Tip #1207: Check applied entity permissions in portals

Liquid is a great templating language adding flexibility to your Dynamics 365 Portal templates. However, as any abstraction, it hides some of the things happening under the hood, including some security filtering. Consider this fragment running on authenticated page: And… the count is 2 while expected to be the total number of contacts in this […]

Tip #1156: Locked fields out of the box

Locked latch

Long time ago Stefan Strube sent me this tip, I filed it away and forgot all about it (sorry, Stefan!). Until last week, that is, when I started new deployment and customer had specific need for couple rollups on account entity. Good news was that those rollups are out of the box: opendeals and openrevenue, […]

Tip #1147: Revisiting Queues and Teams

Almost two years ago I wrote on the merits of using Teams vs Queues for managing Cases. While I stand behind what I wrote (Teams are simpler but Queues are more powerful) another element raised its head recently which is worthy of consideration if you are going down the path of setting up Case management. […]

Tip #1089: User Delete Privileges Stretch Further Than You Think

This one was discovered by my KPMG partners in crime Fiona Whiteing and Jijeesh Kunhiraman on a recent project. As you may know, for a record such as a Contact, if I own the record, I can see the child Activities whether my security role gives me permission or not. I do not know if […]

Tip #1086: Bring back content access levels

Protected area

Dynamics 365 Portals have a very convenient way to control access to knowledgebase articles – content access levels. Link contact, account, or web role to a content access level (e.g. Gold Partners), then simply associate that access level with a knowledgebase article and boom – that article is only available to the users associated with […]

Tip #1083: Don’t expire your passwords

Password

Mini Truckstop Jonas “The Shuffler” Rapp fed us a perfect question for a security slam dunk. Really? (Jonas’s words, not mine) Yes, really. We’ve already mentioned the brilliant password guidance in our tip 1031. Since some folks seem to have missed the memo, here’s the quote from the guidance (highlights are mine – g.d.). Most […]