Posts Tagged ‘Configuration & Deployement’

How to pass Entity GUID and Entity Type to Custom Applications hosted in IFRAME

Passing Entity Unique identifier (GUID) and Entity Type to Custom application hosted in IFRAME is a two step process.  

  1. Open the IFRAME properties window and click checkbox named: Pass record object type and unique identifier as parameters.


2.      Now you need to specify in your custom application variable for both. For Entity Type use ObjectTypeCode (Gets the integer code of the entity that the form is displaying (1 = Account, 2 = Contact, and so on). And for Entity unique identifier use ObjectId (Gets the entity GUID that the form is displaying. This property returns null if the form is in Create mode). Both these variable are now accessible to your custom application through query string parameters.


Back up Microsoft Dynamics CRM 3.0 system

Last month, i have come accross a whitepaper regarding Back Up of MSCRM system. Backing up MSCRM System is not a simple task. Backup requirements vary according to the servers involved. The following table provides a summary of what to back up for Microsoft CRM. For in detail backup plans please look into the following whitepaper:

Server What to back up for Microsoft CRM Comments
Domain controller Full
Exchange server Backup not required by Microsoft CRM. Backup may be required for Exchange purposes.
SQL Server Organization_name_MSCRM
Backup should be done using SQL Server Enterprise Manager.
The Organization_name_MSCRM and ReportServer databases should have full database backups and transaction log backups.
For databases that are not updated frequently, such as msdb and Organization_name_METABASE, you may choose only full database backup.
Backup of the master and msdb databases are not required by Microsoft CRM but should be part of an overall backup strategy.
Microsoft CRM server ISV.config and OutlookClient_sample.xml
(Default location: c:\Inetpub\wwwroot\_Resources)
(Default location: c:\Inetpub\wwwroot)
Miscreports folder
(Default location: c:\Inetpub\wwwroot)
ISV.config, OutlookClient_sample.xml and web.config are required only if these files have been changed from the default settings. The file location assumes the installation occurred at the Default Web Site.

HTTP status 401: Unauthorized errors

If you are a victim of “HTTP status 401: Unauthorized error” then please try the following tip. It may work for you.

To cache the credential of users PreAuthenticate property of both CRMService and MetadataService is used. But sometimes this behavior causes “HTTP status 401: Unauthorized errors” Error. Therefore, Microsoft recommends avoiding the PreAuthenticate property in your code at this time.


Active Directory Security Groups for MSCRM

When developing custom applications or MSCRM integration with SharePoint, security issues are the prime concerns. In order to handle these issues, one must need to know the internals of MSCRM security and how it interacts with Active Directory.  Microsoft Dynamics CRM stores user information in Active Directory to provide application security. For this purpose, the following Active Directory groups are added to the Organizational Unit specified during installation: 

  1. UserGroup
  2. ReportingGroup
  3. PrivUserGroup
  4. SQLAccessGroup

All Microsoft CRM users. This group is updated automatically as users are added and removed from Microsoft CRM. 

A group that contains all users within Microsoft CRM. This group is updated as users are added to Microsoft CRM. Users in this group have read-only access to the filtered views in the Microsoft CRM database. 

Privileged Microsoft CRM user group for special administrative functions. 

A group that contains Microsoft CRM ASP.NET account and other service accounts. Members in this group have full access to the Microsoft CRM database and this group is used by the Microsoft CRM platform layer. End users should never be added to this group. Now instead of adding each user and granting him access to SharePoint Libraries, try adding these security groups and setting permissions as given in the screenshot below:


Use these two SQL queries to get these groups at your system: 

  • SELECT SqlAccessGroupName FROM FilteredOrganization
  • SELECT ReportingGroupName FROM FilteredOrganization

When developing applications/add-on, please consider these scenarios:

  • Callout and Workflow .NET assemblies typically run under the context of the local machine’s Network Service account.
  • Code called from the client using a custom script typically runs under the context of the logged on user.
  • Code called from the server using an ASPX page running in a Virtual Directory or other Internet Information Services (IIS) site typically runs under the context of the logged on user.

So, configure proper security roles to your users before setting up add-on/custom applications/callouts/workflows. 

For information on how to grant access to your user, please look into MSCRM SDK “External Components”  

For Information on how to manage security at Reports, please look into MSCRM Implementation guide “Understanding Report Permissions”.