Fixed – You do not have prvReadmsdyn_personasecurityrolemapping permission to access Persona Security Role Mapping records. Contact your Microsoft Dynamics 365 administrator for help


Recently one of the users, while accessing a few of the System User’s views, was getting the below error.

You do not have prvReadmsdyn_personasecurityrolemapping permission to access Persona Security Role Mapping records. Contact your Microsoft Dynamics 365 administrator for help.

There were a few System users’ views that were working fine.

The user had the Security Role = System Administrator, however, the Access Mode was set to Administrative.

Changing the Access Mode to Read-Write fixed the issue.

Hope it helps..

Advertisements

Security Enhancements – 24 hours maximum user session timeout in Dynamics 365 / CRM


With recent security enhancements in Customer engagement apps, the maximum user session timeout of 24 hours is removed.

https://docs.microsoft.com/en-us/power-platform/admin/user-session-management#user-session-timeout-management

Now it uses the Azure AD Session Policy to manage user session timeout, which by default has Azure AD refresh token expiration set as 90 days.

https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-configurable-token-lifetimes#refresh-and-session-token-lifetime-policy-properties

Refresh toke lifetime and expirationhttps://docs.microsoft.com/en-us/azure/active-directory/develop/refresh-tokens#refresh-token-lifetime

Use Configuring sign-in frequency in Conditional Access to define the periods before a user is required to sign-in again – https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-session-lifetime

Earlier the default session timeout used to be 24 hours with 20 minutes for warning the user – https://nishantrana.me/2017/11/17/configure-session-timeout-and-inactivity-timeout-dynamics-365/

However, we can still override the default Azure AD Session policy, by setting the session timeout and/or inactivity timeout for the individual environment.

To set the same navigate to –

Environments > [Environment] > Settings > Privacy + Security in Power Platform Admin Center.

Specify appropriate values and save the changes.

Get all the details here –

https://docs.microsoft.com/en-us/power-platform/admin/user-session-management#configure-session-timeout

Hope it helps..

 

Advertisements

Sample Code to Test and Enable Mailbox programmatically C# (Dynamics 365/CRM)


Suppose we want to Test & Enable Mailbox of the below user programmatically.

We can see the below notification for the disabled mailbox.

This mailbox is disabled for email processing. For more information, see the alerts.

Below is the sample code –

On running the code, we can see the notification removed and the mailbox for the user enabled successfully.

C# Code –

      CrmServiceClient svc = new CrmServiceClient(ConnectionString);

            if (svc.IsReady)
            {
                var mailBox = new Entity("mailbox", new Guid("C88A539A-F493-EC11-B400-000D3A4F37D3"));

                // testemailconfigurationscheduled = Indicates if the email configuration test has been scheduled for a mailbox record
                mailBox.Attributes["testemailconfigurationscheduled"] = true;

                svc.Update(mailBox);

Hope it helps..

Advertisements

Sample Code to Approve Email – Mailbox programmatically C# (Dynamics 365/CRM)


Suppose we want to Approve the Email for the mailbox of the user(s) programmatically.

We’d see the below notification for the user whose mailbox is not yet approved.

Email won’t be processed for this mailbox until the email address of the mailbox is approved by an Office 365 Global Administrator or by an Exchange Administrator. For more information, contact your system administrator.

Below is the sample code –

On running the code, we can see the notification for the email address approval removed or the mailbox approved for the user.

C# Code –

            CrmServiceClient svc = new CrmServiceClient(ConnectionString);

            if (svc.IsReady)
            {

                var systemUser = new Entity("systemuser", new Guid("C48A539A-F493-EC11-B400-000D3A4F37D3"));

                // emailrouteraccessapproval - status of the primary email address
                //0	= Empty, 1 = Approved, 2 = Pending Approval, 3 = Rejected
                systemUser.Attributes["emailrouteraccessapproval"] = new OptionSetValue(1);

                svc.Update(systemUser)

The code should run under the context of the user who has either Global Admin or Exchange Admin role.

Hope it helps..

Advertisements

How to – Stop synchronization of Task / Appointment between Dynamics 365 and Outlook


In the earlier posts we saw how synchronization works for different activities type and how to work with user as well as system filters.

In this post, we will how to use the wonderful Sync Filter Manager (XrmToolBox Plugin) for managing the outlook filters.

Suppose we don’t want Tasks to be synced for some of the users.

Here we already have a custom user filter (Task- Created on is null) defined for one of the users, specifying the condition which will always be false.

We have also disabled the default filter on tasks – My Tasks for that user.

For that particular user, now we do not see any tasks getting synced.

Now to apply the same setting to the others users, we can use the wonderful Sync Filter Manager – XrmToolBox plugin.

To know more about the tool –

http://mscrmtools.blogspot.com/2013/12/introducing-new-tool-sync-filter-manager.html

https://www.slideshare.net/jukkan/control-outlook-synchronization-settings-for-dynamics-crm-users

Navigate to the Users tab, search for the user whose setting we want to apply to other users, and select it.

Here we have selected the source user record

Click on Apply selected user synchronization filer to user(s) button.

For Question Dialog Box – “Are you sure want to apply the selected user synchronization filters to other users ?” – select Yes

For now, we have selected only User 2. We can select multiple users or select / unselect all the users.

It will remove the default / or existing filters from users. User 2 in our case.

And will add the filters from the selected user to it.

After some time, we can see the filters updated for User 2, with the Task – Created on is null filter added.

We can also verify it from the User Synchronization Filters tab, where we can load the synchronization filters for all the users.

As a last step we just need to deactivate/delete the default My Tasks filter for User 2 also(or all the other users for who we want to disable task sync) and we are done.

Hope it helps..

Advertisements

Business Process Flow UI Improvement in Dynamics 365 / CRM


With 2022 Release Wave 1, we have a small enhancement in the user interface inside the BPF path line’s color contrast.

With 2022 Release Wave 1 turned off

With 2022 Release Wave 1 – the path that needs to be followed is shown now in a slightly darker shade,

making it easy for an agent to understand the stages to be followed in the business process flow.

Hope it helps..

Advertisements
%d bloggers like this: