Tip #1112: Impersonate Azure AD users

Developers are familiar with the concept of impersonating Dynamics 365 users. It’s easy – all you need to do is to add MSCRMCallerID header to your Web API request, and you’re done (assuming that you have prvActOnBehalfOfAnotherUser privilege).

One of the typical scenarios where you’d want to use the impersonation when you have a web site that connects to your Dynamics 365 instance using either non-interactive user or, better, S2S authentication and then you need to impersonate a currently logged on Azure AD user. The typical flow is: look for a UPN claim, then use that value to find the user in systemuser entity filtered by domainname attribute.

The problem is that UPN claim does not seem to be available when you’re using B2B guest users. In both scenarios a different oid claim is available that returns Azure AD object ID. That value can be used to query systemuser entity using azureactivedirectoryobjectid attribute. Then it’s business as usual, plonk systemuserid value into MSCRMCallerID header and you’re done.


The following approach is undocumented (hopefully not for long!). The usual Tîpp Jäår’s disclaimer applies: not [currently] supported, use at your own risk, contains small children between the flags, not to be consumed with alcohol while driving.

Instead of using Azure AD object ID to lookup the user, pass that id as MSCRMCallerObjectID header.

POST [Organization URI]/api/data/v9.0/accounts HTTP/1.1
MSCRMCallerObjectID: 00000000-0000-0000-000000000002
Accept: application/json
Content-Type: application/json; charset=utf-8
OData-MaxVersion: 4.0
OData-Version: 4.0

Saves you the need to lookup systemuser and splitting the logic depending on the user type.

Facebook and twitter cover photo by Greg Ortega on Unsplash.

Tip #1111: Fake mobile devices

When Scott “Mr Ribbon Workbench” Durow was delivering his “Typescript or Die” presentation at CRMUG EMEA last month, he stunned the audience by showing his phone right on the screen without any pairing.

He tricked everyone, of course; I don’t believe he even has an iPhone. Turns out, Google Chrome has a not-so-obvious menu when you render things for a predefined form factor.

  • Open a site in Chrome
  • Press Ctrl-Shift-I to get developer tools (or F12)
  • Press Ctrl-Shift-M to get a mobile toolbar. You should see something like this:
    Site in iPhone in Google
  • Click on triple-dot menu (have no idea how is it called but it’s not a waffle or burger. Waffger? Burfle?), then click on Show Device Frame
    Show device frame
  • You now have an iPhone!
    iPhone frame in Chrome

I was hoping for custom frames for all the devices but seems that this art form is reserved for the fruity family.

Tip #1110: Don’t let your workflow emails go to waste

What is your first reaction when you receive email like this one

Let’s see. Comes from someone with the name “Workflow”, has attachment and no body text, and refers to financial matters (payment advice/invoice/quote). Delete? Delete!

Out of curiosity I did peek into the email just to see what kind of nasty attachment they sent this time and turns out, it was a legitimate notification from the customer’s accounts payable.

Sending emails is one of the most common uses of the workflow engine in Dynamics 365. But if you are not careful you’ll end up sending something that most likely will end up in a junk, either automatically or as deleted by the recipient.

What can you do?

  • Disclose the sender. Either give the sender a meaningful name, e.g. Contoso Accounts Payable, or don’t give any name at all leaving a raw email address, e.g. accounts-payable@contoso.com. Latter is not impossible to do out of the box in Dynamics 365 but could be challenging.
  • Have the body. Make sure your email contains body text. Heck, anything is better than none at all. But your chances of getting in front of the user’s eyes are much improved the more eloquent and relevant you are.
  • Stay on topic. It might be tempting to shove your monthly special offer into the payment advice email, that’s a sure fire way to end up in a rubbish bin.
  • Be personal. Dynamics 365 workflow makes it very easy to insert some information that makes the email unique, personal, and relevant. How about starting with “Dear Joe Bloggs”?
  • Don’t make me to open the attachment. Include enough information in the email so that the recipient does not even need to open the attachments to figure out what this email is about. “The payment of $42 for your invoice XYZ has been made into the nominated bank account on 26-Apr-2018”. Something like this is easy enough to build in Dynamics 365 workflow and it would do nicely.

I’m sure there are other tips to ensure that your email is delivered and read but even following the simple points above will get the job done more often than not.

Facebook and twitter cover photo by NeONBRAND on Unsplash

Tip #1109: Add variables to your workflow (when Actions don’t work)

Back in Tip #736: Add variables to your workflows, George ‘bringing discipline to the rest of us’ Doubinski suggested the excellent Tip of using an Action to simulate a variable in Workflows. I went to use this Tip this week for a lookup and, to my chagrin, found there is an exception to the Tip. Namely, if the output argument is a Lookup (or Option Set), the Action will NOT be available to the Workflow. It simply does not appear in the list. If you have a friendly developer nearby they can create a ‘wrapper’ with a custom Workflow activity but, as my colleague Lachlan ‘Cabin Boy’ Wright pointed out there is a simpler, codeless way. Sometimes the obvious answers come to us through the eyes of the innocent.

While it is possible to define an Input or Output argument as an EntityReference or Entity (think pointer or memory reference if you come from a C background, or GUID vs record, although for the simple purposes of configured Actions I am yet to find a practical difference between the two argument types), this renders the Action useless for the reason mentioned above. The alternative is to use the Workflow’s record, that is, the record the Workflow is running in the context of. So, if you need a lookup ‘variable’, create a lookup in the entity and store the value there. Workflows can be a bit tricky in terms of running their steps in order so be careful but it is a simple workaround to an annoying problem.

Tip #1108: Good news for Australian and New Zealand partners

I am not even going to pretend that I can match the eloquence level of some Microsoft announcements so I’m going to copy this one verbatim. In short, if you are a Microsoft Partner with expertise in Azure and/or Dynamics 365, and you deal with the government(s), read and take action.

We are excited to announce that our new Azure regions in Canberra are now available. These new regions are designed to serve the needs of Australian and New Zealand Government, critical national infrastructure commercial organisations and their trusted suppliers. We have entered into a strategic partnership with Canberra Data Centres to deliver these new regions, unlocking the potential for digital transformation and innovation.

Additionally, the Australian Signals Directorate has upgraded the certification of 25 Azure and 10 Office 365 services to Protected status, making us the first global cloud provider to achieve this certification level in Australia. Our new regions also offer 100% ANZ supply chain assurance, high availability and disaster resilience, and the specialised connectivity and colocation characteristics necessary to support the mission-critical data requirements of our customers.

We operate a process for whitelisting Azure subscriptions to deploy into the new Australia Central Regions. This is a two-step process to firstly authorise eligible Australian and New Zealand organisations, and secondly to enable these organisations to provide Azure Subscription IDs for whitelisting.

Alongside this and aligned to our launch, we are pleased to announce our Azure Skills Training Program designed to help build the fundamental skills needed to enable cloud adoption. Through July, we will offer a series of highly subsidised, in person and instructor led training courses in all capital cities across Australia.

If you are interested in finding out more, here are some next steps:

  • Register for one of the courses available in the Azure Skills Training Program
  • Download the Modernising Mission-Critical Applications whitepaper
  • Check whether your organisation is eligible and request to be whitelisted for access to the Australia Central Regions here

Visit Azure.com/Australia to find out more about these new Regions, to check your eligibility, view our launch partners, and learn how to get started.

Tip #1107: Do not extend system users

Dynamics 365 Online is a great platform for extending almost anything including system entities like systemuser. While it’s easy to customize this entity to add some simple additional information about the user, e.g. charge-out rate, induction training completion date, latest lasertag achievement, etc, it may be not a good idea, after all.

The problem is that systemuser entries and, specifically, their status, are controlled outside of Dynamics 365, by Azure Active Directory. During the routine updates it may cause some drama if, for example, a Space Invaders score needs to be corrected for someone who no longer has Dynamics 365 license and is therefore disabled. Data migration between the systems would be even more challenging with the only solution being to temporarily grant licenses, wait a bit for them to take effect, update what’s needed and then remove the licenses. Possible to automate but rather tedious and may require some extra licenses.

Instead, keep additional information about the users in a separate entity with 1:1 relationship to systemuser. Updates to inactive records? Easy done. Migration of the data for 700 disabled users? No problem. And if you ever wanted to keep some of the private information like their hobby or last year bonus, you can apply some Dynamics 365 security juice.

Tip #1106: Developer Masterclass

Calling for Dynamics 365 developers around the world but mostly in Europe! CRM Tip of the Day is proud to present an inaugural Business Application Developer Masterclass. Even though the acronym spells “BAD”, it’s going to be good!

Without further ado…

Dynamics 365 Business Application Developer (BAD) Masterclass

The new, Spring 2018 Dynamics 365 release is here with the new features, new developments, and new challenges. This is your first chance to get your hands on the new technologies and learn the new stuff before anyone else. Hear the news from Microsoft Build 2018 and what does it mean for Business Application Developers.

A rare opportunity to attend personal in-class training by yours truly, George Doubinski, founder of CRM Tip of the Day and CRM.Audio with the guest appearances by Scott Durow, author of Ribbon Workbench and SparkleXrm, and David Yack, Microsoft Regional Director and author of https://xrm.tools.

Who shall attend: For all you experienced Dynamics 365/CRM developers who want to take your skills to the next level.

There is a limited number of seats available so pick your favorite city and register today!

Would you like to convince yourself or your boss? How about 20% discount if you register by the International Labor Day, 1st of May?

  • 21-22 May Madrid
  • 24-25 May Milan
  • 28-29 May Amsterdam
  • 31 May-1 June London


Day 1

  • Introducing Masterclass and CRM Tip of the Day BAD Challenge
  • What’s new and what’s old for the Developer
  • Advanced Data Modelling
  • Group – Data Modelling Challenge
  • Form Scripting Updates + TypeScript
  • Work time – TypeScript
  • Virtual Entities
  • Work time – Virtual Entity Custom Provider
  • PowerApps: Canvas vs Model. Performance. Building custom data providers.
  • Group work time

Day 2

  • Themes from Microsoft Build 2018 and what does it mean for Business Application Developer
  • CRM Tip of the Day – The Best Of
  • Authentication Essentials + Work time
  • Azure Building Blocks Overview
  • Azure Functions + Group work time
  • Logic Apps + Group work time
  • Cognitive Services + Group work time
  • Developer Challenge Wrap up

Note: Agenda is subject to change

Tip #1105: Replacing the standard country text field

Country fields in D365 are text fields. The reason they are text fields is that that’s how it works in Outlook, and since addresses for contacts in OUtlook synchronize with D365, they are text fields in D365.

Many companies that use CRM have replaced the country and state fields with option sets or lookup fields; however, there are some considerations:

  1. Outlook synchronization: keep in mind that contacts tracked in Outlook will create contacts in D365, and contacts updated in D365 will synchronize to Outlook, if you remove the text field and replace it with an option set, contacts synchronizing with Outlook won’t show the country, and contacts tracked in Outlook will update the text field, resulting in a country not being displayed on the contact form in D365.
  2. More addresses: Addresses in D365 don’t actually live on the account or contact. They live in the customer address entity, which is called “more addresses” in the record navigation bar. Just because you add a custom country option field to the contact form won’t make the same option set field be populated in the customer address record.

Probably the easiest solution is to add the country option set and have a process update the standard text field with the value selected. This gives you a standard list but ensures that the standard country field is populated so it is populated in the address table as well as the contacts synchronized to Outlook. This doesn’t give a complete answer for contacts tracked from Outlook—the country option set would still be blank for these contacts, but you could create a cleanup batch job that updates these contacts that don’t have a country selected in the country option set.

Tip #1104: If without if

(The chart fortnight by Ulrik “CRM Chart Guy” Carlsson is over but I’m sure he’ll be back! – t.j.)

Sometimes we need to set the value for a field but only if it does not exist, e.g. user did not bother entering it. Like topic for a lead. I’ve seen the implementations where business asked to make it optional and set default to the lead name.

The first instinct is to do something conditional like:

if lead topic does not have value then
   update lead with a made up topic

Update lead conditional
Stacked approach works quite well in this scenario as “if without if”, i.e. update topic to itself otherwise use made up default:
Update lead implicit
The update is now can be bundled with some other manipulations, saving an extra update call but one thing to be aware of that it is unconditional and will trigger both workflows and plugins if any are registered on update of the field (topic in our sample).

Tip #1103: Chart styling cheat sheet

This post concludes chart week fortnight on CRM Tip of the Day. Thanks to Ulrik for these great tips.

It isn’t always obvious where to go in the chart XML to make changes to certain areas. We’ve created this handy cheat sheet so you can see where to go to change what in the chart.


Besides the chart type for the series, you can set

  • Color of the series
  • Custom text for the legend
  • Visibility in legend
  • Label and formatting of each data point
  • Borders on the bars/columns

Series CustomProperties

Special properties specific to the chart type chose for the series.

  • Label positioning (i.e inside/outside/left/right/etc.)
  • Width of bars/columns
  • Drawing styles (make bars look like wedges or cylinders)
  • For pie/donuts and funnel charts there numerous custom properties


Background colors and borders


The axis has the most properties. Here are some of the most commonly used.

  • Custom Axis Title, font size and alignment
  • Max and Min values for the axis
  • Line of axis width, color, and style
  • Interval between values on axis
  • Crossing if you need a break different than zero (useful for survey results)

Axis LabelStyle

Value formatting for the axis


Notes and comments to place on the chart in a specific place.