Office 365 Administration

Microsoft Authenticator app sign-in method types for Microsoft 365 account | Office 365

priyeshwagh777 Office 365 Administration , , , , , ,

In case you are setting Authenticator app for accessing your Office 365 account, you have 2 options of authenticating using the Authenticator App from you phone – Notification based and Code based. And see how you can change the preferred method to either of these types!

Notification Based

Here’s how the notification based authentication works –

  1. When you enter your username and password, you’ll see this on your browser intimating that the Approval request has been sent to your phone.

  2. On the phone, you’ll receive the below

  3. And upon opening the notification, the Microsoft Authenticator App will be opened and the permission to Approve or Deny the authentication request for your account will pop-up.

  4. Once you click on Approve, you’ll be able to login.

Code Based

And when Code based method is selected, you’ll see the below –

  1. On the browser when you enter your username and password, you’ll see the below waiting for you to refer to the Authenticator App and enter the same from your phone.



  2. Once you open the Authenticator App and open the Account which you are trying to log in, you’ll see a code in bold letters which refreshes after a time frame.

  3. Once you enter this code, you’ll be able to log in.

Changing the Authentication Method

Here’s how you can change the type of authentication method when you log into your Office 365 –

  1. Navigate to the menu on the top right.

  2. Now, on the left hand side, look for Security Info.

  3. You can then see the different authentication methods you’ve entered like phone, authenticator app etc.
    For simplicity, I only have 1 entered i.e. Authenticator App [Microsoft Authenticator].

    And now, since Microsoft Authenticator is set as the default method, I’ll also get an option to change the type of authentication set.

  4. I’ll get two options –
    “App based authentication – notification” – This will show a pop-up on the phone in the form of a notification which you can choose to Approve or Deny.
    “App based authentication or hardware token – code” – This will need you to open the Microsoft Authenticator Apps in your phone and then look for the code in the account and enter it when asked as seen in this post above.

  5. So, you can select the other method apart from the one you have selected and you should be good to go.


Hope this helps!

Here are some Power Automate posts you want to check out –

  1. Select the item based on a key value using Filter Array in Power Automate
  2. Select values from an array using Select action in a Power Automate Flow
  3. Blocking Attachment Extensions in Dynamics 365 CRM
  4. Upgrade Dataverse for Teams Environment to Dataverse Environment
  5. Showing Sandbox or Non Production Apps in Power App mobile app
  6. Create a Power Apps Per User Plan Trial | Dataverse environment
  7. Install On-Premise Gateway from Power Automate or Power Apps | Power Platform
  8. Co-presence in Power Automate | Multiple users working on a Flow
  9. Search Rows (preview) Action in Dataverse connector in a Flow | Power Automate
  10. Suppress Workflow Header Information while sending back HTTP Response in a Flow | Power Automate
  11. Call a Flow from Canvas Power App and get back response | Power Platform\
  12. FetchXML Aggregation in a Flow using CDS (Current Environment) connector | Power Automate
  13. Parsing Outputs of a List Rows action using Parse JSON in a Flow | Common Data Service (CE) connector
  14. Asynchronous HTTP Response from a Flow | Power Automate
  15. Validate JSON Schema for HTTP Request trigger in a Flow and send Response | Power Automate
  16. Converting JSON to XML and XML to JSON in a Flow | Power Automate

Thank you!

Advertisement

Access Customer Insights in your Office 365 tenant

priyeshwagh777 Dynamics 365, Office 365 Administration , ,

As a newbie to Customer Insights myself, I struggled to find where from Office 365 or Dynamics itself do I access Customer Insights!

I tried looking in the Office 365 under All Apps, I couldn’t find it as any other App

Here’s a direct link for the same –

Use this link in the O365 Logged In browser to access Customer Insights – https://home.ci.ai.dynamics.com/ (Bookmark this 😊)

And you’ll be taken to the Home Page which appears like this –

Alternatively

You can also search for Customer Insights and it’ll give you the Log In page as below from which you can click on Sign In –


And the first result will open the Sign In page for Customer Insights if you are already logged in the browser with the O365 account already.

From Admin Portal

Here’s how you access it from the Office 365 Admin Portal.

  1. Go to Admin Center area in M365 Admin Center and click on All admin Centers. It’ll show the list of all Admin Centers in your tenant.

  2. Clicking on Customer Insights there will then open up the Customer Insights and will help you navigate from choosing between Audience Insights / Engagement Insights (preview at the time of this post)

Hope this was helpful! Here are some more Dynamics 365 posts which you might be interested in –

  1. Dynamics 365 Storage Utilization | Dataverse Storage | Power Platform Admin Center
  2. Use Hierarchy in Roll Up Fields in Dynamics 365 CRM
  3. Filter records in a View owned by a Team you are a member of | Dynamics 365 CRM
  4. Get GUID of the current View in Dynamics 365 CRM JS from ribbon button | Ribbon Workbench
  5. Dynamics 365 App For Outlook missing on SiteMap in CRM? Use shortcut link [Quick Tip]
  6. Import lookup referencing records together in Dynamics 365 CRM | [Linking related entity data during Excel Import]
  7. Mailbox Alerts Hide/Show behavior in Dynamics 365 CRM
  8. Excel Importing Notes (Annotation) entity in Dynamics 365 CRM
  9. Enable/Disable the need to Approve Email for Mailboxes in Dynamics 365 CRM CE
  10. Call Azure Function from Dynamics 365 CRM using Webhooks
  11. Show Ribbon button only on record selection in Dynamics CRM
  12. Accessing multiple occurrences of a field in Business Process Flow using JS in D365 CRM

Thank you!!

Admin Center URLs under M365 – Power Platform, Teams, SharePoint, Power BI

priyeshwagh777 D365 Admin Center, Office 365 Administration , , , ,

Here’s a quick summary of the Admin Center URLs of each of these Dynamics 365 / Power Platform Admin Centers –

All Admin Centers under M365 Admin Centers

Here’s the link to all Admin Center under your O365 tenant based on your subscription and your Role in the tenant – https://admin.microsoft.com/Adminportal/Home?source=applauncher#/alladmincenters

Power Apps / Power Automate / Power Platform Admin Center (PPAC) / Dynamics 365

Here’s how you can access the Power Platform Admin Center

  1. http://admin.powerplatform.com/ – It will redirect to –
    https://admin.powerplatform.microsoft.com/

    From here, you can access the D365 Environments

Power BI Admin Portal

Here’s the URL for the Power BI Admin Portal – https://app.powerbi.com/admin-portal

It’ll open up the Admin Portal which looks like this

SharePoint Admin Center

Here’s how you can check the link of the Admin Center for SharePoint – https://cft158-admin.sharepoint.com/

So basically, https://[domain]-admin.sharepoint.com/

Here, domain is the one that you created while creating the tenant. Example: you didn’t add a custom domain and your domain then look like this in your username admin@[cft158].onmicrosoft.com

And it will look like this –

Teams Admin Center

Here’s a link to the Teams Admin Center and it’ll look like below- https://admin.teams.microsoft.com/dashboard

Hope this was useful.

Here are some more D365 / Power Platform Admin related posts which might be helpful –

  1. Turn Teams On / Off at Org Level, provisioning users | M365 Admin Center Tip
  2. Convert environments between Production and Sandbox | Power Platform Admin Center [Quick Tip]
  3. Create new Sandbox and copy Production over to it in PowerPlatform Admin Center
  4. New ‘Capacity’ analytics on PowerPlatform Admin Center
  5. Create new CDS Environment and Database quickly from PowerApps Admin Center
  6. Sign up for a Dynamics 365 Project Operations (Lite Deployment) environment and provision a new instance | Power Platform

Thank you!

Turn Teams On / Off at Org Level, provisioning users | M365 Admin Center Tip

priyeshwagh777 Office 365 Administration , ,

Here’s a tip you’ll probably need. You can quickly turn Teams On/Off at the Org level.

Typically, if the Teams is not enabled at the Org Level, you’ll see this error message

if you click on the Enable Teams button, it’ll take you to this Microsoft Docs page – https://docs.microsoft.com/en-us/MicrosoftTeams/office-365-set-up?WT.mc_id=DX-MVP-5003911

Turn Teams On or Off at Org Level

To skip searching through the Microsoft Documentation on turning Teams On at the Org Level, do the following –

  1. Go to the Microsoft 365 Admin Center, then look for Settings, expand it. Then, go to Org settings


  2. Now, look for Microsoft Teams in the list of Services. Click on it.

  3. Once the Teams’ Settings open, you can see that you can either enable the Team On or Off for all Users. Also, you can manage Guest Access as well.

Check Teams Provisioning Access

Post the above, there might be a few users or new users who might have been Teams provisioned through their licenses.

Here’s how you can check it –

  1. Use this link to check if Teams has bee provisioned to the users or not – https://admin.microsoft.com/AdminPortal/Home#/teamsprovisioning

  2. If not assigned yet, make sure you enable Microsoft Teams for the users by going into their Licenses and expanding Apps section.

    And then, look for Microsoft Teams

  3. Teams should then be enabled for Users.

Hope this helps. Here are some more Office 365 / Microsoft 365 Admin / Teams related posts you might want to check –

  1. Adaptive Cards for Teams to collect data from users using Power Automate | SharePoint Lists
  2. Adding a Canvas PowerApp to Teams
  3. Import multiple Users in Office 365
  4. Office 365 Admin: Quickly Enable Multi-factor authentication for users
  5. Create new Sandbox and copy Production over to it in PowerPlatform Admin Center
  6. Restrict User Access to a D365 instance using Security Groups
  7. D365 Quick Tip: Audit User Access in Dynamics 365 v9 CRM

Thank you!

Retrieve only active Dynamics 365 CE licensed Users in CDS connector in Power Automate

priyeshwagh777 CRM with .NET Web Applications, Office 365 Administration, Power Automate, Power Platform , , , ,

Let’s say you have a requirement where you want to work only on Dynamics 365 and you are using Office 365 Get User Profile action to retrieve all users.

In this example, I have some Dynamics 365 Customer Engagement licenses assigned to uers. And I want to retrieve only the Active D365 Users in my Common Data Service Connector.

Here’s how I do it –

Retrieve Users with Filter Condition

Now, the best thing you could do is identify what is the userlicensetype field of other Dynamics 365 users you might have retrieved in your previous executions.

licenseTypeFilter

I’ve used the query userlicensetype eq 6 to query for Active D365 users

If you want to retrieve Users who have been Disabled, you can check by using userlicensetype eq -1

Note: You’ll need to check the respective values for other users who have licenses like Team Member or Sales Professional. Since I haven’t tried those, I don’t have their exact number codes. Best way is to identify a user whose licence configuration you are looking for and look for their userlicensetype field value in Flow.

Result

This gave me only those users who have D365 Customer Engagement License assigned to them
4retrieved

And if I look at my O365 Portal, I can see that 4 users have the Dynamics 365 Customer Engagement License
D365Licensed

There are even more ways you can use to identify for different licenses used. I recommend it’s good practice to retrieved only those users which are needed for your operation.

If you’re also looking to secure the Input/Output data in Flow, refer this Secure Input/Output in Power Automate Run History

Hope this helps!

Create a support Queue in Dynamics 365 CRM

priyeshwagh777 CRM with .NET Web Applications, D365 Admin Center, dynamics 365 administration, Office 365 Administration , , ,

I thought I should share my best practice of creating a quick Support Queue purely to receive Emails in Dynamics 365.

In my example below, the support email address is a User in Office 365 assigned any license that has Exchange Online service present. My example user needn’t have a Dynamics license for purely for the purpose of a Queue. Your application may vary.

Let’s take a look!

Support Queue Email

Now, typically a Support Queue’s Email is purely to track support requests raised over the email address provided. Typically, support@emailaddress.

  1. To start off, I’ll create a user in Office 365 called Support Queue and the login address I choose is support@cft146.onmicrosoft.com and assign only the license which is needed for the Queue i.e. any license having Exchange Online service in it, (E5 in my case) you may chose any other.
    licenseAssigned.png
  2. Then, I make sure my Mailbox is created in a few minutes post assigning the licence and then I’m good to go once I setup the Timezone and Language on the mailbox.
    mailboxReady.png

 

Create a Queue in D365 CE

  1. In D365 CE, directly head-over to create a Queue in D365. Assuming you are a System Admin, head over to Settings > Service Management and go to Queues. And then create a new Queue.
    queueInD365

    newQueue

  2. Enter the details as below, remember to keep the email address the same as the Exchange Email address for this user and click Save.
    createQueueDirectly.png
  3. Once you click Save, the Mailbox will be automatically created.
    SupportQueueMailBoxCreated.png
    That’s it. Now, let’s head towards enabling the mailbox for Server Side Sync.

Enable Server Side Sync on the Support Mailbox

To enable Mailbox, the Email address needs to be Approved by the Global Administrator of O365. [Your org could even be set to not requiring any Approval prior to enabling synchronization, you may need to ask you Admin for the same]. But assuming it’s required – approveEmail

Note that Incoming Email and Outgoing Email above is set to Server-side Synchronization or Email Router. [Incoming enabled is a must to receive emails in the system]. Click OK.
clickOKApprove

Once this is confirmed, see in the next step – the warning message disappears which is shown previously and you can now Test & Enable Mailbox for Server Side Sync. Now, click on Test & Enable Mailbox
test&Enable

Make sure that if you have multiple environments and you want to sync with only the current environment, check the option as below and then confirm.
confirm1EnvironmentOnly

Now, once the test is completed, you’ll be able to see the Success in the Active Mailboxes
enabledSuccessfully.png

 

Testing the Queue

Now, the Queue is ready to receive emails already. If you take look at the Queue, the test emails must have already come in by now.
QueueIsCorrect.png

Now, let’s say that a user has submitted an email to support@cft146.onmicrosoft.com [Your support email here 🙂 ], it will appear in the Queue as below
emailSent.png
itemReceived.png

And then you can continue to build your Queue use cases as per your requirements.

Hope this helps!

Import multiple Users in Office 365

priyeshwagh777 CRM with .NET Web Applications, Office 365 Administration ,

One of the common asks to import multiple users in Office 365 is to be able to create multiple users in most efficient way possible.

Here’s a quick guide to do so using Import multiple users feature in Office 365 Admin Center.

Download Template for Importing Users

  1. Let’s say you are in the Admin Center using portal.office.com. Under Users, You’ll find a button to Add Multiple Users
    addMultipleButton
  2. And the feature let’s you download a template with some sample data in case you’re unsure of what to enter.
    downloadTemplate.png
  3. Once downloaded, you’ll get the Excel in your system
    downloaded
  4. Now, you’ll see some sample data which you can simply delete to add your actual data.
    sampleData.png

    deleteSampleData.png

  5. And let’s say, your data looks like this. I’ve added Kuldeep Gupta and Subhash Mahato, 2 users with some info.
    sampleData

Import Back into O365

Now, we are set to import this in O365.

  1. On the same feature, look for Browser button to import.
    browserExcel
  2. Click Verify to validate the info entered for any errors. Once verified, you can click Next.
    verify
    clickNext.png
  3. On the next step, I’ll assign licenses and proceed by clicking Next.
    assignLicenses
  4. Once the processing is done, users will be added
    importCompleted
  5. And you’ll see 2 new users in O365 with the selected licenses
    2newUsers.png

Hope this was easy! 🙂

 

Use Azure App Passwords for MFA enabled D365 authentication from Console App

priyeshwagh777 CRM with .NET Web Applications, Customizations, Dynamics 365, dynamics 365 administration, Microsoft Azure, Office 365 Administration , , , ,

If you have a Console App that authenticates to D365 using a credential (typically, an Administrator) but now the administrator is setup for Multi-Factor authentication, your Console App won’t work. So here’s what you can do.

If you first want to check out about enabling Multi-Factor Authentication, you can check my blog post on it here – Office 365 Admin: Quickly Enable Multi-factor authentication for users

Standard Authentication vs MFA enabled User

When there’s not MFA enabled for Dynamics 365 (Office 365) account credentials, you are able to connect to the organization with no issues and get the CRMServiceClient in your application easy.
authenticated

But, if you have Multi-Factor Authentication enabled for a credential that is used in Console Apps to connect to D365, the Console App will not connect and the CrmCerviceClient will have null as below with the error ‘Unable to Login to Dynamics CRM

unabletologin

Managing App Passwords on Azure Portal

Once you have multi-factor authentication enabled for your account, you can go to portal.azure.com and manage App Passwords as follows –

  1. In Azure Portal, go to your account settings.
    gotoaccount
  2. Then, go to Additional security verification
    additionalsecurityverification
  3. Look for App Passwords
    apppasswords
  4. You can manage and create more passwords here
    manageapppasswords
  5. Create a password if you don’t want to use a default one or want to use different passwords for different apps. Give it a suitable name and click Next
    createapppassword
  6. Copy the password as it is the only time it will be displayed.
    copypassowrd
  7. And you can see your passwords as you create them
    morepasswords

 

Implementing App Passwords in Console App

As the name suggests, App Passwords will let you create special passwords for applications to authenticate to Dynamics 365 without needing to go through multi-factor authentication like when you’re running a Console App to connect to Dynamics 365

  1. Go to the Password in the credentials in the App.Config of the Console Application
    oldpassword
  2. And replace it with the App Password
    newpassword
  3. Now, Build the application and run it. It will authenticate successfully.
    authenticated

Hope this helps! 🙂

 

Restrict User Access to a D365 instance using Security Groups

priyeshwagh777 D365 Admin Center, Dynamics 365, Dynamics 365 CE, Office 365 Administration , , ,

Use Case

You have multiple instances and you don’t want every member with a D365 license to be able to access each of those environments. How do you tackle this? Answer is using Security Groups on the Environments and Users.

Creating Security Group

In Office 365, create a Security Group and add members to it who should have access to the desired environment.

  1. Navigate to Groups in Office 365 and create a New Group. Give it a suitable name.
    creategroup
    groupname
  2. Add members to the Group who should have access. Click on Edit as shown below to Add members to the group and select the members and save it.
    editmembers
    addmembers
    membersadded
  3. Your Security Group is ready.
    securitygroupready

Apply Security Group to the D365 instance

  1. Navigate to Dynamics 365 Admin Center and select Edit on the instance you want to apply the Security Group on.
    editinstance
  2. Select the Security Group field and select the Security Group you created.
    selectsecuritygroup
  3. Click Next.
    clicknext
  4. Save once confirmed that you have selected the correct Security Group.
    saveinstance
    That’s it.

Who all can access the environment

All those are a part of the Security Group applied to the instance will have access to the environment including the Global Administrator
enabledusers

Rest of the users will be in the Disabled Users list
disabledusers

And if they try to access the environment, they will not be able to and will see this –
accessdenied

Hope that was easy! 🙂

D365 Quick Tip: Audit User Access in Dynamics 365 v9 CRM

priyeshwagh777 Dynamics 365, dynamics 365 administration, Office 365 Administration , ,

One of the most common asks as an administration is to know when the user started accessing the system and from where.

In your Dynamics 365 Customer Engagement apps, you can enable Auditing for User Access.

Enable Auditing of User Access

You need to enable this feature once you enable Auditing on Organization level. Then, you can enable User Access Auditing as well

Navigate to Settings > Administration > System Settings and under Auditing tab

OR

Settings > Auditing > Global Audit Settings
systemSettings

Once the Auditing for User Access has started, the Audit Summary will record this –
userAuditStarted

And whenever a User logs into Dynamics 365 via the Web Application, Phone app or WebServices that provide authentication, the Auditing will be logged as shown below –

auditRecording

The Operation will be Access and the Event will be User Access via Web or User Access via Web Services.

If you want to enhance user login, you can quickly enable Multi-Factor Authentication for the users, read my blog on MFA here – Office 365 Admin: Quickly Enable Multi-factor authentication for users

Hope this quick tip helps. 🙂