We use Microsoft Dynamics CRM 2016 that we host ourselves (not the Online version). We have a certain custom field that we need to encrypt on the database level (probably using the symmetric encryption within SQL database). This way nobody can break into our database and query that sensitive information.
Is it possible to do this within Dynamics CRM?
You could do that in a plugin for string or memo type attributes. Register plugin steps on the pre create and pre update messages for the entity. Your plugin can encrypt strings that pass the plugin pipeline. String attributes in the Target entity (found in the InputParameters collection in the IPluginExecutionContext object) can directly be modified.
When the encrypted field only needs to be accessed in web forms, it is enough to register a third plugin step on the post retrieve message for the same entity. In the OutputParameters collection the retrieved entity can be found. The string attribute can be decrypted on the fly.
Related
The Account Entity has an OOB field called Address Type and default values are Bill To, Ship To, Primary and Others. By mistake, we deleted the values Bill To and Ship To from the Default solution. From then onwards we are not able to open the form containing the Address Type field unable to open the Field again to re-add the values and also unable to add any new business rules or modify existing business rule for the Account Entity.
Please note: From the Account form if I remove the Address Type field, then my form is opening without any errors.
We're using Microsoft Dynamics CRM 2016 on-premise. Is there a way to do a database query on the default form that users will see for a specific entity?
The reason I ask, we have a user that has an error when opening an email form:
systemform With Id = a7415a93-0113-4d90-80cd-280e28dfb4f7 Does Not Exist
This might have been an old form that has long been deleted from our system, and I'm wondering if there are any other users that might have this default systemform ID, as it will prevent them from opening that entity.
Users' most recently viewed forms are stored in the UserEntityUISettingsBase table. You can query the UserEntityUISettings view to see if any users are having the given form as their default form:
SELECT * FROM UserEntityUISettings
WHERE LastViewedFormXml LIKE '%a7415a93-0113-4d90-80cd-280e28dfb4f7%'
Keep in mind that it is entirely unsupported to update the database directly, so I would strongly recommend that you only stick to querying. If you find any forms this way, you should change them in a supported manner.
I have written a plugin in dynamics CRM. This plugin accesses a few Web API 2 methods that are deployed in Azure cloud (via HTTPS). The plug-in is triggered when a contact data in the CRM changes. Many CRM account holders will update the contact data.
I am going to hard code a 'secret key' (a one time generated Guid) in the plug-in and send this key every time I access the web api methods. I'll validate this guid in the web api methods to prevent un-authorized access.
I do not like to store the secret key (guid) in the source code.
Questions
What are my alternatives if do not want to 'hard code' the secret key?
What are the security flaws in this approach?
Note
In general, all my Web APIs are authenticated by a custom authentication web api filter, but the Web APIs that are accessed from the plugin are not part of the custom authentication.
CRM version is 2013
As the previous answers states, the first option is to store your information in a configuration custom entity that you can retrieve from your plugin. Those records are going to be protected by the CRM security model, so if your plugin is running in the calling user context you will need to make sure that the users have privileges to read that information (not really a good idea) or change the plugin to be executed under an admin user context.
Another option is to use Secure/Unsecure Configuration:
Those are two (string) parameters that you can configure within the step and you will be able to read them from the plugin. I would say that the secure configuration fits your requirement but give it a look. You can also easily find how to implement it (example).
The third and last option that I can think of, is to create an XML WebResource and read it from the plugin. Again, you will need to make sure that the user context under the plugin is running has access to it.
I don't think this approach will ever be secure.
It's possible to extract the plugin assembly from CRM. Someone could then disassemble the assembly and find the Guid. Effectively your password is stored in plain text.
At the very least you could store the user name/password/secret key in a CRM record. The CRM record can then be protected with CRM security.
You are probably better off implementing the authentication 'normally'.
the email router configuration manager was unable to retrieve user and queue information from the microsoft dynamics crm server . this may indicate that the microsoft dynamics crm server is busy . verify that url * is correct . additionally this problem can occur if specified access credentials are insufficient . to try again click load data the entity with a name = officedocument was not found in the metadata cache
how can i fix it ?
Are you sure about entity name? I mean, when you create a custom entity it have a prefix, by default "new_".
For instance, when you create a new Entity, depending on the prefix of your organization, it will be like: "stck_officedocument" or "new_officedocument" etc.
Check it and then change for the correct name.
"officedocument" entity only available in Microsoft Dynamics CRM Online not in on-premise
https://msdn.microsoft.com/en-us/library/gg328086.aspx
best regard
Mani
I am integrating MS Dynamics CRM online with my ASP.Net MVC application. I am creating a synchronization process between both. I'm stuck at the point where
I need to check if user has entered valid CRM credentials ie. server address, domain, username and password etc. I am not sure which class is to use for that?
I want to create multiple entities of same type in a single go in CRM online from my Application. Currently I am using ServiceProxy's Create() method to do so . How can I create , for instance, 10 contacts in a single request ?
Is there any way to send list of objects to CRM server and create
them there?
To check I believe the easiest way is just execute call for example of WhoAmI message. If it would not throw an exception - that will mean that credentials are correct.
You should look at ExecuteMultiple message.