Unable to Compile Hello World AL Project due to forbidden download of Symbols of Business Central

[SandVonSchaewen]

1. Describe the bug When trying to compile a Hello World Al Project created with the Visual Studo Code Command AL:Go! the symbols can not be retrieved from the Local Businesscentral Docker Sandbox instance.

Terminal Output looks this way:

[2022-03-10 11:05:31.47] Using reference symbols cache path: c:\Repositories\BusinessCentral\Al\Test1./.alpackages [2022-03-10 11:05:31.48] Sending request to http://bcserver:7049/BC/dev/metadata?tenant=default [2022-03-10 11:05:31.50] The request for path /BC/dev/metadata?tenant=default failed with code Forbidden. Reason: Target service not allowed [2022-03-10 11:05:31.50] Sending request to http://bcserver:7049/BC/dev/metadata?tenant=default [2022-03-10 11:05:31.52] The request for path /BC/dev/metadata?tenant=default failed with code Forbidden. Reason: Target service not allowed

These are my Powershell Localhost Sandbox Scripts to Create the Docker Instance

$webclient = (New-Object System.Net.WebClient)
$webclient.Proxy.Credentials = [System.Net.CredentialCache]::DefaultNetworkCredentials

install-module BcContainerHelper -force
Import-Module BcContainerHelper
Check-BcContainerHelperPermissions -Fix

## set accept_eula to $true to accept the eula found here: https://go.microsoft.com/fwlink/?linkid=861843
$accept_eula = $true
$containername = 'BCSandbox'
$licenseFile = ''
$auth = 'Windows'
$usessl = $false
$updateHosts = $false
$assignPremiumPlan = $true
$shortcuts = 'Desktop'

$artifactUrl =  Get-BcArtifactUrl -country 'DE' -version '19.4.35398.35925' -select 'Closest'

if ($auth -eq 'Windows') {
    $credential = get-credential -UserName $env:USERNAME -Message 'Using Windows Authentication. Please enter your Windows credentials.'
}
elseif ($auth -eq 'UserPassword') {
    $credential = get-credential -Message 'Using Username/Password Authentication. Please enter credentials.'
}
else {
    throw '$auth needs to be either Windows or UserPassword'
}

if (!$accept_eula) {
    throw 'You have to accept the eula in order to create a Container.'
}
if (!($containername)) {
    throw 'You have to specify a container name in order to create a container.'
}
if (!($artifactUrl)) {
    throw 'No matching build was found for your version of Business Central'
}
New-BcContainer -accept_eula:$accept_eula `
                -containername $containername `
                -artifactUrl $artifactUrl `
                -auth $auth `
                -Credential $credential `
                -usessl:$usessl `
                -updateHosts:$updateHosts `
                -licenseFile $licenseFile `
                -assignPremiumPlan:$assignPremiumPlan `
                -includeAL -doNotExportObjectsToText `
                -shortcuts $shortcuts

if ($licenseFile) {
    Setup-BcContainerTestUsers -containerName $containername -password $credential.Password
}

Businesscentral itself works without any issues: Call on on sandbox via Browser returns this JSON: http://[bcsandbox:7049/BC/dev/metadata?tenant=default](http://bcsandbox:7049/BC/dev/metadata?tenant=default)

{"runtimeVersion":"8.1","webApiVersion":"5.0","debuggerVersion":"4.0","webEndpoint":"http://BCSandbox/BC/","extensionAllowedTargetLevel":"Internal"}

launch.json

{
    "version": "0.2.0",
    "configurations": [
        {
            "name": "Your own server",
            "request": "launch",
            "type": "al",
            "environmentType": "OnPrem",
            "server": "http://BCSandbox",
            "serverInstance": "BC",
            "authentication": "Windows",
            "startupObjectId": 22,
            "startupObjectType": "Page",
            "breakOnError": true,
            "launchBrowser": true,
            "enableLongRunningSqlStatements": true,
            "enableSqlInformationDebugger": true,
            "tenant": "default"
        }
    ]
}

app.json

{
  "id": "36b83773-ab81-4872-9745-f6aad9bf902b",
  "name": "Test1",
  "publisher": "default",
  "version": "1.0.0.0",
  "brief": "",
  "description": "",
  "privacyStatement": "",
  "EULA": "",
  "help": "",
  "url": "",
  "logo": "",
  "dependencies": [],
  "screenshots": [],
  "platform": "1.0.0.0",
  "application": "19.0.0.0",
  "idRanges": [
    {
      "from": 50100,
      "to": 50149
    }
  ],
  "resourceExposurePolicy": {
    "allowDebugging": true,
    "allowDownloadingSource": false,
    "includeSourceInSymbolFile": false
  },
  "runtime": "8.0"
}

HelloWorld.al

pageextension 50100 CustomerListExt extends "Customer List"
{
    trigger OnOpenPage();
    begin
        Message('App published: Hello world');
    end;
}

2. To Reproduce

1. Use Powershell Script to Create Docker Sandbox Instance of Business Central ( use local user with Admin rights for Install)
2. Login To Business Central local and assign the currentuser as Superuser.
3. Start VsCode and use the AL:Go! Command with local Server and credientials of the installing user of the Dockerimage.
4. Try compile the Solution with F5

3. Expected behavior Downloads the Symbols to Start and Publish the app

4. Actual behavior Compile fails and report problems in visual studio code:

The target Page "Customer List" for the extension object is not foundAL(AL0247)

Output

[2022-03-10 11:52:32.00] Using reference symbols cache path: c:\Repositories\BusinessCentral\Al\Test1\./.alpackages
[2022-03-10 11:52:32.00] Sending request to http://bcsandbox:7049/BC/dev/metadata?tenant=default
[2022-03-10 11:52:32.03] The request for path /BC/dev/metadata?tenant=default failed with code Forbidden. Reason: Target service not allowed
[2022-03-10 11:52:32.03] Sending request to http://bcsandbox:7049/BC/dev/metadata?tenant=default
[2022-03-10 11:52:32.05] The request for path /BC/dev/metadata?tenant=default failed with code Forbidden. Reason: Target service not allowed
Microsoft (R) AL Compiler version 8.1.8.16322
Copyright (C) Microsoft Corporation. All rights reserved

Compilation started for project 'Test1' containing '1' files at '11:52:32.108'.

error AL1045: The package cache c:\Repositories\BusinessCentral\Al\Test1\./.alpackages could not be found.

Compilation ended at '11:52:32.130'.

Error: The package could not be created.

5. Versions:

• AL Language: v8.1.540594
• Visual Studio Code: 1.54.3
• Business Central: 19.4.35398.35925
• List of Visual Studio Code extensions that you have installed: AL Language

[freddydk]

When using Windows authentication, you need to specify the username and password of the windows user running on the host when starting the container. If you are using another user for creating the container, you can change $auth to UserPassword and do the same in launch.json (Windows -> UserPassword) and try again,

[SandVonSchaewen]

Tried that.

1. Changed the Powershellscript $auth to "UserPassword"
2. Started the ISE for Powershell as local User and used this local User on the password promt and recreated the container
3. changed launch.json authentification to "UserPassword"
4. Cleared credentials with AL Command on vs Code
5. Reentered credentials of the local user
6. Tried to compile but problem sadly still persists.

I also tried verboose logging on AL Extension, but I can't see any extended information about the issue. Do I might need to add the domain to the user credentials? I don't think so, because I use a local user.

[dannoe]

Are you using a (sophos) proxy?

[SandVonSchaewen]

Are you using a (sophos) proxy?

Yes. Let me guess I need some kind of proxy Authentification Configuration neccessary, despite using a local sandbox ? I use CNTLM for outgoing requests on other programs so the sophos should not be an issue.

The EnvironmentVariables are set to CNTLM and should be used by VS Code ( HTTP_PROXY and HTTPS_PROXY) It works for tools like node.js and others.

Note: The Docker Container has configured following Proxy Variables:

HTTP_PROXY: http://host.docker.internal:53128

HTTPS_PROXY: http://host.docker.internal:53128

Local Machine CNTLM is exposed to localhost:53128

[dannoe]

I am not really sure. I just googled the error message (Target service not allowed) and the search results all mentioned sophos.

[GitteLindBendixenTved]

Well, It might help, if you run visual studio code as administrator, since you might have installed it on your user and this user is not the same as the one you are using now.