search

microsoft / AL

Home of the Dynamics 365 Business Central AL Language extension for Visual Studio Code. Used to track issues regarding the latest version of the AL compiler and developer tools available in the Visual Studio Code Marketplace or as part of the AL Developer Preview builds for Dynamics 365 Business Central.
MIT License
744 stars 245 forks source link

Unable to download symbols with Windows Auth container on Windows 11 #6861

Open pibcht opened 2 years ago

pibcht commented 2 years ago

Hi all!

Describe the bug

I create container with BcContainerHelper with -Auth Windows. Credential provided is identical to my Windows account (It's a Microsoft account). When I try to Download Symbols, no username/password prompt (That's normal) but instantly dotnet error shown:

Processing of message 'al/downloadSymbols' failed with error: 'No credentials are available in the security package'.

To Reproduce

1️⃣ BcContainerHelper.config.json

{
    "sandboxContainersAreMultitenantByDefault": false,
    "defaultNewContainerParameters": {
        "restart": "no"
    }
}
New-BcContainer -accept_eula -auth Windows -artifactUrl https://bcartifacts.azureedge.net/sandbox/19.1.31886.33316/fr -containerName bcwin -Credential (Get-Credential)

2️⃣ image

3️⃣ launch.json

{
    "version": "0.2.0",
    "configurations": [
        {
            "name": "Your own server",
            "request": "launch",
            "type": "al",
            "environmentType": "Sandbox",
            "server": "http://bcwin",
            "serverInstance": "BC",
            "authentication": "Windows",
            "tenant": ""
        }
    ]
}

4️⃣ image

Expected behavior

[2021-12-05 23:01:14.29] Sending request to http://bcwin:7049/BC/dev/metadata
[2021-12-05 23:01:36.02] Sending request to http://bcwin:7049/BC/dev/packages?publisher=Microsoft&appName=System&versionText=1.0.0.0&appId=8874ed3a-0643-4247-9ced-7a7002f7135d
[2021-12-05 23:01:36.02] Sending request to http://bcwin:7049/BC/dev/packages?publisher=Microsoft&appName=Application&versionText=19.0.0.0&appId=00000000-0000-0000-0000-000000000000
[2021-12-05 23:01:36.65] The following dependencies will be queried for propagated dependencies:
System Application by Microsoft (19.1.0.0)
Base Application by Microsoft (19.1.0.0)
[2021-12-05 23:01:36.66] Sending request to http://bcwin:7049/BC/dev/packages?publisher=Microsoft&appName=System Application&versionText=19.1.0.0&appId=63ca2fa4-4f03-4f2b-a480-172fef340d3f
[2021-12-05 23:01:36.66] Sending request to http://bcwin:7049/BC/dev/packages?publisher=Microsoft&appName=Base Application&versionText=19.1.0.0&appId=437dbf0e-84ff-417a-965d-ed2bb9650972
[2021-12-05 23:01:37.74] All reference symbols have been downloaded.

(Simulated using UserPassword container)

Actual behavior

1️⃣ Business Central Web Client works perfectly, but i'm asked to log in.

@freddydk said on another Issue (https://github.com/microsoft/AL/issues/6532#issuecomment-800873052)

When you create a container using Windows Auth, and you can access the Web Client in a Browser without logging in you are fine.

2️⃣

[2021-12-05 22:53:27.25] Using reference symbols cache path: w:\Code\Temp\EFF\./.alpackages
[2021-12-05 22:53:27.28] Targeting server 'http://bcwin', server instance 'BC' and tenant 'default'.
[2021-12-05 22:53:27.28] Using Windows authentication.
[2021-12-05 22:53:27.30] Sending request to http://bcwin:7049/BC/dev/metadata?tenant=default
[2021-12-05 22:53:27.38] Sending request to http://bcwin:7049/BC/dev/metadata?tenant=default
[Error - 22:53:27] Please report this issue to https://github.com/microsoft/al/issues including information on how to reproduce it, if possible.
Processing of message 'al/downloadSymbols' failed with error: 'Aucune information d’identification n’est disponible dans le package de sécurité'
Details:
System.ComponentModel.Win32Exception (0x8009030E): Aucune information d’identification n’est disponible dans le package de sécurité
   at System.Net.NTAuthentication.GetOutgoingBlob(Byte[] incomingBlob, Boolean throwOnError, SecurityStatusPal& statusCode)
   at System.Net.NTAuthentication.GetOutgoingBlob(String incomingBlob)
   at System.Net.Http.AuthenticationHelper.SendWithNtAuthAsync(HttpRequestMessage request, Uri authUri, Boolean async, ICredentials credentials, Boolean isProxyAuth, HttpConnection connection, HttpConnectionPool connectionPool, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, Boolean async, Boolean doRequestAuth, CancellationToken cancellationToken)
   at System.Net.Http.AuthenticationHelper.SendWithAuthAsync(HttpRequestMessage request, Uri authUri, Boolean async, ICredentials credentials, Boolean preAuthenticate, Boolean isProxyAuth, Boolean doRequestAuth, HttpConnectionPool pool, CancellationToken cancellationToken)
   at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at Microsoft.Dynamics.Nav.Deployment.Telemetry.TelemetryHttpClientHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.Deployment\Telemetry\TelemetryHttpClientHandler.cs:line 61
   at Microsoft.Dynamics.Nav.Deployment.Http.NavHttpClientHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.Deployment\Http\NavHttpClientHandler.cs:line 35
   at System.Net.Http.HttpClient.SendAsyncCore(HttpRequestMessage request, HttpCompletionOption completionOption, Boolean async, Boolean emitTelemetryStartStop, CancellationToken cancellationToken)
   at Microsoft.Dynamics.Nav.Deployment.ApiClients.ServerInfoApiClient.GetServerInfo() in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.Deployment\ApiClients\ServerInfoApiClient.cs:line 46
   at Microsoft.Dynamics.Nav.Deployment.ApiClients.ServerRegistry.QueryMetadata(ConnectionOptions options, IEmitLogger logger) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.Deployment\ApiClients\ServerRegistry.cs:line 153
   at Microsoft.Dynamics.Nav.Deployment.ApiClients.ServerRegistry.GetServerInfo(ConnectionOptions options, IEmitLogger logger) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.Deployment\ApiClients\ServerRegistry.cs:line 56
   at Microsoft.Dynamics.Nav.Deployment.ApiClients.PackagesApiClient.SendRequest(IHttpClient client, SymbolReferenceSpecification reference) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.Deployment\ApiClients\PackagesApiClient.cs:line 135
   at Microsoft.Dynamics.Nav.Deployment.ApiClients.PackagesApiClient.DownloadPackage(IHttpClient client, SymbolReferenceSpecification specification, String directory, Boolean isSecondLevelDependency) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.Deployment\ApiClients\PackagesApiClient.cs:line 172
   at Microsoft.Dynamics.Nav.Deployment.ApiClients.PackagesApiClient.DownloadPackages(ImmutableArray`1 references, String targetDir) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.Deployment\ApiClients\PackagesApiClient.cs:line 61
   at Microsoft.Dynamics.Nav.Deployment.ReferenceDownloader.NavDevServerPackageDownloader.DownloadPackages(ImmutableArray`1 packages, String targetDirectory) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.Deployment\ReferenceDownloader\NavDevServerPackageDownloader.cs:line 32
   at Microsoft.Dynamics.Nav.EditorServices.Protocol.LanguageServer.Extensions.DownloadSymbolsRequestHandler.DownloadFiles(DownloadSymbolsRequest request, String cacheDirectory, ImmutableArray`1 referencesToDownload) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.EditorServices.Protocol\LanguageServer\Extensions\DownloadSymbolsRequestHandler.cs:line 125
   at Microsoft.Dynamics.Nav.EditorServices.Protocol.LanguageServer.Extensions.DownloadSymbolsRequestHandler.ProcessRequestAsync(DownloadSymbolsRequest request, Int32 requestId, CancellationToken cancellationToken) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.EditorServices.Protocol\LanguageServer\Extensions\DownloadSymbolsRequestHandler.cs:line 93
   at Microsoft.Dynamics.Nav.EditorServices.Protocol.LanguageServer.Extensions.NavServerRequestHandler`2.HandleAsync(T request, Int32 requestId, CancellationToken cancellationToken) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.EditorServices.Protocol\LanguageServer\Extensions\NavServerRequestHandler.cs:line 40
   at Microsoft.Dynamics.Nav.EditorServices.Protocol.MessageProtocol.RequestHandlerBase`1.HandleAsync(JToken requestContents, Int32 requestId, CancellationToken cancellationToken) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.EditorServices.Protocol\MessageProtocol\RequestHandlerBase.cs:line 63
   at Microsoft.Dynamics.Nav.EditorServices.Protocol.RequestRegistry.Process(Message message) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.EditorServices.Protocol\Endpoints\RequestRegistry.cs:line 64

Error translation:

🇫🇷 Processing of message 'al/downloadSymbols' failed with error: 'Aucune information d’identification n’est disponible dans le package de sécurité' 🇺🇸 Processing of message 'al/downloadSymbols' failed with error: 'No credentials are available in the security package'.

Versions

  1. andrzejzwierzchowski.al-code-outline
  2. ankitbko.vscode-pull-request-azdo
  3. arcticicestudio.nord-visual-studio-code
  4. Calliope.al-extension-pack
  5. david-rickard.git-diff-and-merge-tool
  6. DavidAnson.vscode-markdownlint
  7. davidfeldhoff.al-codeactions
  8. DotJoshJohnson.xml
  9. howardzuo.vscode-git-tags
  10. humao.rest-client
  11. j-brooke.fracturedjsonvsc
  12. jamespearson.al-test-runner
  13. lacroixdavid1.vscode-format-context-menu
  14. marp-team.marp-vscode
  15. mhutchie.git-graph
  16. ms-azuretools.vscode-docker
  17. ms-dynamics-smb.al
  18. ms-vscode.live-server
  19. nabsolutions.nab-al-tools
  20. nwallace.createGUID
  21. PKief.material-icon-theme
  22. ryu1kn.annotator
  23. statical.prism-al
  24. stefanmaron.businesscentral-lintercop
  25. usernamehw.errorlens
  26. waderyan.gitblame
  27. waldo.crs-al-language-extension
  28. zhuangtongfa.material-theme

Final Checklist

Please remember to do the following:

thloke commented 2 years ago

@freddydk - can you have a look at this to determine if it's an issue with our VSIX or with the docker setup?

pibcht commented 2 years ago

💡 I tried with "tenant": "default" and with "tenant": "". I'm not sure I pasted the right launch.json with the right error message, but the error is the same in both cases.

NavNab commented 2 months ago

While researching an issue I face, I stumbled upon your issue, which made me curious about your situation. In my experience, BC Containers using Windows authentication fail unless the PC/Server is domain-joined. However, they work well with a domain-connected PC/Server. I hope this insight proves helpful.

pibcht commented 2 months ago

Hi @NavNab ! I feel like it's always worked for me with a LOCAL account. Today, I am on a Domain account managed by Intune (My PC is not in the domain, it is in a personalized WORKGROUP)

I think that the 2 events are not linked, given the dates, but I cannot completely exclude that it plays a role…