Tip #1123: Audit data reads in Dynamics 365

Whether you care about GDPR or not, the changes made to the Dynamics 365 platform to comply with GDPR have a positive impact on all Dynamics 365 users. One of those changes involves auditing.

Traditionally Dynamics 365 auditing has been on the data update level–who changed a record. With the GDPR updates, a wide variety of additional user processes can now be audited, including many administrator functions and data reads.

See the official documentationfor the full list of events, but here are some of my favorite additions:

  • Who published customizations
  • Who was added to a team
  • Who added a solution
  • Who published customizations
  • Who exported to Excel
  • Who viewed a report
  • Who exported a report

This is an exciting addition. Make sure you pay attention to the prerequisites.

  • An Office 365 Enterprise E3 or E5 subscription is required to do Activity Logging.
  • For version 8.x, version or later is required.
  • Available for production and not Sandbox instances.

Tip #1122: Multiple tokens in cache

If you are working with multiple user or app identities (e.g. for testing), and the code uses ADAL, and especially if the application is killed or crashes, you may occasionally get an error:

multiple_matching_tokens_detected: The cache contains multiple tokens satisfying the requirements. Call AcquireToken again providing more requirements (e.g. UserId)

Note that it does not have to be your code, it could be another application that uses Xrm.Tooling (that does use ADAL), for example. I encountered this error while working with Package Deployer where it fails to load the solution and if you click View Log Files (tucked away in the left bottom corner), you’ll find something like this at the bottom of the file:

PackageDeployment Information 8 5/06/2018 1:34:21 AM Status: Importing solutions
PackageDeployment Error 2 5/06/2018 1:34:21 AM Message: Failed to execute DoImportSolutionItem Method
Source : Microsoft.IdentityModel.Clients.ActiveDirectory

followed by the multiple_matching_tokens_detected error described above.

The root cause is somewhat clear: ADAL gets confused after searching token cache and finding multiple tokens for the same authority/resource/clientid combination but for different users. The solution is to reset the token cache for the application that uses it. It is per application and located in the appdata folder for that application. For Package Deployer, for example, token cache is the file Default_PackageDeployer.tokens.dat and located in the C:\Users\<username>\AppData\Roaming\Microsoft\PackageDeployer folder. Delete that file and you are as good as new.

While you’re at it, take a look at Default_PackageDeployer.exe.config file located in the same folder. This is where Package Deployer saves the last connection information, feel free to play with it (at your own risk, that is). The most ubiquitous Plugin Registration tool has its stuff in, you guessed it, C:\Users\<username>\AppData\Roaming\Microsoft\PluginRegistration folder, in case you need it.

Facebook and Twitter cover photo by Tyson Dudley on Unsplash

Tip #1121: What happens if an email is sent to multiple queues?

This tip comes from my colleague Bruce Sithole who did the hard yards to find out the answer to this question. As it turns out, the behavior is a little unpredictable. Firstly, multiple queues can process the email and create a Case. The order of processing appears to be first polled, first served. Also, there is a timing element in that after a period of time (presumably after some kind of flag set on the email, additional queues no longer process the email. So, for example, if an email is sent to the email of four queues, three Cases may be created.

So where does the email get attached to? Well, it gets passed between the Cases, as they are created. In this game of pass the parcel, the last Case created is the one that ends up with the prize when the music stops.

So how do we manage this in the real world when we only want one Case created for one email?

Alas, in this situation we will likely have to rely on code for a bulletproof solution. The best approach we came up with was to manipulate the email record, pre-create via a plugin, so that we could identify the preferred queue, mark as such on the email and then use this as a check on the Case creation. It is a tricky one though so if you know of another way to handle this (other than, you know, having one queue and then distributing once it is in Dynamics) feel free to comment.

Tip #1120: Two Conferences For Customers To Get Involved With

I recently went to Dublin to present at CRMUG Summit EMEA (sometimes called “Summit EMEA”). Here is me and some of my fellow presenters embracing the Irish culture and swapping presentation tips. The CRMUG Summits are great and, for a conference which is about empowering end users, they are excellent value. Many Dynamics conferences are about partners and Microsoft co-mingling but the UG Summits are truly about the users and administrators. The presenters are some of the best Dynamics minds out there and you effectively get training/consulting which you would otherwise pay thousands for, for the price of entry. I literally flew halfway around the world just to attend this conference and sincerely believe it was money well spent albeit my employer’s. I personally learned lots of great information about time-saving tools and best practice tips which I am still testing and working through. For more information on UG’s conferences, go here.

If you are not in the habit of flying half way around the world to attend a conference, the cost of airfare plus conference plus accommodation plus Guinness is a bit expensive, or you simply cannot wait until the next UG conference, there is another option.

Dynamics Saturdays are community run conferences usually held on Fridays and Saturdays around the world. While attendance numbers are limited and they are smaller than their UG equivalents, the conference is completely free. There are swag, snacks and lunches provided just like a real conference, only free. Did I mention it is completely free?

The passion and talent is on par with the UG Summits, in my opinion, and the content may well reflect the issues important to the local region. While they run annually, like the UG Summits, there are a lot more of them. For those of us in APAC, there is no local UG Summit so, this year, it was a choice of Ireland or the USA. However, there were three Dynamics Saturdays running in Australia alone (Sydney, Melbourne and Perth). Some of the Melbourne presenters are in the picture above. For more information go here.

You can also get involved in the action as a presenter. If you are a user with a story to tell or a passion for some aspect of Dynamics, apply to present at either of these conferences. It is great opportunity to flex your presentation muscles as well as raise your profile in the community. The organisers are friendly and willing to assist however they can so whether you want to be a passive attendee or an active presenter I encourage you to get involved in these excellent community events.

Tip #1119: How is From resolved to Dynamics 365 record

Mini Truckstop

Dynamics CRM TipperToday we have a stop with two Vikings (different countries though): Jonas “The Shuffler” Rapp and Marius Agur Hagelund Lind

Jonas – Question

Recently we have found a new (?) problem at a customer, where emails are incorrectly “connected” to the wrong sender.

By what rule/rules does Dynamics 365 chose which record to track as ”From” when an incoming email is automatically tracked, and the sending emailaddress exists on more than one record type in Dynamics 365? E.g. if the same emailaddress exists on a contact and on a systemuser, will the from-field of the incoming, automatically tracked, email be set to the contact or the systemuser?
And why?

Marius – Answer

From my testing with a decently sized bank it looks like it matches the following way:

  1. systemuser
  2. contact, order by created on
  3. account, order by created on
  4. lead, order by created on
  5. queue

Additionally, automatic case creation with “automatically create contacts” option will only check contact, account and leads. If the email is sent from another queue or systemuser then a contact will be created, even if the address exists (might have been fixed in the most recent months)

Tîpp Jäår

Now I know and so do you.

Tip #1117: Category/delegate tracking in Dynamics 365

If you have been a long-time reader of CRM Tip of the Day, you know that we have had a lot to say about delegate tracking, or the lack thereof, in Dynamics 365 with server-side synchronization. That’s why we are very excited about the announcement earlier this month of the new Outlook category based tracking in update With this update, we now have a viable delegate tracking option for emails and appointments, as well as an answer to some long-missing scenarios for activity tracking.

How do I set it up

Read the official documentation. It’s pretty easy:

  1.  Enable the OrgDbOrgSetting TrackCategorizedItems.
  2. Within 15 minutes, all users will see a new category in Outlook, “Tracked to Dynamics 365”
  3. Users set the category on emails or appointments that they wish to track, and these items will be tracked in Dynamics.

Why is this important?

In industries like financial services, professional services, or the higher up the org chart you go in enterprise companies, you will find people whose inbox and calendars are managed by professional assistants. If these people want their activities tracked to Dynamics 365, they have been out of luck without using some complicated workarounds (or sticking with client-side synchronization, which is not optimal, because the delegate activities don’t track if the owner of the calendar isn’t running Outlook and the Outlook client at the time the activity is tracked and because client-side synchronization is gone in version 9 of Dynamics 365).

A secondary reason that this matters is because the tracking story has been very limited outside of the world of Outlook. Sure, that world has grown exponentially bigger with the introduction of the Outlook App for OWA and Outlook mobile, but if you use a different email client than Outlook, the only option to track emails is folder based tracking (and no option for appointments). With category tracking, users of other email applications can track emails and appointments, as long as their app supports exchange categories (sorry IOS Mail).

A surprise benefit of this change is now tracked items (regardless of how they were tracked) will now have the category set to “Tracked To Dynamics 365” if this option is enabled. This will make it easy to visually identify the tracked items.


  • 8.2 only. V9 update to enable category based tracking is in the works.
  • Category based tracking does not “set regarding” item on the activity. Activities will be linked to the recipient/activity parties linked to the activities, but if you want to set regarding a specific record, the recommendation is to use another tracking mechanism, like the Outlook app or folder-based tracking.
  • The public release is for D365 Online. If you are on D365 8.X on premises and need this update, open a support ticket with Microsoft.

Tip #1116: Microsoft Dynamics 365 Documents are Open Source

This tip is from Aron Fischman from xRM Edge.  (You can be a tipster too, just send your revelation to jar@crmtipoftheday.com)

This topic may be old news for you but I just found out about it.

Today as I was researching a development topic I was pleasantly surprised to find out that Microsoft has open-sourced the Dynamics 365 documentation. After reviewing an article, out of curiosity I clicked its “Edit” icon:

Edit icon in Microsoft docs

To my surprise it opened the article’s GitHub Markdown editing page:Microsoft docs are using Markdown

I was impressed to see that Microsoft is a) hosting its documentation on GitHub, b) writing it in Markdown, and c) allowing anyone to submit changes. This article explains more.

Tîpp Jäår $0.02

What are you waiting for? If you ever held a grudge that the documentation “is not what it should be”, here’s your chance! Head off to Dynamics 365 CE Microsoft Docs on Github, fork, write, then pull!

Facebook and Twitter cover photo by Álvaro Serrano on Unsplash

Tip #1115: Bulk edit workflow emails

Today’s tip comes from Nicholas Hayduk. (You can be a tipster too, just send your revelation to jar@crmtipoftheday.com.)

We recently had a customer who added an SSL certificate to their Adxstudio v7 Portal and now wanted to use the HTTPS version as their main URL. Since their site was hosted in an Azure Web App, we were able to easily add a rewrite rule to force all traffic to HTTPS (https://blogs.msdn.microsoft.com/benjaminperkins/2014/01/07/https-only-on-windows-azure-web-sites/). However, the redirect adds unnecessary overhead, so we wanted to update any links we had to the site to use HTTPS so the overhead could be avoided. One place where links needed to be updated was in their workflows; they had dozens of emails being created in workflows with links back to their websites. Anyone with experience using the email editor in Dynamics 365 knows it can be a bit finicky; we really didn’t want to have to go into all of these emails and change the links. Making matters worse, these emails were html-formatted emails (created by copying HTML into the editor), with many of link URLs not being directly editable, so we would’ve had to start from scratch, including re-adding all of the dynamics fields to the body of the emails. This would’ve taken hours/days with a high likelihood of errors.

Thankfully there was a better way. We exported the solution, unzipped it, and used a find-and-replace tool (http://findandreplace.io/) to quickly and easily change all of the links in workflow emails (each workflow is stored in its own file in the solution, so we wanted a tool that could find and replace across multiple files). We then zipped the solution back up, re-imported, and all was well.

In doing our research to see if this was possible, we did find some horror stories about editing the workflow definition manually causing workflows to no longer be editable in the CRM. This didn’t happen to us; I suspect this isn’t an issue when you are just changing the text in the email body.

Tîpp Jäår $0.02

It’s no longer necessary to edit web.config to force https on your Azure Web App. SSL Settings for the web app now contain a simple HTTPS Only switch. As far as the workflow editing is concerned, the usual Tîpp Jäår’s disclaimer applies: not [currently] supported, use at your own risk, contains small children between the flags, not to be consumed with alcohol while driving.

Facebook and Twitter cover photo by Lastly Creative on Unsplash

Tip #1114: Check scalability of your canvas PowerApp

PowerApps are very expressive when it comes to data filtering, sorting, and other data manipulations. To maximize the application performance, PowerApps have a concept of delegation where PowerApps will delegate the processing of data to the backend instead of pumping data to the app for local processing.

For your application to scale it’s important to use delegable queries so that the backend does most of the heavy lifting. To quickly check if you’re using non-delegable queries anywhere click on File > App Settings > Experimental Features and then set the data row limit to 1:

Non-delegable query limit

From that moment, all your delegable queries will continue to run normally while non-delegable ones will return precisely one row. So when you see a single row in the results where more is expected, you know that you have something to work on!

Facebook and Twitter cover photo by William Bayreuther on Unsplash

EDIT: The above is valid for canvas apps, of course. But I can be forgiven – it’s difficult to keep referring to our beloved Dynamics CRM / 365 as a simple model-driven PowerApp(s).