Tip #213: Add a subgrid of related security roles to the user or team form

In a comment on Tip 211: When upgrading, don’t forget the team form, Pebo asked “what about the possibility for showing roles in subgrids of teams and user forms?”

This is a great question, and we have an answer.

First, you need to understand security roles in Dynamics CRM. There is not just one record for each role. There is a copy of each security role for each business unit. If you add a subgrid of related security roles to the team or user record, it will not show related security roles on the form. This is because the only view that the subgrid definition allows you to pick is the “All Roles” view.

userroles

The problem is this view filters out the business unit specific roles, so when you view your user or team form, the subgrid is blank, even though the user or team has security roles.

userform

Security Role is also one of the few entities where the views cannot be customized. You cannot create new system views or edit existing views. The subgrid works, but the view filters out the records that we want to show.

Thanks in part to this post, I was able to make the related roles subgrid work correctly.

  1. Insert a subgrid on the user or team form. In this case I called it “User_Roles” and selected to show only related Security Role records, then save and publish the entity.
  2. Go settings–>Customization–>Customize the System. Expand the Security Role entity customization and go to “Views.” Open the definition of the “Role Associated” view. Click “Actions” and “Email a link.”
  3. From the link, we can get what the GUID of the Role Associated View. viewID
  4. Export a solution containing the team and/or user entities, where your subgrid lives. Extract the .zip file and open the customization.xml file in the XML editor of your choice.
  5. Search for your subgrid name. In this case “User_Roles.” Replace the ID in the <ViewId> line with the ID copied in step 3. GUID
  6. Save the xml file, zip it up, import, and publish.

Now when you open your user record, you can see the security roles associated with the user.

roles2

But is it supported?

So the question that you may be asking is, this sounds great, but is it supported? Given that Microsoft does not allow changing of the view associated with the subgrid via the user interface, does that mean that doing so via XML surgery is unsupported?

As illustrated in the blog post linked above, Microsoft has built in capabilities like subgrid deep linking and fetch left outer joins that are not exposed through the user interface. Sometimes they actually recommend it. So editing the XML in itself does not make something dangerous or unsupported, as long as  you know what you are doing. Microsoft has not tested this exact scenario, but it is safe and only will cause a problem if the view referenced by that GUID does not exist.

 

 

 

 

Tip #212: Getting a yes or no answer in LINQ

Say, you need to find out if your organization has any opportunities with the estimated value of more than a million dollars (that’s right, that’s how developers usually roll). No need to retrieve anything, just simple yes or no. There are many ways to accomplish the task, most of them, sadly, are as efficient as shaving yak with a disposable razor.

Chances are some people will write this:

var opportunities = crm.OpportunitySet
    .Where(opp => opp.EstimatedValue >= 1000000m);
if(opportunities.FirstOrDefault() == null) 
{
    // we have a winner
}

or even this

var opportunities = crm.OpportunitySet
    .Where(opp => opp.EstimatedValue >= 1000000m)
    .ToList();                
if(opportunities.Count > 0) 
{
    // we have a winner
}

LINQ parser quite often is smart and forgiving and you may get away with the first one but why take any chances and drag records across the wire? (second snippet is really bad, in case you missed that)

This code will get you home:

if(crm.OpportunitySet
    .Any(opp => opp.EstimatedValue >= 1000000m))
{
    // we have a winner
}

Even without looking at the final results I would bet that the last snippet would use EXISTS clause in T-SQL which is the most efficient way to check for record existence.

Tip #211: When upgrading, don’t forget the team form

When upgrading a deployment of Microsoft Dynamics CRM to version 2013, it is easy to overlook some of the back-end forms. These don’t get the attention of entities like Accounts and Cases, but they are very important to the people who use them.

One of my favorite new forms in 2013 is the Team form.

team form

This form is significantly easier to use than it was in 2011, because it adds a grid of team members to the form. You can easily see who is on the team, and add new members to the team. It also adds the new “Team Type” field, so you can see if the team is an owner team or an access team.

 

Tip #210: See when CRM for Tablets last synced metadata

If you have a user who does not see the latest customization changes in the CRM tablet app, check the last time that the user’s tablet app synced customization changes.

Click the options (…) button in the lower right corner, click “Settings,” then “About.”

about2

The “About” screen gives some useful information, such as the app version and the server CRM build number. It also tells us when the last time the user synced. If the sync date is prior to the last time you published customizations, hard close the app and restart it, downloading customization when prompted.

If the user is not prompted, publish customizations in CRM, then have the user close the app and restart it.

 

 

Tip #209: Who’s your sister?

When it comes to the coding, not always but often, less means better, faster and more manageable code. I’ve recently come across of someone else’s (could it have been me 4 years ago?) piece of work updating bulk email setting for the contact:

Contact contact = 
    context.Retrieve(
        "contact", contactId, 
        new ColumnSet(true))
    .ToEntity<Contact>();
            
contact.DoNotBulkEMail = true;
context.Update(contact);

Sigh. The “all columns” sin aside, the retrieve is absolutely unnecessary. You know what to update, why wouldn’t you just send that information over and let the server do its job?

context.Update(
   new Contact()
   {
      Id = contactId,
      DoNotBulkEMail = true
   });

And no, “new” operator will not create a new contact record. Always remember, brevity is the sister of the talent.

Tip #208: Make Dashboards More Touch Friendly

In Dynamics CRM 2013 when using touch on a PC or a tablet like an iPad, you can view dashboards, but sometimes navigation and scrolling on dashboards via touch can be a bit tricky. When you touch a chart and swipe up and down, the dashboard will scroll as expected. However, if you touch a list and swipe up and down, the dashboard will not scroll. Rather, the list will scroll up and down. if you touch a list that has no data in it and swipe up and down, the page will get pulled up and down, but the dashboard will not scroll.

The following tips will make your dashboard more touch friendly:

  1. Teach your iPad users to use CRM in landscape orientation. When viewed in portrait orientation, you will only see one web part at a time. If you have a list/view on the dashboard, when you reach that component, you will be unable to scroll the dashboard. By viewing the dashboard in landscape orientation, you will see two components at the same time.
  2. Configure the dashboard so only charts appear on the right side, lists and web resources on the left. Since most people scroll webpages with their right hand, this will ensure that users get a consistent navigation experience when accessing CRM from a touch browser.

Tip #207: Remove password expiration for O365/CRM Online

Password expiration in CRM Online is indeed a nuisance and can be changed but the maximum password expiration period configurable using Office 365 administration portal is 2 years.Like a boss meme If you intend to use O365/CRM Online for longer than 2 years, you may want to consider using Powershell tools to do it like a boss.

The following instructions are applicable to Windows 8 x64 machine and are abridged version of managing Azure AD using Windows PowerShell:

  1. Install Microsoft Online Services Sign-In Assistant
  2. Install Azure Active Directory Module for Windows PowerShell (64-bit version)
  3. Start Windows Powershell and run the following script: 
    Connect-MsolService

Set-MsolUser -UserPrincipalName <user ID> `
   -PasswordNeverExpires $true

# The following line will do it for all users.
Get-MSOLUser | Set-MsolUser `
   -PasswordNeverExpires $true

Tip #206: Change the password expiration policy on Office365/CRM Online

Arghhhh – AGAIN?

If your company uses Office365 (Exchange Online), I am sure you’ve had reactions like the one above several times in your life. Every 90 days actually.

90 days is the default Password Expiration Policy for Office365 (shorter than the 42 days of Active Directory) and this affects CRM Online.

I get this question all the time: “Is there any way we can extend the expiration time for CRM Online?

Absolutely!

I’ve been a Certified Ethical Hacker since 2005 (It’s a real thing, look it up :)), and I can tell you that these expiration settings offer very little protection, in my opinion. Most “password attacks” are based on Social Engineering, and most people (including “IT Experts”) rotate the same 2 or 3 passwords every time they are asked to change it. I bet you do too. We all do.

These Password Expiration policies were created based on time estimates of how long it would take for a super computer to decode the hash (unicodePwd in Active Directory) and get everyone’s password. So the idea is that by requiring people to change their password every 6 weeks they won’t get any good passwords if they are able to decrypt the hash. Some companies even apply “password history” policies where you are unable to use any of your last 15 passwords or something along those lines to “increase security”. Most people just end up increasing a number within their password by one and calling it a day.

So, nowadays it seems that more and more organizations are agreeing with my thoughts on this subject and requesting an increase on the expiration policy.

After you make sure that your organization supports the change, follow these steps to increase the expiration policy in Office365:

1. Open the Office365 Admin Portal (https://portal.office.com):

1

2. Navigate to the Active Users Tab, and then click on “Change now” on “Change the password expiration policy for your users”:

2

 

3. Type the number of days before the password should expire. Choose a number of days from 14 to 730. Click Save.

3

 

Your new password expiration policy has been set!

What do you think about this tip?

Do you have any comments on the “Accepted wisdom” of password expiration policies?

Drop us a line here – we would love to hear your feedback!

Tip #205: Other Really Killer New Features Spring ’14

It’s the last day in the series of topic specific video posts for the Spring ’14 Dynamics CRM Online release.

Today we have finish up with a collection of 6 different topics that I have grouped together. When you finish this set in the series give yourself the Spring ’14 Badge of Knowledge.

Misc Items

YouTube player

SharePoint Document Management

YouTube player

Outlook Client

YouTube player

Installation of Product Updates

YouTube player

Social Profiles and Activities

YouTube player

Status Reason Transitions

YouTube player

Tip #204: Service and Cases New Features Spring ’14

It’s day number 4 and hopefully you have an invested one hour each day for the last 3 days getting up to speed on all the great new features in CRM Online.

Today there are few more videos than the other days and they are a bit longer. Why? Because the Service Module got a big bump with this release.

Serving them up to you now!

Case Management

YouTube player

Service Level Agreements

YouTube player

Timer Control

YouTube player

Queue Enhancements and Routing Rules

YouTube player

Automatic Case Creation

YouTube player

Entitlements

YouTube player