Tip #849: Adding Security Roles to Dynamics 365 Apps

One of the great new features of Dynamics 365 is the new App Designer. (For a video review of the App Designer, take a look at Tip #799). The App Designer allows the customization of Dynamics 365 to create targeted experiences for user navigation based on job function or system areas of importance. For example, a “Sales” app can be created which excludes standard areas not needed by a salesperson in their day, such as Service or Settings.

Once the app is created in Dynamics 365, you can choose to enable the app for specified security roles.

This security role application for the customized app experience will also extend to the tablet app as well for a streamlined tablet experience!

Tip #848: Outlook App experience in Outlook 2013 vs Outlook 2016

When using the new Outlook app for Dynamics 365, be aware that the user experience in Outlook is different between Outlook 2013 and Outlook 2016.

In Outlook 2016, users will see a Dynamics 365 button on the menu of Outlook. After pushing the button from an email message, the app pane will open and launch within 2-3 seconds, from which users can track and set regarding on the message.

In Outlook 2013, there is no Dynamics 365 button. Instead users must click the “Apps for Outlook” button, select the Dynamics 365 app, and then the app will launch.

This is something to keep in mind as you roll out the app, as your training documentation steps will need to be different if you have users on both 2013 and 2016, and may be a good reason to upgrade your 2013 users to 2016 to provide a less “clicky” experience.

Thanks to Scott Jung for this tip.

Tip #847: Web chat is now available

Technically, it is called “Live Assist for Dynamics 365 Powered by CaféX” (hands up who prefers “Web Chat”) and is now available on AppSource.

Full details of the announcement are available. As per AppSource guidelines, there is a free trial and a video walkthrough.

This app will allow you to embed web chat operator panel within web client and Unified Service Desk. As for the client side, during the configuration process you’ll be given a script to paste into your web site (which does not have to be portal, in case anyone is wondering) and the chat widget will magically appear.

Tip #846: Duplicate security roles in Dynamics 365

In Dynamics 365 Customer Engagement(8.2), if you change a Business Unit’s parent BU, custom security roles in the Business Unit may be duplicated.

If you then change the parent BU a second time, a third copy of the roles will be created. This is a known issue. If it happens to you, open a ticket with Microsoft support, or alternatively, recreate your custom security roles.

Thanks to Eric Labashosky for bringing this to our attention.

Tip #845: Store Dynamics 365 file attachments in Azure Blob storage

Update 9/5/2017–This solution is not supported and does not provide migration of existing attachments. See Tip 971 for additional recommendations on moving CRM attachments to Azure.

Apparently our friends at Microsoft Research have heard Neil Benson’s eloquent explanation of storage costs in Tip #553, as they have released a solution called Attachment Management in AppSource. This solution moves note and email attachments to Azure blob storage, where storage costs are cheaper than Dynamics 365 storage.

The solution includes a plugin called AzureAttachments which handles creation of the attachment in Azure when a note or email attachment is added to Dynamics 365, deletion of the file in Dynamics after the file has been created in Azure blob storage, deletion of the attachment from Azure blob storage if the corresponding note or activity are deleted from Dynamics 365, and retrieval of the attachments when the attachment is requested in Dynamics 365.

Deploying the solution requires an Azure storage account and registration of plugin steps, so be sure that you have the necessary licenses and access to the plugin registration tool.

So now that this solution is available, is there still a place for third party attachment extractor tools? The answer is yes–if you want to store attachments someplace else than Azure Blob storage (such as SharePoint), or if you have many existing attachments that you wish to move to a different location (not just new attachments going forward). Also, keep in mind that this is the first release of this solution, so there may be some rough edges.

But it is great to have a standard Microsoft option that leverages Azure Blob storage, and the solution has some nice functionality, such as an optional web resource to allow users to upload multiple attachments simultaneously.

For more information, see the Attachment Management user guide.

Tip #844: Administer Dynamics 365 Online Without Being a Global Admin

Back in Tip 276 we talked about the challenges of administering CRM Online/Dynamics 365 without being a global admin. There really hasn’t been a good answer for companies that don’t want their deployment admin to be a global administrator.

The good news is this has changed with the introduction of the Dynamics 365 Service Admin role. This new Office 365 role allows you to grant users permission to administer Dynamics 365 tenants without having to be an Office 365 administrator. Users with the Dynamics 365 Service Admin role can perform the following tasks:

Configure new instance
Backup and restore
Sandbox copy
Approve email addresses
Create and access support requests
Access the service health
Access message center

You can also restrict Dynamics 365 Service Admins to specific organization instances by assigning a security group for which the admin is not a member to the instances you do not want them to access. Also, Dynamics 365 Service Administrators do not consume a Dynamics 365 user license.

While this will be welcome news for many, keep in mind that you still have to be nice to your Office 365 Global Admin, as you will still need him or her to:

Test and enable mailboxes
Add licenses to users
Access service settings for other Office 365 apps, like SharePoint or Exchange.

For more details see “Use the Dynamics 365 Service admin role to manage your tenant” on TechNet.

Tip #843: Help my Help Button is Different

Why does my Help Button look different than someone elses?

The icon changes depending on whether you have opted in or out for Learning Path.

Help Button

Don’t know how to switch in and out?

Enable Learning Path

Tip #842: Strange security results? Check teams

I created two dashboards and assigned each one to a different security role. However, users without the roles assigned to the dashboards are seeing both dashboards. What’s going on?

Whenever I come across an unexplainable security test result in Dynamics 365, the first thing I do is check the teams assigned to the users in question. In most cases, the unexpected result is caused by user being a member of a team that has a security role that grants the user access to application components to which their user roles do not.

Recommendations

Don’t use the same roles for team security and user security.
Limit the team role permissions to only the privileges needed by the team.
Consider separating the roles used by users and teams from the roles used to grant access to role based forms and dashboards–this will prevent unintentional sharing of the role based components with users and teams that should not see them.

Tip #841: Mobile client metadata is corrupted due to null reference issue

Recently, I had experienced a significant failure with the Dynamics 365 for Tablets client. It had seemed to present itself out of the blue, without any real reasoning or trigger behind it. As we reviewed the errors presented via developer tools in Chrome while loading the tablet client in a browser, we saw a significant error related to the metadata sync.

Developer tools output from Chrome Browser when accessing Tablet app via browser

We also found when we attempted to Prepare Client Customizations for the solution, we received the following error message:

D365 cryptic error message when attempting to prepare client customizations for the mobile client

As it turns out, the mobile client metadata was corrupted due to a null reference issue in a Word template. Document templates are tied to metadata of entities and attributes, which is unfortunately not checked for nor handled via exception by D365 when metadata generation takes place. Once we removed the corrupted template, this resolved the issue.

Moral to the story: When you delete an attribute or entity, verify the commensurate changes are made to any Word or Excel Templates, else Mobile client will fail in a quite spectacular way!

– Your friendly neighborhood CRMHobbit

Tip #840: Shared personal views and charts on mobile

One of the limitations of the Dynamics 365 (and 2016) mobile app is personal charts and views shared with another user do not display in that user’s mobile app. Saved personal views and charts that I own (or that a team on which I’m a member owns) do display in the mobile app.

As a workaround, if you have personal views or charts that you want to be available on mobile for a group of people, instead of sharing the views and charts with them, create a team, add all of the people to the team, and assign the personal views and charts to the team. That will make these items available on the team members’ mobile devices. And don’t forget to add yourself to the team, otherwise you will lose access to your views and charts.

« Previous
1
…
60
61
62
63
64
…
147
Next »

M	T	W	T	F	S	S
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30

Power Platform
Dynamics CRM

Tip of the Day