How to – Create Administrative User Account for managing user / security roles, in Dynamics 365 / CRM


We recently wanted to create user accounts in CRM for managing users and their roles inside CRM, without accessing any of the data or functionality.

Below are the steps we can follow to achieve the same –

Login to Microsoft 365 Admin Center

https://admin.microsoft.com/#/homepage

Add a user

Temporarily assign the license to the user

In optional settings, specify either Global Admin or Dynamics 365 Administrator / Power Platform admin role.

And create the user.

Next,

Login to Power Platform Admin Center

https://admin.powerplatform.microsoft.com/

and navigate to [Environment] >> Settings >> Users

If the users is not yet synced try- https://nishantrana.me/2021/12/14/the-trick-to-force-trigger-user-sync-power-platform-dynamics-365/

Select the User and click on Client Access License (CAL) Information

Change it to Administrative and save the change.

Now back in Microsoft 365 Admin Center we can remove the license and the roles from the user’s account.

Back inside CRM the user will only have access to the Dynamics 365 – Custom app.

Inside app he gets the message No Read Privilege for data.

User will have access to following area within Settings

Inside Settings >> Security

The administrative user can see the users –

Basically when a Global or Power Platform admins having license are synced to the environment, they get the access mode of Read-Write and also System Administrator security role is assigned to them.

That is the reason why we need to change the access mode to Administrative after sync.

If they do not have license assigned, there access mode is still “Read-Write” after sync but no security roles assigned. Also the unlicensed Global and Power Platform admin will have access to the administrative areas.

Also we could create a new custom security role having access to “Security Role” table instead of assigning System Administrator or copy of system admin role.

https://docs.microsoft.com/en-us/power-platform/admin/prevent-elevation-security-role-privilege#assign-the-new-security-role-to-an-administrative-user

Get all the details here –

https://docs.microsoft.com/en-us/power-platform/admin/global-service-administrators-can-administer-without-license

Hope it helps..

Advertisements

How are tasks, letters, fax, phone call synchronized between Dynamics 365 and Outlook


In the previous post, we saw how Appointment Synchronization works, for other activity entities the  is more or less similar.

How to – Synchronize Appointments between Dynamics 365 and Outlook using Server-Side Synchronization

Below is the list of activity entities that are synced by default (we cannot configure custom entities for sync)

Let us start by creating a sample record for fax, letter, phone call, and task in Dynamics 365.

After some time we can see all of these activities synced to Outlook as Tasks.

Let us mark the task record as complete in Dynamics 365.

Similarly, let us mark the phone call as completed in Outlook.

After a few mins, we can see the task marked as completed in Dynamics 365 marked completed in outlook after the sync.

And phone call marked as completed in outlook, marked completed in Dynamics 365 and moved to closed activities view in Dynamics 365.

Now let us delete the Letter record from Dynamics 365.

And delete the Fax record from outlook.

After successful sync, we can see the corresponding records deleted from both Outlook and Dynamics 365.

Also if we create a task with due date more than a day, a reminder is also set in Outlook, when synced.

tasks

In Outlook after sync- 

reminder

Get all the details here –

https://docs.microsoft.com/en-us/power-platform/admin/sync-logic#syncing-tasks

Hope it helps..

Advertisements

Route Case (routecase) attribute and msdyn_ApplyRoutingRuleEntityRecord Action in Dynamics 365 Customer Service


The case entity/table in Dynamics 365 CE has a Boolean type field named Route Case.

It has a default value as Yes.

On manually creating the record from the user interface, although Route Case shows the default value as Yes

On saving the record, the value changes to No, the field is also locked.

So basically no routing rules are applied when a case record is created from the user interface.

To apply routing rules, we need to use the “Save and Route” option

Or “Apply Routing Rule” command from the Grid

This also however will not update or set the Route Case field to Yes on the case record.

Now if we create the case record programmatically, the field would be set and saved with its default values as Yes.

The same goes for cases created from Flow.

Route Case is set to Yes.

So basically routing rules will be triggered on the records created from outside the User Interface as Route Case will be set Yes for those records.

Now if we want to run the routing rules against the case record created from the user interface, we can make use of the following action –

msdyn_ApplyRoutingRuleEntityRecord

Within Flow –

Within Plugin or any custom code–

msdyn_ApplyRoutingRuleEntityRecord can be used for other entities apart from the case.

In the case of Case entity, we can also make use ApplyRoutingRule action also.


Hope it helps..

 

Advertisements

Unexpected error (SQL Timeout error) while trying to delete Audit Log


Unexpected error (SQL Timeout error) while trying to delete Audit Log

We had around 200 GB of Audit Log data in our Production Environment (Online), but while trying to delete it through Audit Log Management resulted into unexpected error.

The only option is to raise the support ticket with Microsoft. We also raised the same but it unfortunately resulted in our Production Server being down for brief period of time because of time out issue while performing the operation in Audit Base.

So, in short if we are facing issue while deleting log ourselves, we need to raise the support ticket and also the plan the same during downtime or weekends when users are not using the system.

Hope it helps..

Microsoft.Crm.CrmException: GetAssemblyMetadata: expected mdtAssemblyRef or mdtAssembly while registering plugin assembly in Dynamics 365


While registering a plugin assembly through plugin registration tool we got the below error

The reason being we were using MSBuild.ILMerge.Task Nuget package and there were few assemblies being referenced in the plugin project that had copy local set as true.

https://nishantrana.me/2017/05/17/using-ilmerge-for-plugin-in-crm/

So eventually the single plugin assembly that was getting build had these assemblies also being merged in it, which led to the above error.

Setting Copy Local as False for those assemblies fixed the issue.

Hope it helps.

Configure Session Timeout and Inactivity Timeout – Dynamics 365


In Dynamics 365, we can now define Session timeout and Inactivity timeout.

We need to go Settings à Administration à System Settings à General Tab

By default, the session timeout is set to 24 hours along with 20 minutes for warning the user.

We can set our custom values there.

Enter maximum session length 60 – 1440 minutes. ( 1 to 24 hour)
How long before the session expires do you want to show a timeout warning? 20 – 1440 minutes. Must be less than maximum session length.

We can also set the timeout based on inactivity. By default, this setting is not enabled. Below are the values that we can set for inactivity timeout.

Enable session timeout due to inactivity 5 – 1440 minutes. (5 minutes to 24 hours) – Must be less than the maximum session length.
How long before the session expires do you want to show an inactivity warning? Less than Session timeout due to inactivity

Session Timeout warning à

Session expired à

Inactivity warning à

Inactivity Session expiration à

More details.

https://docs.microsoft.com/en-in/dynamics365/customer-engagement/admin/user-session-management

Hope it helps..

%d bloggers like this: