Nishant Rana's Weblog

MVPs around the World (2020)

Interesting stats !

With great honor and joy I can announce that I have been awarded the Microsoft Most Valuable Professional award for the seventh consecutive year, again in the category Office Apps & Services. Congratulations to other new and re-awarded MVPs as well, and kudos to the MVP program in undertaking the monstrous task of reviewing and evaluating thousands of contributions every award cycle.

With another award cycle also comes the time to have a look at the MVP statistics. Below numbers are taken from the public MVP site. July 3rd is chosen as the first days the site gets updated and new awardees need to turn in their NDA before they show up on the site.

Because people can get awarded each month, the comparison to July 3rd of every year indicates only yearly trend. Therefor we’ll also compare the numbers to those of June to see the impact on long-term…

View original post 591 more words

Solved – AADSTS50058: A silent sign-in request was sent but none of the currently signed in user(s) match the requested login hint PowerApps

We might get below error while trying to login to Power Apps

AADSTS50058: A silent sign-in request was sent but none of the currently signed-in user(s) match the requested login hint. Trace ID: b4c0c138-c2d9-46c8-999f-3d10414c2d00 Correlation ID: 60ab6eb7-bef1-44e1-8756-bdc33907e6ef Timestamp: 2020-07-03 19:11:01Z

Error AADSTS50058 is

UserInformationNotProvided – This means that a user is not signed in. This is a common error that’s expected when a user is unauthenticated and has not yet signed in.
If this error is encouraged in an SSO context where the user has previously signed in, this means that the SSO session was either not found or invalid.
This error may be returned to the application if prompt=none is specified.

https://docs.microsoft.com/en-us/azure/active-directory/develop/reference-aadsts-error-codes

Few solutions to this error are

Try using InPrivate mode.
Clearing the browser cache – which would force the user to enter the authentication information again, which then would get a new token.
https://powerusers.microsoft.com/t5/Building-Power-Apps/Authentication-error/m-p/388458/highlight/true#M113179

After the cache is cleared or if we open it in incognito mode, the user is asked to enter the login in again.

And the user can log in to Power Apps successfully.

Check below links for more detail –

https://github.com/AzureAD/azure-activedirectory-library-for-js/issues/323

https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-js-known-issues-ie-edge-browsers#other-workarounds

Hope it helps..

Advertisements

How to – Use Azure AD Conditional Access to block access by country (Dynamics 365)

In the previous post, we covered conditional access based on the device platform, here we’d look into how we can use the network location to block the access.

We can either use IP ranges or Countries / Regions for defining the location.

https://portal.azure.com/

Navigate to Azure Active Directory – Security – Named locations to define the location.

Here we are adding a new countries location record.

For the new location, we have selected India and UAE.

Next click on Conditional Access to define a new policy.

For Users and groups, we have selected a user named testuser1.

For Cloud Apps or actions, we have selected Common Data Service.

For Conditions, we have specified Locations condition with the Restricted Locations record that we had created earlier.

For Access Controls, we have selected Block access.

Enable and create the policy.

Before the policy was enabled, test user1 was able to access Dynamics 365.

After enabling the policy if we try accessing Dynamics 365 from either UAE or India location, we’d get the below message.

Same for the Dynamics 365 for Phones app.

Test user 3 to which policy doesn’t apply can still access Dynamics 365.

Hope it helps..

Advertisements

How to – Use Azure AD Conditional Access to block user access by device platform (Dynamics 365)

Recently we were exploring Azure AD Conditional Access, through which we can define and enforce the organization’s policies regarding access to its resources.

Get more details here

https://docs.microsoft.com/en-gb/azure/active-directory/conditional-access/overview

Here we will define a simple conditional access policy through which we are restricting a user’s access to Common Data Service through Android OS, but allowing the same through the other device platforms.

https://portal.azure.com/

Before we can specify a new policy, we need to disable the Enable Security defaults.

Navigate to Azure Active Directory – Properties and click on Manage Security defaults link

Set “Enable Security defaults” to No

Next, Navigate to Security – Conditional Access

Activate the Azure AD Premium trial required to configure conditional access.

Create a new policy.

For Users and Groups, we have specified the user “testuser1“. The other options available are guest, external users, directory roles and groups.

For Cloud apps or actions, we have selected Common Data Service

For Conditions, we have selected only Android as the Device Platform to which the policy should apply.

For Access Controls – Grant we have selected Block Access.

Enable the policy and save.

Let us login through the browser with the testuser1 in windows

Now let us try the same from the Dynamics 365 mobile app from Android.

And the same experience from browser within the Android.

As expected the users is not able to access Dynamics 365 from Android device, and the same user can access from the browser and Dynamics 365 Tablet app from Windows as shown below.

What if we update the device platform and select Windows as well?

As expected, the user is not able to access both the browser as well as the app from the windows.

What if we want the user to access it from the browser and only restrict it from a mobile app and desktop client?

Update the policy and specify the below Client Apps condition for that

“Modern authentication clients”

As expected, the user can access through the browser but not the app.

The same experience from within the Android phone.

From browser –

From the Dynamics 365 Mobile App –

Thus we saw how easy it is to get the policy defined and enforced using Azure AD Conditional Access.

Understand the best practices with regards to Conditional Access in Azure Active Directory

https://docs.microsoft.com/en-gb/azure/active-directory/conditional-access/best-practices

Hope it helps..

Advertisements

How to – Setup Entity records routing – Omnichannel for Customer Service

In the previous posts, we learn about provisioning, setting up a live chat, and WhatsApp channel.

Posts on Omnichannel for Customer Service (Dynamics 365)

In this post, we’d see how to set up an Entity records channel.

Through the Entity records channel, we can route cases as well as other entities to the omnichannel agents.

To enable an entity for Routing, enable Queues for that entity.

Leave the “Automatically move records to the owner’s default queue …” checkbox unchecked for automatic distribution of records to work.

We need to make sure Unified Routing is switched on and the record type or entity is enabled for record routing.

Inside the Omnichannel Administration app, navigate to Channels à Entity Records to create a new entity record channel.

A default workstream will be created automatically, we can also select an existing workstream.

Click on the Routing Rules tab to define the routing rule.

Add a new rule item i.e. for case type as a problem, route the record to Complaints Queue.

Activate the routing rule created.

Let us create a new case of type problem and apply routing to it.

We can see the records added to open work items for agents to pick as defined in the CDS entity workstream.

We can also set the Work distribution mode to Push that would send the notifications to the agent

To automatically route the record we can use Power Automate to define a flow that calls the Apply Routing Rule action.

Refer below blogs to learn in-depth about the Omnichannel

https://neilparkhurst.com/2020/05/29/omnichannel-for-customer-service-collection/

https://thecrm.ninja/omnichannel-for-dynamics-365/

along with Microsoft Docs

https://docs.microsoft.com/en-us/dynamics365/omnichannel/omnichannel-customer-service-guide

Hope it helps..

Advertisements

How to – Setup WhatsApp Channel (Preview) in Omnichannel for Customer Service

In the previous post, we provisioned the Omnichannel for Customer Service and had configured the Chat channel.

Posts on Omnichannel for Customer Service (Dynamics 365)

In this post, we’d see how to set up the WhatsApp channel (preview)

Within the Omnichannel Administration app, navigate to Channels à WhatsApp and create a new WhatsApp account record.

Provide the required consent

As a first step, let us set up the Twilio sandbox account to be used for WhatsApp channel configuration.

Create Twilio WhatsApp account

https://www.twilio.com/whatsapp

Navigate to console and copy the value of Account SID and AUTH TOKEN

https://www.twilio.com/console

Specify Account SID and Auth token of the Twilio account created in the new WhatsApp channel record.

Saving the record will generate the Twilio inbound URL, copy that URL.

Navigate to Twilio Console à Programmable SMS à WhatsApp and activate the sandbox.

Follow the instructions to configure the sandbox.

On successful confirmation, select Sandbox in the navigation menu and paste the Twilio Inbound URL generated eariler in the “When a message comes in” text box