This project is read-only.

Approving a request using FIM Rmapproval Class


Approving a request using web service-Resource management client

I am using FIM RMC2010, for approving a request -using RMapproval object
Following values are set
1."AppApprover" user is created to approve a request for a specific attribute value changes.
  1. Domain is set to "ECOM"
  2. We are able to enumerate through all the pending request for "AppApprover" user.
    But when we try to set the endpoint address for approval using approval's 'ApprovalEndpointAddress' property, it throws system invalid operation exception: "The Approval object contains no endpoint information". Endpoint Address list contains only one address currently.
What setting we have to do to get correct list of endpoint address?

Please refer below code
Code snippet:
 DefaultClient client = new DefaultClient();    
// set credentials and refresh schema
client.ClientCredential = new System.Net.NetworkCredential( "AppApprover", "pwd", "ECOM");
 client.RefreshSchema ();
// enumerate the approvals and approve specifying an SPN.
foreach (RmResource resource in client.Enumerate(string.Format("/Approval[ApprovalStatus='Pending']")))
         RmApproval approval = resource as RmApproval;
          if (approval != null)
              EndpointAddress address = new EndpointAddress(
                        new Uri(approval.ApprovalEndpointAddress))
                    client.Approve(approval, true, address);
                 catch (Exception exc)
                        Console.WriteLine("Failed: {0}", exc);
  1. To temporary resolve the issue we have modified Rmapproval class's property "ApprovalEndpointAddress" and taken only first Endpoint Address.
  2. But it comes with new exception: Soap security negotiation with inner exception as "Security support provider interface (SSPI) authentication failed. The server may not be running in an account with identity '____'.If the server is running in a service account(network service for example),specify the account's service principal name as the identity in endpoint address for the server. If the server is not running in user account, specify the account's user principal name as the identity in the endpoint address for the server"
  3. So we have changed Endpoint address as:
    EndpointAddress address = new EndpointAddress(new Uri(approval.ApprovalEndpointAddress),EndpointIdentity.CreateSpnIdentity("ECOM/AppApprover"));
But It shown exception as "Request to the security token could not be satisfied because authentication failed -The Caller was not authenticated by service".
Please help to resolve the issue.