Archive for the ‘Dynamics 365’ Category

Dynamics 365 – Different types of User Accounts and License consumption

Other day I was asked a question “What are the options to create/migrate users in Dynamics 365 application with no license consumption”

The options are

  • Create a User of type ‘Stub User’ which does not consume license
  • Sync a User from O365 to Dynamics 365 and remove the license later. This approach deactivates the User in D365 and free up the license.
  • Create an Application User
  • Create an Administrative User account
  • Create a Non-Interactive User account

To know different options is crucial, especially, when you are migrating the Users from legacy systems and the Users are not expected to access the D365 application which should not cost any licenses.

In this article, I am going explain the different type of Users and how they consume the licenses.

Administrative User Account:

  • An Administrative user is a user, who has access to the Settings and Administration features but has no access to any of the customer engagement functionality.
  • Since the administrative user does not have access to customer data and any of the customer engagement functionalities, it does not require a Dynamics 365 (online) license.
  • To create an ‘Administrative User’
    • Create a User in Office 365; (Admin Center -> Users -> Active users -> Add a user)
  • User2
    • Assign a Dynamics 365 license under ‘Product licenses’ tab.
  • User3
    • Go to D365 application and open the User record
    • On the User form, under ‘Administration’ tab, ‘Client Access License (CAL) Information’ section and select “Administrative” for Access Mode.
  • User1
    • Final step is, remove the Dynamics 365 license of the User from Office 365, so that you can free the license and still the User can login to the application as ‘Administrative’

Non-interactive User Account:

  • Non-interactive user is not a physical User and It is used for programmatic access to and from Dynamics 365 between applications.
  • Non-interactive user let applications (i.e., Consoles, SSIS packages or ERP connector etc.) authenticate and access Dynamics 365 (online), without requiring a Dynamics 365 (online) license.
  • Creation of Non-interactive user account is same as Administrative User Account, except setting the Access Mode to ‘Non-interactive’
  • There is a limit of five non-interactive user accounts

Application User Account:

  • ‘Application User’ is used while establishing server-to-server (S2S) authentication
  • ‘Application User’ with conjunction of Azure Active Directory (Azure AD) will establish S2S authentication.
  • ‘Application User’ does not consume license.
  • Application users are created with a non-interactive user account, however they are not counted towards the 5 non-interactive user accounts limit.

Stub User:

  • Stub user cannot log in, cannot be enabled, and cannot be synchronized to Office 365 and will not consume license.
  • Stub Users are designed for records that have been imported that refer to this user but the user does not exist in Dynamics 365 (online).
  • Stub users are user records that are created in Dynamics 365 using Data Import or using the Create or Create Requests methods of the SDK.

Licensed User:

  • Licensed user is an User whom gets created in O365 with license and synced to D365.
  • Licensed users must be assigned at least one Dynamics 365 security role to access Dynamics 365 (online).
  • The service does not allow access to users who do not have at least one security role.
  • Removing all security roles from the user prevents the user from signing into and accessing Dynamics 365 (online). However, it doesn’t remove the license from the user.

Refer article for more details.




Dynamics 365 – How to get App URL

Using PowerApps, we can create custom business apps comprised of components such as entities, dashboards, forms, views, charts, and business processes.

Its convenient way to package and provide the components which are matter to the Users.

Lets take a scenario to understand this better

  • A sales company has users having ‘Sales Persons’ and ‘Sales Managers’ roles
  • Sales Persons are intend to access only Accounts & Contacts
  • All I need to do is create an App with those entities and grant App access to ‘Sales Person’ security role. Refer my previous article.
  • Share the ‘App’ URL to the Sales Persons

Below are the steps to get the ‘App’ URL:

  • Open the Dynamics Application
  • Navigate to Settings -> My Apps -> Published Apps -> {Your App} -> Click on and then click ‘Manage Roles’


  • Expand “App URL Suffix” tab
  • Click on ‘Copy’ icon to copy the URL

App URL-2

  • Share the URL to users and when they access,  they will directly taken to the ‘App’

App URL-3

What is App URL Suffix

  • The app URL is automatically populated based on the App name that you specify.
    • In my example, my ‘App’ name is ‘HelloWorld’ and hence ‘App URL Suffix’ is set to ‘HelloWorld’
  • The app URL must be unique.
  • Below are the URL syntax


Categories: Dynamics 365 Tags: ,

D365 – Unified Interface – Create an App and Grant App access to a Security Role

August 2, 2018 1 comment

In this article, I am going to provide steps to create new App and how to grant the App access to a particular Security Role.

Prerequisite to create App:

User must have the following privileges to create App:

  • Create, Read, and Write privileges for the “App” entity
  • Read and Write privileges for the “Customizations” entity
  • Read privileges for the “Solution” entity

Steps to create App:

  • From your Dynamics Application, go to Settings -> My Apps -> Create new App
  • You will be redirected to “Create a New App” window
  • In this example, I am going to use “Existing Solution” to add the App (Note: If any site map is available for the selected solution, the Select Sitemap drop-down list will appear when you clicked ‘Next’.)
  • Select the “Client” (Web/Unified Interface)
    • Web: This is the classic Dynamics 365 web browser client.
    • Unified Interface: This is the newer responsive web browser client that has a similar interface across PC and mobile devices.


  • Click ‘Next’ to select the ‘Solution’
    • Note: ‘Next’ button will be available only if you select ‘Use existing solution to create the App’


  • Click ‘Done’

Add components to the ‘App”:

  • Next is add the components (i.e., Entities, Dashboard, etc..) to ‘App’
  • In this example, I am adding ‘Account’, ‘Contact’ entities to the Sitemap


  • Once you add all components, click on ‘Save’ and then ‘Publish’

Publish The ‘App’:

  • Once you create the App, next step is to ‘Publish’ so that it will be available for the respective users.
  • Go to Settings -> My Apps -> Apps Being Edited
  • Pick your App and click on and then click ‘Publish’


  • Post ‘Publish’, App will be available under ‘Published Apps’ section

Grant App access to a Security Role:

Lets grant the access to Users who has ‘Sales Person’ security role.

  • Select your App from Settings -> My Apps -> Published Apps
  • Click on and then click ‘Manage Roles’


  • Under the ‘Roles’ section, pick the ‘Security Role’ which you would like to grant App access to.


Troubleshooting steps If App is not accessible:

  • Once you grant App access to a security role and if the App is not accessible, make sure the ‘Security Role’ has ‘Read’ privilege on ‘App‘ entity


Package/Delete an app:

  • ‘App’ can be added as Solution component and can be moved between Dynamics applications
  • To delete the ‘App’, navigate to Solution -> Components ->Apps, select the App and click ‘Delete’



Dynamics 365 – Read Auditing

One of the much awaited features ‘Read Access Audit‘ is being roll out in the latest version of Dynamics 365 online.

Enable ‘Read’ Audit:

  • Connect to your Dynamics 365 application.
  • To enable Audit, choose Settings > Administration > System Settings > Auditing tab

Read Audit

Access Audit Data:

  • Audit data can be viewed by connecting to the Office 365 Security and Compliance Center.
  • Connect to > Search & investigation > Audit log search and select the Dynamics 365 activities tab

Read Audit Reports

Refer this article for more info.


Dynamics 365 – Broken ‘Notes’ control on the form and Fix

If you have upgraded to latest Dynamics 365 version or subscribed for 30 days trail and could not add a note or attachments in ‘Notes’ tab on form, this fix is for you.

Problem statement:

  • Could not add a Note or add attachment from ‘Notes’ control on form.
  • ‘Notes’ panel rendering as below with no ‘Enter a Note’ option


  • It seems product issue and will be fixed in future updates.

Fix worked for me:

There is no documented fix for this, however below steps worked for me.

  • Open the entities ‘Customization Form’ which you have problem with.
  • Double click and open the ‘Notes’ tab


  • Under ‘Web Client Properties’, select ‘Default tab’ property as highlighted below.


  • Save & Publish
  • Go back to the form and refresh.
  • You should see option to add Note.




D 365 – ‘Voice of the Customer’ solution installation failed

Other day, I was getting solution installation failure error while installing “Voice of the Customer” on my trail instance.


Issue was persisting even after multiple retries.


  • I tried to install solution from “Manage your solutions” screen, which is the reason for failure (This approach used to work in CRM 2016 till Dynamics Version 9)
  • This is not the proper way of installing ‘Voice of the Customer’ solution from Version 9, as per the documentation available here


So the right way to install  ‘Voice of the Customer’ solution, from V9, is from ‘Applications’ tab of your ‘Dynamics 365 Admin Center’

  • Connect to your Office 365 Portal
  • Go to the Dynamics 365 Administration Center, and then select the Applications tab.
  • Select the application row titled Voice Of The Customer, and then select Manage.


  • In the next screen, pick your instance and click ‘Install’


  • To track the progress, go to “Dynamics 365 Administration Center“, Select the instance name, and then select Solutions.
  • The status is displayed in the Status column.

To know more on the usage of ‘Voice of the Customer’ solution, refer my article

Quick Notes:

  • Up on the ‘Voice of the Customer’ solution installation, a new “VOC Push Service user”  (Application User) is created automatically.
  • This Application User will allow Voice of the Customer Azure service to authenticate with Dynamics 365 using Server-to-Server (S2S) authentication.
  • As this “VOC Push Service user” is an “Application User” no additional license will be consumed.
  • To know more about S2S authentication with Application User, refer my article