint on this line, and then gather the URL, Headers that are used in the Http REST API call. (You may be required to uncomment the [NonDebuggable]
attribute in the AddAuthorization
function in the same codeunit.) Then try to see if you can make the same Https request through Postman / .NET console app and check if you are getting the same error.
For your information, this is the call that is invoked from BC to ADLS: Get Container Metadata.
You may also re-try after creating a fresh secret for the Azure App Registration and enter it on Client secret field of BC.
Regards,
The bc2adls team
from bc2adls.
Hi.
in the InvokeRestAPI URL
is the following: https://fpltest03.blob.core.windows.net/bc2adlscont?restype=container&comp=metadata
in the AddAuthorization
the function AcquireTokenAOAuth2
is called, where:
URI
is https://login.microsoftonline.com/fafe0a34-[redacted, correct]/oauth2/token
RequestBody
is resource=https%3A%2F%2Fstorage.azure.com%2F&scope=https%3A%2F%2Fstorage.azure.com%2Fuser_impersonation&client_id=b84a77ba-[redacted, correct]&client_secret=[redacted, correct]&client_info=1&grant_type=client_credentials
as the result, AccessToken
is obtained successfully
So, Headers look legit
Authorization
: Bearer [redacted, generated AccessToken]
x-ms-version
: 2020-10-02
x-ms-date
: Thu, 18 Aug 2022 22:01:27 GMT
but the result of Client.Get is the following:
'
AuthorizationPermissionMismatch
This request is not authorized to perform this operation using this permission.
RequestId:128a8d2d-f01e-005d-554b-b3ea7a000000
Time:2022-08-18T21:46:17.8032396Z'
from bc2adls.
Dear @PaulFurlet,
The .NET code which makes a similar call fails using the Blob REST API- so this should be escalated as a support request to the Azure Data Lake team, as the authentication mechanism that you specify seems to be correct- and an error in authentication is out of scope for this project.
HOWEVER, it may be that the real cause is that you do not have the role Storage Blob Data Contributor assigned to your application bc2adls. From the screenshots I can see the role having been assigned to p f <admin@fpltest01...> but not to the bc2adls app registration. If you follow the instructions closely, the role Storage Blob Data Contributor is assigned to the app registration (see the setting 3), and not to any "real" AAD user.
Best regards,
The bc2adls team.
from bc2adls.
Hello @DuttaSoumya
Thank you for your explanation, but I cannot select any application on assigning role.
I have only user or managed identity as options to choose from (I do not have any managed indentity and only one user). So I selected and added the only available variant.
That's why I am wondering what could I miss that I cannot specify registered app as role executor for the storage account?
from bc2adls.
Hi @PaulFurlet,
You should be able to see the App Registration name in the list for Select members when you have selected Assign access to as User, group, or service principal
.
Once selected, the Access Control (IAM) pane for the storage account should show something like this- note the Type is App
, not User
.
But is seems you are unable to see the App Registration as a user. Please check that the list of Enterprise Applications in Azure has your App Registration, like so,
Take a note that the Application Id should match the field with the same name on the App registration.
I would urge you to please re-try Step 1. Create an Azure Service Principal or just do the tutorial Register an application with Microsoft identity platform and then check if the newly registered application shows up as a user in the Access Control (IAM) pane.
Best regards,
The bc2adls team.
from bc2adls.
Hi @DuttaSoumya,
Thank you for your hints. But I still do not see any clue of application in the list. There is Enterprise Application with my Application Id created automatically.
Assuming, even demo account should be able to perform setup, here are the steps I do for the new registration [I removed everything beforehand, this is demo account anyways, added new user storageacc with simple User permissions]
just like specified in the instructions:
- Registering new application
- creating Application Secret
- {not described in instructions} adding Azure Storage user_impersonation to API permissions
- new Enterprise Application created automatically, no manual provisioning applied
- new Resource Group (I removed all other)
- new Storage Account
- enabled hierarchical namespace
- trying to add role assignment for the Storage Account - no luck to see any app in the list
from bc2adls.
@DuttaSoumya omg... if I start to type in the app name, it appears... so unobvious...
checking sthuff further...
from bc2adls.
Related Issues (20)
- Timeout database query 30min Business Central. HOT 8
- Transition to Azure Synapse runtime for Apache Spark 3.2 or 3.3 HOT 2
- Every file exported file is in CSV HOT 2
- Add Folder path option for container HOT 4
- Export to OneLake (Fabric) HOT 14
- No export of json files if table doesn't have data HOT 2
- Is there a way to configure double quote escaping in delta .csv files HOT 3
- Error when trying to create pipeline "Could not load resource 'Consolidation_OneEntity'. Please ensure no mistakes in the JSON and that referenced resources exist." HOT 4
- Last exported state is Failed when exporting many tables HOT 1
- Export doesn't seem to terminate HOT 1
- Procedure UpdateCdmJsons is failing because of LockTable in a try function HOT 1
- CDM data format set to CSV shows unexpected results in Power BI HOT 1
- Error in Consolidation_OneEntity
- Exports with different frequencies HOT 4
- capacity ledger entry (Calculation field) HOT 1
- Truncation and Comparing Records Counts from BC to ADL HOT 1
- Several Dataset in ADLS
- Filtering Record before exporting to ADLS HOT 4
- Enabled field in the ADLSE Table not working as expected HOT 3
- Pipeline fails if there is no new data in delta folder HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bc2adls.