Monday, July 8, 2013

How to resolve this problem SecLib::AccessCheckEx failed.

Hi Guys,

If someone had an error like this one while testing a scenario on his  CRM 2011 organization:

Unhandled Exception: System.ServiceModel.FaultException
PluginName : SecLib::AccessCheckEx failed. 
Returned hr = -2147187962, 
ObjectID: 8f3a3333-09e3-e211-b4c7-0050568c06b4, 
OwnerId: a9acc15c-95d2-e211-b3ed-0050568c06b4,  
OwnerIdType: 8 
and CallingUser: 576bd94b-27e3-e211-9980-0050568c06b4. 

ObjectTypeCode: 10008, 
objectBusinessUnitId: 6fad00e6-71d2-e211-b3ed-0050568c06b4, AccessRights: WriteAccess 


Don't worry, it's a right problem. But to resolve it, you need to have a database access to the CRM Sql Server.

You need to verify these points :

- If you don't know who is the CallingUser with the id : 576bd94b-27e3-e211-9980-0050568c06b4 you need to make a search on SystemUser table.

USE [ORGANIZATION_MSCRM]
GO

SELECT * FROM SystemUserBase WHERE SystemUserId = '56C9CC2B-E2C4-4012-B946-34024CBBA15A'

- After that, you need to enumerate the user's roles.
- Then, You need to detect the entity that generate the problem. To do this, you need to use the Object Type Code information : ObjectTypeCode: 10008


USE [ORGANIZATION_MSCRM]
GO

SELECT * fROM EntityView WHERE ObjectTypeCode = 10008

Execute this query to get entity name,

- Finnally, use this information : AccessRights: WriteAccess to verify in all user's roles if this entity had write privilege

You will find that any role has this privilege on this entity.

So, add this privilege to the role that you want and retry your scenario. You will see that it works.

have a nice day.

N.JL