Author: Nishant Rana

I love working in and sharing everything about Microsoft.NET technology !

How to – Share read-only links to records with any user in your organization – Dynamics 365 / CRM (Dataverse)


To enable quick sharing of the read-only link of the records to any users within the organization, log in to Power Platform Admin Center

Select the Environment > Settings > Privacy + Security


Switch On the Enable Sharing option


This option currently works on the Contact, Account, Opportunity, and Case table.

It enables the option of sending the link to the record with

  • People in the organization with the link
  • Specific People

apart from

  • People with existing access.

Clicking on the Copy link opens the below model dialog box –

Clicking on People with existing access opens the below options –

  • People in your organization with the link
  • Specific people (disabled)

Here we have selected “People in your organization with the link

This enables any user (even if he has no CRM License or Dynamics 365/ Power Platform Role assigned) with the link to open the record as read-only.

This is how the record has opened for the user having no access to CRM but having the link to the record. (read-only)

Similarly, Email Link opens the Send Link dialog box, which allows us to select either a User(s) or Team(s) and define the content of the message as shown below

Clicking on Send opens the email in the default Mail Client associated

Here also we have the option to select either People in your organization with the link and Specific People


Get more details –

https://docs.microsoft.com/en-us/power-platform-release-plan/2022wave1/power-apps/easy-record-sharing

Hope it helps..

Advertisements

Fixed – You do not have prvReadmsdyn_personasecurityrolemapping permission to access Persona Security Role Mapping records. Contact your Microsoft Dynamics 365 administrator for help


Recently one of the users, while accessing a few of the System User’s views, was getting the below error.

You do not have prvReadmsdyn_personasecurityrolemapping permission to access Persona Security Role Mapping records. Contact your Microsoft Dynamics 365 administrator for help.

There were a few System users’ views that were working fine.

The user had the Security Role = System Administrator, however, the Access Mode was set to Administrative.

Changing the Access Mode to Read-Write fixed the issue.

Hope it helps..

Advertisements

How to – Use Refresh Option to force user state synchronization in Power Platform Admin Center – Dynamics 365 / CRM


At times we would assign or update the licenses and roles assigned to the users in Microsoft 365 Admin Center, and these changes would take time to reflect inside the Dynamics 365 applications.

A background system process takes care of synchronizing the user state in Azure AD to the System User table in Dataverse.

However, here we can also use the Refresh
User option in Power Platform Admin Center to force the synchronization instead of waiting.

Inside Power Platform Admin Center – Navigate to Environment >> [Env]>> Settings >> Users and select the user and click on Refresh user option.

This will immediately start the synchronization process.

Hope it helps..

Advertisements

Fixed – Trusted Platform Module has malfunctioned, with Error Code 80090030 in Microsoft Teams


Recently while trying to login into Microsoft Teams we got the below error –


  • As suggested in the different articles – we didn’t find any Teams Account Credentials to be removed.


  • Windows update also didn’t fix the issue.
  • Neither updating the driver from Devic Manager.


 

 

 

 

 

 

 

  • Creating EnableADAL key with Value data 0 also didn’t work.

Navigate to HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common

Expand the Common key and select the Identity subkey. Right-click on the space on the right side and go to “New > DWORD (32-bit) Value.”

Right-click on the newly created value and select Rename. Type EnableADAL.

By default, the Value Data of EnableADAL should be 0. If not, double-click on it and enter 0 in its Value Data. Click OK to save the changes.


  • tpm.msc è Prepare the TMP and Clear TPM also didn’t work.

Cryptographic Services were also running properly.

In our case, we were getting below additional error.

Eventually disconnecting the work account worked in our case.

https://nishantrana.me/2022/04/18/fixed-sign-in-required-your-device-is-having-problems-with-your-work-or-school-account-sign-in-again-to-access-your-organizations-resources/

The other solution that worked temporarily for us was to uninstall and reinstall the Microsoft Teams.

https://www.microsoft.com/en-ww/microsoft-teams/download-app

Hope it helps..

Advertisements

Fixed – Sign in required. Your device is having problems with your work or school account. Sign in again to access your organizations resources


Recently we were getting the below pop up in Windows every time after restart.

The fix was to Disconnect the work / school account.

Navigate to Accounts è Access work or school

Click on Disconnect the work or school acount.

That fixed the issue for us.

Hope it helps..

 

Advertisements

Security Enhancements – 24 hours maximum user session timeout in Dynamics 365 / CRM


With recent security enhancements in Customer engagement apps, the maximum user session timeout of 24 hours is removed.

https://docs.microsoft.com/en-us/power-platform/admin/user-session-management#user-session-timeout-management

Now it uses the Azure AD Session Policy to manage user session timeout, which by default has Azure AD refresh token expiration set as 90 days.

https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-configurable-token-lifetimes#refresh-and-session-token-lifetime-policy-properties

Refresh toke lifetime and expirationhttps://docs.microsoft.com/en-us/azure/active-directory/develop/refresh-tokens#refresh-token-lifetime

Use Configuring sign-in frequency in Conditional Access to define the periods before a user is required to sign-in again – https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-session-lifetime

Earlier the default session timeout used to be 24 hours with 20 minutes for warning the user – https://nishantrana.me/2017/11/17/configure-session-timeout-and-inactivity-timeout-dynamics-365/

However, we can still override the default Azure AD Session policy, by setting the session timeout and/or inactivity timeout for the individual environment.

To set the same navigate to –

Environments > [Environment] > Settings > Privacy + Security in Power Platform Admin Center.

Specify appropriate values and save the changes.

Get all the details here –

https://docs.microsoft.com/en-us/power-platform/admin/user-session-management#configure-session-timeout

Hope it helps..

 

Advertisements