Searching BDC Data

I went to setup searching a Business Data Catalog application this morning.  I setup the content source under the Shared Services Adminstration console and selected Start Full Crawl.  I noticed that the crawl logs were showing an error:

 bdc2://75fdb349-8b44-4f23-87fe-218cfe60a8f9/3/32
The parameter is incorrect. (Access denied by BDC.)

I did some searching and found some other people had the same error, I read through the forums and none of the solutions matched my exact scenario, but they did point me in the right direction.  My Default Content Access account was setup as a domain user (domain\user Id), and that account did not have any permissions to the BDC.  Back in the SSP console I selected Business Data Catalog permissions and added the Default Content Access account with Execute permissions.  I went back into Search Settings, kicked off a full crawl and still got the same error.  It turns out that the BDC has a very powerful granular permissions model, and permissions can be set on the BDC, the applications, and each entity separately.  They also have a nice feature for "pushing" the permissions down to the child objects up on the toolbar called "Copy all permissions to descendants", so I clicked that link this time around.  Be careful with this option though as it will repace all the permissions, it does warn you of this before making the change.  Alternatively I could have gone to the Application & Entities and given the account the necessary permissions.

I started a full crawl of the BDC content source, and got a new error this time:

bdc2://75fdb349-8b44-4f23-87fe-218cfe60a8f9/3/32
The parameter is incorrect. (Cannot connect to the LOB System.)

Back to the search engines, but this time didn't have much luck.  So I checked the ULS logs...I only do this when I'm desparate as they are so "Un-User" friendly.  However, way down toward the bottom on like line 7000 something I see the following:

Cannot connect to the LOB System. (A connection was successfully established with the server, but then an error occurred during the login process

So realizing that I'm trying to connect to the SQL database using the Default Content Access account I thought to check the database permissions.  Turns out that I had a login for the account, but that account did not have any rights to the database that the BDC application is using.  So I added the account to the db_datareader role using SQL Server Management Studio.  I started another Full Crawl of the BDC application content source, this time I knew it was working as the crawl logs were showing a success, no more error messages...and the number of items in the index was increasing.

I hope this helps someone else when they try to setup searching a BDC application with the default content access account setup as a reguler domain user account and not an administrator account.

3 Comments

  • Very timely. Was just setting this up, and it saved me time in troubleshooting.

  • Getting Same error when using Search on BDC , BDC is reading data from webservice.Webservice has anonymous access on it. I had given all permission on BDC and Search account but it still giving same error...............any ideas

  • Legend!! very helpful. I didnt think about access to the BDC - just the DB. Thanks

Comments have been disabled for this content.