CRM 2013 (Orion): Re-imagined User Interface

Re-imagined User Interface

Microsoft has completely re-imagined the user interface of Microsoft Dynamics CRM. The re-imagined design introduces cleaner, faster and more intuitive user interface which drives productivity.

The biggest obstacle to success of any software application is the user adoption. The user interface design principles are focused on ease of use and productivity. The main design principles are shown in this figure (taken from Microsoft's documentation). 

Form Changes (Refreshed User Interface) 

In Dynamics CRM 2011, Ribbonized entities were introduced and the main objective was to refresh the user experience and to make it more consistent across Microsoft products.

In December 2012 Service Update of Dynamics CRM, three form modes were introduced.

• Classic experience
• Read Optimized experience (using inline form controls)
• Process Flow based User interface (available for 5 core entities)

Client SDK or form events were not supported in Read Optimized or Process Flow based user interface, so if any JavaScript was detected the form would always fall-back to the classic mode.

In CRM 2013, new refreshed experience has been extended to the rest of the application covering most of the end-user facing entities. Additionally, custom entities will also get this refreshed experience with full client sdk and form events. Classic forms are restricted to the administrative settings area.

In CRM 2013, we have two types of form experience

• New form experience
• Classic form experience

This diagram represents all the refreshed entities in the system.

The form itself has been has been completely redesigned (as shown below)

The Primary Information is displayed on the left, social pane (including activities and notes) in the middle and top right corner highlights the important data points which are in-line editable.

Microsoft has also introduced “Create” button which enables the users to quickly create records from the top navigation. When the button is clicked, a quick form pops up for optimized data capture (which can be customized).  The forms are also resizeable which make them usable with different devices for mobility. 

Refer to Microsoft's documentation for more information. 

CRM 2013 (Orion): Administration and Management Features in Dynamics CRM 2013

Dynamics CRM 2013 - Administration and Management Updates

Performance Optimisation Feature
Microsoft has released a new feature in Dynamics CRM 2013 to optimise the performance of the Quick Find queries. Every 24 hours, Quick Find Views are processed to add or remove indexes based on the Find Columns.

Dynamics 2013 Best Practises Analyser (BPA)
Best Practises Analyser (BPA) is a diagnostic tool that performs the following

- Gathers information about server roles that are installed on that server.
- Determines if the configurations are set according to the recommended best practises.
- Reports on all configurations, indicating settings that differ from the recommendations.
- Indicates potential problems in Dynamics CRM 2013 server features installed.
- Recommends solutions to potential problems.

PowerShell Changes
Microsoft has made some enhancements to the available PowerShell Commands, remote execution of PowerShell commands is now possible.

Data Encryption
All new and upgraded organisations will have data encryption enabled and cannot be disabled. Data encryption prevents the Database administrator from accessing encrypted data.

Three new privileges to manage SQL encryption

o   Manage SQL Encryption key – Read

o   Manage SQL Encryption key – Change

o   Manage SQL Encryption key – Activate

Yammer Integration
Microsoft introduced Yammer integration with the December 2012 service update for Dynamics CRM Online. With the release of Dynamics CRM 2013, Microsoft has made the same functionality available for the on-premise deployments. 

Activity Feeds
Activity Feeds is now part of core solution and cannot be un-installed.

When Activity Feeds functionality is enabled for an entity

o   Follow and Unfollow buttons appear on the form.

o   Post tab appears on the social pane within the form.

VSS Writer Service (Data Protection Manager)
Microsoft Dynamics CRM 2013 introduces new functionality for backup and restore of Dynamics CRM database through Volume Shadow Copy Service framework. However, it is dependent on System Centre 2012 Data Protection Manager (DPM) –earlier versions of System Centre Data Protection Manager are not supported

For more information, Please refer to Microsoft's documentation. 

CRM 2013 (Orion): Known Issues with CRM 2013 as of September 2013

There are some known issues with CRM 2013 as of September 2013, please refer to the link for more details.

http://www.microsoft.com/en-us/dynamics/crm-customer-center/readme.htm

CRM 2013 (Orion): Upgrade

Upgrade/Re-implement Legacy features

The following legacy features will no longer be supported in Microsoft Dynamics CRM 2013

• CRM 4 plug-ins and custom workflow activities
• CRM 4 client-side scripting
• 2007 web service endpoint
• ISV folder for custom web applications

Following two tools can be used to detect the legacy features/custom code.

Legacy Feature Check Tool - On-Premise Only
It detects the use of the server side code such as CRM 4 plug-ins, custom workflow activities and the ISV folder (for custom web applications). 

Dynamics CRM 2011 Custom Code Validation Tool - CRM Online and On-Premise
This tool is focused on detecting the use of unsupported client-side code in the JavaScript web resources (includes CRM 4 client APIs).

Upgrade Methods

• Migrate by using a new instance of SQL Server (recommended by Microsoft)
• Migrate by using the same instance of SQL Server
• In-place Upgrade (simply run Dynamics CRM 2013 Setup on Dynamics CRM 2011 application server) - Optionally choose to upgrade one organisation database (only one database can be upgraded with the server upgrade), all other organisations will be disabled during the upgrade process and will need to be upgraded separately. 

   The only supported upgrade path to Microsoft Dynamics CRM 2013 is from Microsoft Dynamics CRM 2011.

   Refer to Microsoft's documentation for further information.

CRM 2013 (Orion): Getting Started

Getting Started with Dynamics CRM 2013 (Orion)

YouTube Video: http://www.youtube.com/watch?v=-L7rcj1LFxs

CRM 2011: Integration using SQL Server Integration Services (SSIS) 2008 throws an error "The Identity check failed for the outgoing message"

Error:

The Identity check failed for the outgoing message. The remote endpoint did not provide a domain name system (DNS) claim and therefore did not satisfied DNS identity 'user.name@domain'. This may be caused by lack of DNS or CN name in the remote endpoint X.509 certificate's distinguished name.

Resolution: 

Modify the parameter passed in the EndpointIdentity.CreateDnsIdentity() method call.

Update the following

EndpointIdentity.CreateDnsIdentity(string.Format("{0}@{1}", UserName, Domain)

to 

EndpointIdentity.CreateDnsIdentity("xyz")

CRM 2011: Integration using SQL Server Integration Services (SSIS) 2008 throws SOAP Security Negotiation Exception

Objective: 

Microsoft Dynamics CRM 2011 Integration using Microsoft SQL Server Integration Services 2008 (SSIS)

Issue:

SOAP security negotiation with 'http://CRMServer/Org/xrmservices/2011/Organization.svc' for target 'http://CRMServer/Org/xrmservices/2011/Organization.svc' failed. See inner exception for more details.

Server stack trace: 

   at System.ServiceModel.Security.IssuanceTokenProviderBase`1.DoNegotiation(TimeSpan timeout)

   at System.ServiceModel.Security.SspiNegotiationTokenProvider.OnOpen(TimeSpan timeout)

   at System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(TimeSpan timeout)

   at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)

   at System.ServiceModel.Security.CommunicationObjectSecurityTokenProvider.Open(TimeSpan timeout)

   at System.ServiceModel.Security.SecurityUtils.OpenTokenProviderIfRequired(SecurityTokenProvider tokenProvider, TimeSpan timeout)

   at System.ServiceModel.Security.SymmetricSecurityProtocol.OnOpen(TimeSpan timeout)

   at System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(TimeSpan timeout)

   at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)

   at System.ServiceModel.Channels.SecurityChannelFactory`1.ClientSecurityChannel`1.OnOpen(TimeSpan timeout)

   at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)

   at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout)

   at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)

   at System.ServiceModel.Channels.ServiceChannel.CallOpenOnce.System.ServiceModel.Channels.ServiceChannel.ICallOnce.Call(ServiceChannel channel, TimeSpan 

timeout)

   at System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan timeout, CallOnceManager cascade)

   at System.ServiceModel.Channels.ServiceChannel.EnsureOpened(TimeSpan timeout)

   at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan 

timeout)

   at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs)

   at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)

   at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)

Exception rethrown at [0]: 

   at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)

   at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)

   at NECCrmProxy.Crm.IOrganizationService.Create(Entity entity)

   at NECCrmProxy.Crm.OrganizationServiceClient.Create(Entity entity)

   at ScriptMain.Input0_ProcessInputRow(Input0Buffer Row)

   at UserComponent.Input0_ProcessInput(Input0Buffer Buffer)

   at UserComponent.ProcessInput(Int32 InputID, PipelineBuffer Buffer)

   at Microsoft.SqlServer.Dts.Pipeline.ScriptComponentHost.ProcessInput(Int32 inputID, PipelineBuffer buffer)

Resolution: 

Change EndpointIdentity.CreateUpnIdentity() to EndpointIdentity.CreateDnsIdentity() in your code.

CRM 2011: Impersonation in Plug-ins

Impersonation is used in Microsoft Dynamics CRM platform to execute the business logic on behalf of a system user, this includes the custom code execution governed by Microsoft Dynamics CRM security privileges of the impersonated user. Pre-entity and Post-entity images as passed to plug-ins as the execution context on behalf of the impersonated user.

Plug-ins not executed by sandbox or asynchronous service execute under CRMAppPool Identity service account. By default, CRMAppPool uses Network Service account but it can be changed by the administrator. If it is changed then administrator will need to add this identity account to the PrivUserGroup in the Active Directory.

Impersonation during Plug-in Registration

A user can be impersonated during the plug-in registration, administrator can specify a user account to execute the plug-in.
If the plug-in is getting registered programmatically then impersonation can be done by setting the property ImpersonatingUserId to a specific user, web service calls made by the plug-in execute on behalf of the impersonated user.

Impersonation during Plug-in Execution

Impersonation defined at the registration level can be overridden at run time during plug-in execution. 

For security purposes, the plug-ins can also be impersonated as the user who actually initiated this process/plug-in (by doing a specific action within the CRM application) by using the property InitiatingUserId. 

// Get a reference to the Organization service.

IOrganizationServiceFactory factory = (IOrganizationServiceFactory)serviceProvider.GetService(typeof IOrganizationServiceFactory));

IOrganizationService service = factory.CreateOrganizationService(context.InitiatingUserId);

Refer to Microsoft's documentation for more information.

CRM 2013 (Orion): Upgrade to CRM 2013 (Orion)

Upgrade to CRM 2013

Upgrade/Re-implement Legacy features

The following legacy features will no longer be supported in Microsoft Dynamics CRM 2013

• CRM 4 plug-ins and custom workflow activities
• CRM 4 client-side scripting
• 2007 web service endpoint
• ISV folder support for custom web applications
• Solution down level tool

Legacy Feature Check tool can be used to detect legacy feature usage in the solution.

Dynamics CRM 2011 Custom Code Validation Tool can be used to detect unsupported client-side code in the solution. 

Refer to Microsoft's documentation for further information.

more to follow on this topic ....

CRM 2011: Signing the Plug-in Assembly

Only signed plug-in assemblies are allowed to be registered on Microsoft Dynamics CRM 2011.

To sign an assembly with a strong name, it must have a public/private key pair.

The assembly can be signed using

• Microsoft Visual Studio, OR
• Strong Name Tool (sn.exe)

Using Microsoft Visual Studio (UI)

Follow these steps to sign the assembly using Microsoft Visual Studio 2010

1. Right-click the project and click "Properties".
2. Select "Signing".
3. Check "Sign the assembly".
4. Select an existing key or create a new one.
5. Save the properties.
6. Rebuild the DLL.

Using Strong Name Tool (sn.exe)

1. Open Visual Studio 2010 Command Prompt
2. Run the command, sn -k [filename]

Refer to Microsoft's documentation for more information.

CRM 2011: Limited/reduced functionality of Sandboxed plug-ins

Microsoft recommends running plug-ins in a sandbox mode. The plug-ins running in a sandboxed environment have reduced functionality to ensure security.

The following network access restrictions apply to this sandbox capability.

• Only HTTP and HTTPS protocols are allowed.
• Access to localhost is not permitted.
• Plug-ins must rely on DNS name resolution (using a named web address).
• Anonymous authentication is recommended and supported by Microsoft.
• .NET framework classes can be used in the plug-in code to access web resources considering previously outlined restrictions.

Refer to Microsoft's documentation for further information.

CRM 2011: Update Rollup 14 for Microsoft Dynamics CRM 2011

Update Rollup 14 for Microsoft Dynamics CRM 2011 has been released.

Publish date : 11th July 2013

Knowledgebase Article - Link

Download - Link

CRM 2011: Plug-in Isolation(Sandbox), Trusts and Statistics

Plug-in Isolation (Sandbox Mode)

Microsoft Dynamics CRM 2011 supports the execution of plug-ins in an isolated environment, also known as Sandbox.

A Sandbox plug-in can access

•  Microsoft Dynamics CRM SDK web services
• External endpoints just as Windows Azure cloud and other common web services

and CANNOT access the following

• File system
• System event log
• Network and more 

The execution of plug-ins in a sandbox mode is recommended by Microsoft because 

• It is more secure
• It supports run-time monitoring and statistics reporting
• It is supported for all Microsoft Dynamics CRM deployments

Full and Partial Trusts

Plug-ins can be registered

• In the sandbox mode, known as partial trust
• Outside the sandbox mode, known as full trust

The table illustrates the deployment types and the supported trust level.

Run-time Statistics  

The Microsoft Dynamics CRM platform collects run-time statistics and also monitors the plug-ins that execute in a sandbox mode. If sandbox worker process exceeds the threshold utilisation of resources or is unresponsive then the CRM platform ends the process, this won't impact the other organisations because each organisation has its own sandbox worker process. This information is stored in the database table "PluginTypeStatistic". 

CRM 2013: Orion - Screenshots

CRM 2013 - Orion (Application Screenshots)

http://blog.north52.com/2013/07/09/wpc-2013-dynamics-crm-2013-application-screenshots/

CRM 2013 - Orion (Mobile Screenshots)

http://blog.north52.com/2013/07/09/wpc-2013-dynamics-crm-2013-mobile-screenshots/

Credits: North52

CRM 2011: Workflow Activity Input and Output Parameters & Data Types

Microsoft Dynamics CRM supports two types of parameters for a workflow activity.

• Input Parameters
• Output Parameters

Input Parameters

The input parameter is annotated with the .NET attribute "Input".

DefaultAttribute

DefaultAttribute class can be used to specify a default value (using "Default" attribute) for an input parameter. 

Bool

[Input("Bool input")]

[Output("Bool output")]

[Default("True")]

public InOutArgument<bool> Bool { get; set; }

DateTime

[Input("DateTime input")]

[Output("DateTime output")]

[Default("2013-07-09T02:54:00Z")]

public InOutArgument<DateTime> DateTime { get; set; }

Decimal

[Input("Decimal input")]

[Output("Decimal output")]

[Default("20.75")]

public InOutArgument<decimal> Decimal { get; set; }

Double

[Input("Double input")]

[Output("Double output")]

[Default("200.2")]

public InOutArgument<double> Double { get; set; }

Integer

[Input("Int input")]

[Output("Int output")]

[Default("2322")]

public InOutArgument<int> Int { get; set; }

Money (Currency)

[Input("Money input")]

[Output("Money output")] 

[Default("232.3")]

public InOutArgument<Money> Money { get; set; }

OptionSetValue

[Input("OptionSetValue input")]

[Output("OptionSetValue output")]

[AttributeTarget("account", "industrycode")]

[Default("3")]

public InOutArgument<OptionSetValue> OptionSetValue { get; set; }

Attribute Target must specify the entity and attribute being referenced. 

String

[Input("String input")]

[Output("String output")]

[Default("string default")]

public InOutArgument<string> String { get; set; }

Entity Reference

[Input("EntityReference input")]

[Output("EntityReference output")]

[ReferenceTarget("account")]

[Default("3B036E3E-94F9-DE11-B508-00155DBA2902", "account")]

public InOutArgument<EntityReference> AccountReference { get; set; }

Reference Target attribute must specify the type of entity being referenced. 

Required Argument Attribute 

System.Activities.RequiredArgumentAttribute class can be used to specify that the input parameter is required.

[RequiredArgument]

[Input("Update next Anniversary date for")]

[ReferenceTarget("contact")]

public InArgument<EntityReference> Contact { get; set; }

Output Parameters

The output parameter is annotated with the .NET attribute "Output"

//this is the name of the parameter that will be returned back to the workflow

[Output("Credit Score")]

//this line identifies the specific attribute which will be passed back to the workflow

[AttributeTarget(CustomEntity, "new_creditscore")]

//this line declares the output parameter and declares the proper data type of the parameter being passed back.

public OutArgument<int> CreditScore {get;set;}

Refer to Microsoft documentation for more details

http://technet.microsoft.com/en-us/library/gg328515.aspx

http://technet.microsoft.com/en-us/library/gg327842.aspx

CRM 2011: Set IFRAME source using JavaScript

Xrm.Page.getControl("IFRAME_myframe").setSrc(http://www.microsoft.com/);

CRM 2011: Client-side (forms, fields, tabs and IFrame) events in Microsoft Dynamics CRM 2011

1. Form Events

There are two events at the form level in Microsoft Dynamics CRM 2011

• OnLoad Event
• OnSave Event

OnLoad Event

The OnLoad event occurs after the form has been loaded. Normally OnLoad event is used to apply logic relevant to user interaction like

• Display/Hide components on the form
• Enable/Disable components on the form
• Alert users of a specific business situation 
• Perform calculations/actions using web service calls etc.

OnSave Event

OnSave event occurs after the form is saved. Normally following actions cause the form to be saved

• User clicks the "Save" button
• User clicks the "Save and Close" button
• Other actions also cause the form to be saved, the Save method in the JavaScript
• Xrm.Page.data.entity.save( null | "saveandclose" |"saveandnew" )
• save() - if no parameter is included then it simply saves the record
• save("saveandclose") - save and close the record form
• save("saveandnew") - save current record and open new record form

OnSave event is commonly used for data validation or to perform a specific operation using web services.

The OnSave event can also be cancelled to prevent the data from being saved, following JavaScript code can be used to cancel the save operation.

event.returnValue = false;

return false;

2. Field Events

OnChange Event

OnChange event is available for every field on the form. The OnChange event triggers when the following two actions occur

• The field data changes AND
• The field loses focus

This event is commonly used to do the following

• Display/Hide components on the form
• Mark other fields mandatory or non-mandatory based on this field's value
• Implement dynamics option sets
• Perform calculations/actions using web service calls to change other fields based on changing values
• formatting (e.g phone field)

OnChange event can also be triggered by invoking FireOnChange method for a specific field.

3. Tab Events

TabStateChange Event

TabStateChange event occurs when a tab is expanded or collapsed, implementing this event can defer the execution of code until a tab state is changed.

4. IFRAME Events

OnReadyStateComplete Event

OnReadyStateChange event is the indication that the contents of the IFRAME has been loaded and are available to be accessed in the script. If the script interacts with the IFRAME contents before they are fully loaded, the script will fail.

CRM 2011: Share/Unshare records with a Team or a User using CRM SDK, C#

Sharing and Unsharing records with a Team using Microsoft Dynamics CRM 2011 SDK (early bound classes). You can also do a slight modification to use this code for sharing records with specific users.

Share Record with Team - Read only Access

public static void TeamShareWithReadAccess(IOrganizationService service, Guid recordId, string recordEntityName, Guid teamId)
        {
            GrantAccessRequest grantAccessRequest = new GrantAccessRequest()
            {
                Target = new EntityReference(recordEntityName, recordId),

                PrincipalAccess = new PrincipalAccess()
                {
                    Principal = new EntityReference(Team.EntityLogicalName, teamId),
                    AccessMask = AccessRights.ReadAccess,
                }
            };

            GrantAccessResponse grantAccessResponse = (GrantAccessResponse)service.Execute(grantAccessRequest);
        }

Share Record with Team - Read-Write Access (+Share, Assign, Append and AppendTo access)

public static void TeamShareWithReadWriteAccess(IOrganizationService service, Guid recordId, string recordEntityName, Guid teamId)

        {

            GrantAccessRequest grantAccessRequest = new GrantAccessRequest()

            {

                Target = new EntityReference(recordEntityName, recordId),

                PrincipalAccess = new PrincipalAccess()

                {

                    Principal = new EntityReference(Team.EntityLogicalName, teamId),

                    AccessMask = AccessRights.ReadAccess | AccessRights.WriteAccess | AccessRights.ShareAccess | AccessRights.AssignAccess | AccessRights.AppendAccess | AccessRights.AppendToAccess,

                }

            };

            GrantAccessResponse grantAccessResponse = (GrantAccessResponse)service.Execute(grantAccessRequest);

        }

Revoke Shared Access from Team

 public static void RevokeTeamShare(IOrganizationService service, Guid recordId, string recordEntityName, Guid teamId)

        {

            RevokeAccessRequest revokeAccessRequest = new RevokeAccessRequest()

            {

                Target = new EntityReference(recordEntityName, recordId),

                Revokee = new EntityReference(Team.EntityLogicalName, teamId)

            };

            RevokeAccessResponse revokeAccessResponse = (RevokeAccessResponse)service.Execute(revokeAccessRequest);

        }

CRM 2011: Auditing Features

Why Need Auditing ?

Microsoft Dynamics CRM 2011 offers auditing features and there are many reasons for an organisation wanting to audit business data.

 Some are:

• Analyse user actions to improve business processes
• For maintaining history of the business data
• To comply with legal regulations
• To maintain security

Levels of Auditing 

There are three levels of Auditing in Microsoft Dynamics CRM 2011

• Organisation
• Entity
• Field

Supported Features

• Organisation Level
• Audit of Areas (Sales, Marketing, Service)
• Audit of audit events
• Audit log deletion
• Entity Level
• Audit of custom and customizable entities
• Audit of create, update and delete events of records
• Audit of changes to the shared privileges of a record
• Audit of relationships (1:N, N:1, N:N) - Associations or disassociations
• Audit of privilege changes (changes to security roles)
• Field Level
• Audit of fields of custom and customizable entities
• Audit of update event of fields

Unsupported Features

• CRM cannot audit/log who reads data and when
• this includes reading data on forms, views, reports and data exports
• CRM cannot audit/log changes to metadata, for example renaming a field

Key Concepts

• Auditing can be enabled at Organisation, entity and field levels. CRM will  ONLY start auditing the data when auditing is enabled at the Organisation level (enabling at entity and field level will not start auditing)
• Audit data is stored in a database table, it is not represented as an entity within the Organisation
• Audit data is divided logically into quarterly segments called "Audit Logs", Audit Logs can be individually deleted to free up some space.

Audit Permissions

Only System Administrator and/or System Customizer has rights to enable or disable Auditing at the Organisation level.

Other auditing permissions which can be granted by configuring security roles

• View Audit Partitions
• Delete Audit Partitions
• View Audit History
• View Audit Summary

Refer to Microsoft's documentation for more information.

CRM 2011: JavaScript to refresh CRM form ribbon & form controls using Xrm.Page Object Model

JavaScript to refresh CRM form ribbon & form controls using Xrm.Page Object Model

Xrm.Page Object Model should be used to refresh ribbon and controls on the CRM form.

Refresh Ribbon

refreshRibbon() method should be used to refresh form ribbon. Normally this code snippet is used to refresh(re-evaluate) ribbon to enable/disable or show/hide ribbon components when the data is changed on the form.

Xrm.Page.ui.refreshRibbon();

Refresh SubGrid

Following code snippet can be used to refresh data in the SubGrid.

Xrm.Page.getControl("accountcontactsgrid").refresh();

CRM 2011: JavaScript to close CRM form using Xrm.Page Object Model

JavaScript to close CRM form using Xrm.Page Object Model

Xrm.Page.ui.close();

The HTML Window.close() method is suppressed and should not be used to close CRM form.

CRM 2013: Orion – Highlights of the major changes

Next major release of Dynamics CRM, Orion is expected to be released by the end of 2013, some highlights are as follows.

New Features

• Redesigned User Interface
• Process Agility - Agile process guidance
• Mobility - seamless experience across web and hand held devices
• Social Context - integrated with Yammer

Get Ready for CRM 2013 - Orion

Removing support of Platform and Technologies

Following platforms and technologies will not be supported in the next major release of Microsoft Dynamics CRM 2011.

• Windows XP for accessing Microsoft Dynamics CRM web application
• Windows XP to run Microsoft Dynamics CRM for Outlook
• Microsoft Office 2003
• Microsoft Exchange Server 2003 for email routing and tracking
• Microsoft Exchange Server 2007 WebDAV protocol for email routing and tracking
• Internet Explorer (IE) 7
• Windows Server 2003 Terminal Services to run Microsoft Dynamics CRM for Outlook
• Windows 2000 Server AD forest and domain levels

Removal of CRM 4 features

The following legacy CRM 4 features will be removed and will no longer be supported in the next major product release.

• ISV folder for custom web applications
• Microsoft Dynamics CRM 4 plug-ins
• Microsoft Dynamics CRM 4 client-side scripting (from next release all forms should use Xrm.Page and Xrm.Utility object models).
• Microsoft Dynamics CRM 4 custom workflow activities

Removal of features

• Microsoft Lync presence will not be supported on the updated user interface entity forms and Activity Feeds.
• Workplace area will be removed from the navigation (for new organisations only), users will no longer be able to have the option to personalise what is displayed there within the Personal Options.
• Duplicate Detection during record Create and Update operations will not be supported (for updated user interface entities)

For further details please visit the following links

http://technet.microsoft.com/en-us/library/dn265924.aspx

http://msdn.microsoft.com/en-us/library/dn281891.aspx
https://community.dynamics.com/crm/b/crmconnection/archive/2013/07/02/making-microsoft-dynamics-crm-personal.aspx

Please note that these details may change prior to actual release.

CRM 2011: Email Router configuration error – “Incoming Status Failure: No results were found”

Error:  

Email Router configuration error "Incoming Status Failure: No results were found"

Solution:

If you dig around you will find out that this error is actually coming from Microsoft Exchange.

In our case, the error coming from Exchange was "ErrorCode=ErrorNameResolutionNoResults" 

and according to MSDN Exchange ESW reference
"This error indicates that the ResolveNames operation returns no results."

Consider the following to resolve the issue

• Make sure email addresses are available in Exchange's Global Address List (GAL)
• Make sure mailbox is not hidden from exchange address list (checkbox)
• Make sure all accounts are in PrivUserGroup
• Make sure Exchange webservice is accessible from the CRM server
• Make sure the account's mailbox is not over-limit
• While configuring incoming profile enter credentials as 
• domain\user (not user@domain.com)

If you are using a service account to access the mailboxes of other CRM users and/or queues then check the following

• Make sure service account's email address is available in Exchange's Global Address List (GAL)
• Make sure service account has full rights on the mailboxes.
• Adding a Management Scope for the service account to impersonate other users.

For us, this issue was resolved by creating a mailbox for the service account and exposing it to the Global Address List (GAL). You may be able to resolve this issue without creating a mailbox for the service account but it must not be hidden from the GAL.

CRM 2011: SSRS custom report query returns blank report when queried against Filtered Views

Problem

SSRS custom report returns no data or blank report when queried against Filtered views and returns data when queried directly against the database table.

Please bear in mind that writing a SQL query against the table is not supported/recommended by Microsoft and there is a good reason for it.

By writing a SQL query in your report that directly retrieves data from the database table, you are bypassing the CRM security and allowing users to see anything and everything, WHICH IS WRONG!

The ONLY way to query CRM data in your custom report is to do it through Filtered views.

Solution

Add the user to "PrivReportingGroup" group in your Active Directory.

Other things to check 

• Make sure SSRS report’s "Data Source" connection is using Windows Authentication.
• “MSCRM_DataSource” should be used as data source in SSRS (shared) and should be using Windows Authentication.
• Find “ReportingGroup” under SQL security and add this group as dbReader on CRM database.
• 
  

CRM 2011: The Relationship with name = was not found in the MetadataCache - N:N relationship

Error:

The Relationship with name = <relationship_name> was not found in the MetadataCache.
 If you encounter this error while dealing with N:N native relationship in CRM 2011 (especially in custom code), first thing you might want to check is the N:N native relationship itself.

When we create a native N:N relationship between the two entities, upon selecting entities CRM itself populates the following fields with the same value

• Name (maximum 45 characters allowed, including "new_")
• Relationship Entity Name (maximum 43 characters allowed, "including new_")

for some reason the "Name" field is limited to have maximum of 45 characters and
"Relationship Entity Name" is limited to have maximum of 43 characters.

so if the schema names of the entities are long enough to exceed the limit then extra characters will be truncated to be different because of different lengths allowed.

Solution:

Delete the existing N:N relationship and create a new one with shorter values in "Name" and "Relationship Entity Name" fields.
I entered the same values because i don't think it matters. You can try with different values, I think the key is to have shorter values.

CRM 2011: Understanding Security Model - Part 2

This post is the continuation of my earlier post titled Understanding Security Model - Part 1

 

In this post we will cover following topics of Security Model

• Role based Forms
• Security Principals
• Security Dependencies
• Authentication Methods

Role based Forms

Microsoft Dynamics CRM 2011 allows us to have multiple forms per entity, this equips us to enhance the user experience by exposing different data fields/content to different users based on the security role assigned to them.

 

We can have role based forms/pages without having to create stop-gap solutions and the CRM platform determines the page content visibility based on the security role assigned to a user.

 

Users can see all the forms available to their roles and have the ability to switch between the forms, we can also do client-side scripting to switch forms based on different business rules (can be data driven rules).

 

Overall, client-side scripting to hide/show controls on a form is more efficient approach rather than using different role based forms as it does not require page refresh (switching between forms require page refresh).

 

This feature is automatically enabled for all entities in the system.

 

Security Principals

Microsoft defines "Security Principal" as a user or team who owns or have rights to access an entity instance(record). Entities are either owned by Organization or User/Team.

 

Examples of User/Team owned and Organization owned entities are

• User/Team owned entities
• Account
• Contact
• Case
• Organization owned entities
• Product
• System User
• Price List

In principal, reference entities should be Organization owned and other entities should be User/Team owned so that a specific user or team owns an entity instance. However an architect can design it differently based on business needs and other preferences.

 

Entity records are assigned to a specific a user or a team, who is the owner of the entity record.

Entity instances can also be shared with other users or teams so that they can get access to the entity instance/record and perform actions on it, sharing a record with a team allows the members of that team to access/perform actions on that record.

 

Security Dependencies

As discussed in the part 1, every user in Microsoft Dynamics CRM must be assigned a security role which defines their respective access rights.

There are some security dependencies and to perform a particular operation, it is required to grant more than one access right.

 

Consider this example

 

"Create" access right is required to create an entity instance, however user must also be granted "Read" access right on that entity to enable the user to successfully create an entity instance or record. So in this case "Create" access right is dependent on "Read" access right.

 

Another type of security dependency exists when an object is dependent on another object OR in other words when object is subordinate of another object.

 

Like for example, a Case object cannot exist without customer entity(Account or Contact) so in order to create an instance of Case object, user must have rights to attach it to a customer entity instance (Account or Contact). User must have the following access rights in addition to "Create" and "Read" access rights to be able to create an instance of a Case object.

• "AppendTo" access right on Customer entity (Account or Contact) so that user can attach an object/entity instance to Account or Contact entity instance.
• "Append" access right on Case entity so that a user can attach Case object to another entity.

Authentication Methods

Microsoft Dynamics CRM 2011 offers two authentication methods

• Active Directory Authentication
• Claims-based Authentication

Active Directory Authentication

Microsoft Dynamics CRM sends request to Active Directory for authentication and IIS manages authentication for CRM web application, on the other hand if CRM SDK application sends request to Active Directory for authentication then WCF manages the authentication process.

Claims-based Authentication

Microsoft has created Windows Identity Foundation(WIF), a security framework which implements claims-based authentication.

Microsoft Dynamics CRM 2011 uses WIF framework for claims-based authentication.

 

Claims-based authentication presents user's identity to the application as a set of claims, Microsoft Dynamics CRM 2011 then passes on that claim to Security Token Service (STS).

The STS is then responsible for actual authentication, not Microsoft Dynamics CRM.

 

To implement claims-based authentication, we need STS to be hosted on the server, it can be based on Active Directory Federation Services (ADFS) 2.0

 

For further details, please refer to Microsoft's official training material.

 

CRM 2011: Understanding Security Model - Part 1

Security Model is a very integral component of Microsoft Dynamics CRM 2011 platform.

This post gives an overview of the Security Model in Microsoft Dynamics CRM 2011.

• Role based Security
• Field level Security
• Object based Security
• Role based Forms
• Security Principals
• Security Dependencies
• Authentication Methods

Role based Security

Users and Teams are assigned security roles in Microsoft Dynamics CRM 2011 which define their privileges and access level, or in other words it defines what user/team is authorised to perform in CRM. 

Role based Security has two components

1. Privileges
2. Access Level

Privileges

Microsoft Dynamics CRM platform validates the user request to perform a specific operation against the privileges (defined in security role) assigned to a user and accepts/rejects based on it.

Common privileges available per entity are 

• Create - Ability to create entity records.
• Read - Ability to read entity records.
• Write - Ability to modify entity records.
• Delete - Ability to delete entity records.
• Append - Ability to associate a selected entity record to another entity record.
• Append To - Ability to associate another entity record to this entity record.
• Assign - Give ownership of entity record to another user/team.
• Share - Give access to entity records to other user/team. 

Access Level

Access Level uses the ownership of the object to determine if a user can apply privileges on a specific object.

Microsoft has classified Access Levels as

• None
• User/Team
• Business Unit
• Parent: Child Business Units
• Organisation

In short

• Privileges determine "WHAT" a user can perform on an object.
• Access Level determines on "WHICH" object a user can perform this action.

Field Level Security

Microsoft Dynamics CRM 2011 platform supports field level security which allows us to grant or restrict access to specific fields at three levels

• Read - Read-only access to field's data
• Create - Can add field's data when creating a record
• Update - Can modify field's data

We can use combination of these three levels to grant/restrict access to specific users or teams.

for example, if a security profile is configured to grant "Read" and "Create" permissions to a specific field then users or teams added in that profile can add data to field when creating a new record but once record has been saved then it will become read-only field for them because they don't have update permission.

Likewise, you can choose to grant

• No permissions - Users or Teams will not be able to see data in that field (it will appear as masked field with no visibility to data)
• "Read" and "Update" permissions but not "Create" - Users or Teams will be able to read or modify data in that field but will not be able to add data to field when creating a record.

and so on ...

Field level security is always in force

• User/Team accessing data through Application
• User/Team accessing data through webservices or custom code
• User/Team accessing data through reports

For example if a user does not have access to a specific field and custom code (under that user's impersonation) tries to access that field's data, CRM platform will return null so in this case custom code will not know if this field is actual null or data unavailable to this user because of field level security.

Easy steps to set up field level security

• Enable "Field Security" for a specific field so that it becomes available to be configured in Security Profile(s)
• Create/Configure Security Profile
• Add Users/Teams to that Profile

Field level security is only available for custom fields/attributes - not for system or built-in fields/attributes.

Object based Security

Microsoft Dynamics CRM 2011 security model supports object or data sharing.

Users with "Share" rights on an entity can share entity records with other users or teams which can override their respective access level restrictions. It is important to understand that sharing cannot grant privileges if a user has no privileges on that entity.

If a user does not have some level of access on an entity then sharing cannot provide that privilege.
like for example, if a user's role does not grant him or her "Read" privileges on Contact entity then sharing a contact will not grant him or her read privileges on contact entity.

When sharing, user can grant certain access rights so that user or team (with whom the record is shared) can perform actions on that record or object.

Continued at Understanding Security Model - Part 2

CRM 2011: Export to Excel and Bulk Edit Permissions

Quick post : Granting privileges to users for

• Exporting CRM data in Microsoft Excel and/or
• Bulk Edit records 

Modify security roles as shown below.

Under Business Management tab

CRM 2011: Increase the import file size, error The import file is too large to upload

By default, Microsoft Dynamics CRM 2011 has set maximum file size limit of 8MB for the data import.

If you are getting an error
"The import file is too large to upload" as shown in this screen shot.

You can increase this limit by updating this limit at the database level, please keep in mind that this is an unsupported change because Microsoft does not support/recommend any interaction at the database level for a CRM solution.

I would classify this as low risk unsupported change.

Run the following query on your database server to check the current file size limit, the value should be 8 (default value set by Microsoft).

Now, you can run the following query to increase the maximum file size allowed for data import to 32 MB.
You can set it more than 32 MB but be very careful because it may impact performance.

Once you have updated the value, reset IIS

CRM 2011 : Security Role permissions to save Advanced Find View as a Personal View

Sometimes users run into an issue that they cannot save an Advanced Find View as a Personal View.

If  "Save" and "Save As" buttons are greyed out for the user(s) in an Advanced Find window as shown in this screen shot then follow the post.

 

Normally it will happen if you are using a custom security role and this permission was missed out because most of the OOTB security roles grant these rights anyway.


To grant permissions, you will need to update the respective security role.

You will see SavedQuery entity under core tab on the security role and grant permissions as shown below.

Once you have updated the security role, users will now be able to save Advanced Find View as a Personal View on an entity.

Export 10000+ rows out of CRM 2011 in an Excel spread sheet - Increase the default limit of 10000 rows

By default Microsoft Dynamics CRM 2011 allows 10000 records to be exported from CRM in an Excel spread sheet.  We can change this maximum row limit by doing one of the following.

Unsupported by Microsoft

As a principal, In CRM world any direct interaction with the database except for reporting using Filtered views is unsupported by Microsoft.

 I will classify this change as low-risk unsupported change.

• Open SQL Management Studio on your database server
• Run a new query on <OrganizationName>_MSCRM
• Select MaxRecordsForExportToExcel From OrganizationBase where Name = ‘OrganizationName’
• This query will show you the value of MaxRecordsForExportToExcel in the organization database. It will be 10000 (by default) if it has not been updated
• Run update query to update this value to 65000 (if you want to export 65000 records in an excel spread sheet). 
•  Update OrganizationBase Set MaxRecordsForExportToExcel=65000 where Name = ‘OrganizationName’

If you now run the select statement again, you will see the value as 65000. This should now allow you to export 65,000 records out of CRM in excel spread sheet.

Supported by Microsoft

This modification can also be done in a supported manner by using CRM SDK. You will need developer’s help to do that. Use the following code in your utility

organizationObject. MaxRecordsForExportToExcel = 65000;
service.Update(organizationObject);

Registry Settings on CRM Server

Try now if it allows you to export 65000 records, if not then you will need to add/modify registry settings on CRM Server.

Start -> Run -> type regedit and then press enter

Navigate: HKEY_LOCAL_MACHINE -> SOFTWARE -> Microsoft -> MSCRM

Look for registry entry (DWORD) with the title “maxrecordsforexporttoexcel” and modify the value to 65000.

If you are unable to find the registry entry then create it as shown below.

From Edit Menu -> Click New -> DWORD value and select it to be “Decimal” and specify value 65000.

Once you have modified/created this registry entry, reset IIS by doing the following

Go to your CRM server, Start -> Run -> type iisreset and press enter

Now you should be able to export 65000 records out of CRM in Excel.

If you are doing IIS reset on Production environment then make sure you do it when users are not live otherwise it will/may interrupt users from using CRM application.