Pages

Thursday, 27 June 2013

CRM 2013: Orion – Highlights of the major changes

Next major release of Dynamics CRM, Orion is expected to be released by the end of 2013, some highlights are as follows.

New Features

  • Redesigned User Interface
  • Process Agility - Agile process guidance
  • Mobility - seamless experience across web and hand held devices
  • Social Context - integrated with Yammer

Removing support of Platform and Technologies

Following platforms and technologies will not be supported in the next major release of Microsoft Dynamics CRM 2011.
  • Windows XP for accessing Microsoft Dynamics CRM web application
  • Windows XP to run Microsoft Dynamics CRM for Outlook
  • Microsoft Office 2003
  • Microsoft Exchange Server 2003 for email routing and tracking
  • Microsoft Exchange Server 2007 WebDAV protocol for email routing and tracking
  • Internet Explorer (IE) 7
  • Windows Server 2003 Terminal Services to run Microsoft Dynamics CRM for Outlook
  • Windows 2000 Server AD forest and domain levels

Removal of CRM 4 features

The following legacy CRM 4 features will be removed and will no longer be supported in the next major product release.
  • ISV folder for custom web applications
  • Microsoft Dynamics CRM 4 plug-ins
  • Microsoft Dynamics CRM 4 client-side scripting (from next release all forms should use Xrm.Page and Xrm.Utility object models).
  • Microsoft Dynamics CRM 4 custom workflow activities

Removal of features

  • Microsoft Lync presence will not be supported on the updated user interface entity forms and Activity Feeds.
  • Workplace area will be removed from the navigation (for new organisations only), users will no longer be able to have the option to personalise what is displayed there within the Personal Options.
  • Duplicate Detection during record Create and Update operations will not be supported (for updated user interface entities)

For further details please visit the following links

Please note that these details may change prior to actual release.

Wednesday, 26 June 2013

CRM 2011: Email Router configuration error – “Incoming Status Failure: No results were found”

Error:  

Email Router configuration error "Incoming Status Failure: No results were found"

Solution:

If you dig around you will find out that this error is actually coming from Microsoft Exchange.

In our case, the error coming from Exchange was "ErrorCode=ErrorNameResolutionNoResults" 

and according to MSDN Exchange ESW reference
"This error indicates that the ResolveNames operation returns no results."

Consider the following to resolve the issue
  • Make sure email addresses are available in Exchange's Global Address List (GAL)
  • Make sure mailbox is not hidden from exchange address list (checkbox)
  • Make sure all accounts are in PrivUserGroup
  • Make sure Exchange webservice is accessible from the CRM server
  • Make sure the account's mailbox is not over-limit
  • While configuring incoming profile enter credentials as 
    • domain\user (not user@domain.com)
If you are using a service account to access the mailboxes of other CRM users and/or queues then check the following
  • Make sure service account's email address is available in Exchange's Global Address List (GAL)
  • Make sure service account has full rights on the mailboxes.
  • Adding a Management Scope for the service account to impersonate other users.

For us, this issue was resolved by creating a mailbox for the service account and exposing it to the Global Address List (GAL). You may be able to resolve this issue without creating a mailbox for the service account but it must not be hidden from the GAL.

Monday, 24 June 2013

CRM 2011: SSRS custom report query returns blank report when queried against Filtered Views

Problem

SSRS custom report returns no data or blank report when queried against Filtered views and returns data when queried directly against the database table.

Please bear in mind that writing a SQL query against the table is not supported/recommended by Microsoft and there is a good reason for it.

By writing a SQL query in your report that directly retrieves data from the database table, you are bypassing the CRM security and allowing users to see anything and everything, WHICH IS WRONG!

The ONLY way to query CRM data in your custom report is to do it through Filtered views.

Solution

Add the user to "PrivReportingGroup" group in your Active Directory.

Other things to check 
  • Make sure SSRS report’s "Data Source" connection is using Windows Authentication.
  • “MSCRM_DataSource” should be used as data source in SSRS (shared) and should be using Windows Authentication.
  • Find “ReportingGroup” under SQL security and add this group as dbReader on CRM database.

Wednesday, 12 June 2013

CRM 2011: The Relationship with name = was not found in the MetadataCache - N:N relationship

Error:

The Relationship with name = <relationship_name> was not found in the MetadataCache.
 If you encounter this error while dealing with N:N native relationship in CRM 2011 (especially in custom code), first thing you might want to check is the N:N native relationship itself.

When we create a native N:N relationship between the two entities, upon selecting entities CRM itself populates the following fields with the same value
  • Name (maximum 45 characters allowed, including "new_")
  • Relationship Entity Name (maximum 43 characters allowed, "including new_")
for some reason the "Name" field is limited to have maximum of 45 characters and
"Relationship Entity Name" is limited to have maximum of 43 characters.

so if the schema names of the entities are long enough to exceed the limit then extra characters will be truncated to be different because of different lengths allowed.

Solution:

Delete the existing N:N relationship and create a new one with shorter values in "Name" and "Relationship Entity Name" fields.
I entered the same values because i don't think it matters. You can try with different values, I think the key is to have shorter values.

Monday, 3 June 2013

CRM 2011: Understanding Security Model - Part 2

This post is the continuation of my earlier post titled Understanding Security Model - Part 1
 
In this post we will cover following topics of Security Model
  • Role based Forms
  • Security Principals
  • Security Dependencies
  • Authentication Methods

Role based Forms

Microsoft Dynamics CRM 2011 allows us to have multiple forms per entity, this equips us to enhance the user experience by exposing different data fields/content to different users based on the security role assigned to them.
 
We can have role based forms/pages without having to create stop-gap solutions and the CRM platform determines the page content visibility based on the security role assigned to a user.
 
Users can see all the forms available to their roles and have the ability to switch between the forms, we can also do client-side scripting to switch forms based on different business rules (can be data driven rules).
 
Overall, client-side scripting to hide/show controls on a form is more efficient approach rather than using different role based forms as it does not require page refresh (switching between forms require page refresh).
 
This feature is automatically enabled for all entities in the system.
 

Security Principals

Microsoft defines "Security Principal" as a user or team who owns or have rights to access an entity instance(record). Entities are either owned by Organization or User/Team.
 
Examples of User/Team owned and Organization owned entities are
  • User/Team owned entities
    • Account
    • Contact
    • Case
  • Organization owned entities
    • Product
    • System User
    • Price List
In principal, reference entities should be Organization owned and other entities should be User/Team owned so that a specific user or team owns an entity instance. However an architect can design it differently based on business needs and other preferences.
 
Entity records are assigned to a specific a user or a team, who is the owner of the entity record.
Entity instances can also be shared with other users or teams so that they can get access to the entity instance/record and perform actions on it, sharing a record with a team allows the members of that team to access/perform actions on that record.
 

Security Dependencies

As discussed in the part 1, every user in Microsoft Dynamics CRM must be assigned a security role which defines their respective access rights.
There are some security dependencies and to perform a particular operation, it is required to grant more than one access right.
 
Consider this example
 
"Create" access right is required to create an entity instance, however user must also be granted "Read" access right on that entity to enable the user to successfully create an entity instance or record. So in this case "Create" access right is dependent on "Read" access right.
 
Another type of security dependency exists when an object is dependent on another object OR in other words when object is subordinate of another object.
 
Like for example, a Case object cannot exist without customer entity(Account or Contact) so in order to create an instance of Case object, user must have rights to attach it to a customer entity instance (Account or Contact). User must have the following access rights in addition to "Create" and "Read" access rights to be able to create an instance of a Case object.
  • "AppendTo" access right on Customer entity (Account or Contact) so that user can attach an object/entity instance to Account or Contact entity instance.
  • "Append" access right on Case entity so that a user can attach Case object to another entity.

Authentication Methods

Microsoft Dynamics CRM 2011 offers two authentication methods
  • Active Directory Authentication
  • Claims-based Authentication

Active Directory Authentication

Microsoft Dynamics CRM sends request to Active Directory for authentication and IIS manages authentication for CRM web application, on the other hand if CRM SDK application sends request to Active Directory for authentication then WCF manages the authentication process.

Claims-based Authentication

Microsoft has created Windows Identity Foundation(WIF), a security framework which implements claims-based authentication.
Microsoft Dynamics CRM 2011 uses WIF framework for claims-based authentication.
 
Claims-based authentication presents user's identity to the application as a set of claims, Microsoft Dynamics CRM 2011 then passes on that claim to Security Token Service (STS).
The STS is then responsible for actual authentication, not Microsoft Dynamics CRM.
 
To implement claims-based authentication, we need STS to be hosted on the server, it can be based on Active Directory Federation Services (ADFS) 2.0
 
For further details, please refer to Microsoft's official training material.