When you create a new user through the UI, it will retrieve all details from Active Directory once you've entered a user name (job title, phone, email etc..) which is great but it only seems to work when the user name is changed in the UI.
I'm importing >100 users into a new CRM system, how can I trigger this synchronisation across all of them in bulk? Without browsing through 100 user records and making minor tweaks to the user name field.
The following command line tool can be used for updating all out of sync users with the newest data from Active Directory:
Update CRM 2011 Users From AD Tool
It is not clear if the tool would also work for CRM 2015.
You could make a program that reads all CRM users and then do a search in the AD to see what has been changed to update the CRM. I have written a service that does that once when a customer wanted to have a synch with the AD, that ran once every six hours or so.
Related
I am creating an ASP.NET MVC site that can be accessed by an Active Directory group. The basic functionality of the site is:
User can navigate to many different pages which display data from different tables in the SQL Server
User can search by any column in each table on the site to display corresponding records
User can create/delete/edit previously stored records from the connected SQL Server tables
I want to create a main page for the site that is personalized for each user in Active Directory. I was hoping to display previous changes to the database (i.e records added or edited) as well as the user's previous search history so that they can click on a link and it takes them to a results table that they have accessed before.
I have looked into logging the user's activity, but so far all I can find information on is logging errors/bugs that different users experience on the site. I want to log the user's searches/database changes.
Does anyone have advice on how I can do this? I was thinking about adding a table for storing this information in the SQL Server database, but I am unsure how this would work for separation by different users. For example, if User A searches for "xyz" and User B searches for "Abc", when User A relaunches the site, the previous search history should only show "xyz"
EDIT: another question I thought of, if I were to create a table that follows this basic format:
Where the User column is a foreign column connecting to the Active Directory user (i.e. 3 -> John Smith and 7 -> Jane Doe), is it possible to connect a foreign key column representing which user made the changes in the site to an Active Directory group? That way if John Smith made a change in the site, when he logs in, any data that corresponds to only him is displayed?
We are facing this issue in all our environments, when an employee left our company somehow his user profile in CRM is updated like below snip.
Domain name & Windows Live ID fields turn into weird GUID#domain.com and Name fields into #
Can this be controlled in someway in DirSync? Disabling CRM users when AD users got disabled is expected behavior but this isn't.
We do have Pre-Create & Pre-Update plugins on System User entity, but nothing to do with Name fields obviously.
Any clue to solve this problem?
After a support ticket with MS & internal analysis, this was identified as an internal cleanup exercise by AD owners due to company policy. The data removal in AD account sync to Azure AD & in turn mess things in CRM like this.
We are running a scheduled cleanup job in our side now to restore the first & last name (composite field - full name), internal email address in systemuser from associated Mailbox record using SSIS/Kingswaysoft.
I am working on a company project, in which it contains a data processing system and this system was previously written separately for each bank and have their own project file, and each of the project has their own database that store the user credentials for them to login using their id and password.
Now we need to merge all the projects together so that it only login via a single login page, but i am wondering how am i going to do this because the data, especially the login credentials is stored in different databases. How should I pass data from a database to another database to perform validation?
Assuming these are SQL server logins, You will probably have to build a database with an availableDB table listing the available databases. Let the user choose a database, then try to open that database using the specified credentials, kicking him/her back to the choose-a-database point in the application.
If that doesn't answer your question, we'll need a little more information: architecture, desired interface, etc.
Hope this helps.
Why Dont You Use a drop down on login form with Every bank name listed in Drop Down. After selection of bank, use if and else statements to populate selected bank database.
I have an intranet application that uses Active Directory to handle access and roles. This all works well.
Within my application there is a Customer database. Each Customer can have multiple categories with a member of staff assigned to each of them. With this in mind to help cut down on the number of queries to Active Directory I thought it would be easier to have a copy of my Active Directory users and some of their details in my database so I can create navigation properties between my models.
Can anyone suggest a method to replicate some of the fields from Active Directory into my SQL Server database? I only need Firstname, Surname, EmployeeID, Email, etc.
It would be useful if this ran hourly/daily.
I'm having a problem with my SSRS 2008 configuration at the moment. This is how we are currently set up.
1 server hosting SQL Server and SSRS, no integration with sharepoint etc. Users access the SSRS web application, and then from there they access the "Report Builder 1.0" too, which they can use to create and run reports based off a reporting model.
This is all done using Windows Authentication - so they login with their domain account to the web application, and then again when loading the Report Builder. Each domain user is configured to be able to login to SQL Server rather than using a generic SSRS account, and all of the above works fine.
The way this is setup means that you can always tell which individual user is logged in and running reports - either to the website or when running reports through report builder. This is a requirement of this application as all users will see slightly different versions of the data models (this is controlled by the underlying views, based off the domain account running the query). So Tom may get 100 rows back from his query but Harry will only get 50, etc.
The Datasource is setup to use integrated security (Which passes through this domain account to SQL Server).
My problem comes when a user creates a report in report builder, and then saves it to the server. When they login to the web application and run the report there - it works fine, but when they try to setup an email subscription, they get this message:
"Subscriptions cannot be created because the credentials used to run the report are not stored, or if a linked report, the link is no longer valid"
A bit of research leads me to think that this is down to the integrated security settings, as for some reason SSRS is ignoring the currently logged on user account or cannot use that to setup the subscription.
Everything works if I set the datasource to use a specific account - but then that breaks the data filtering based on user account (obviously, as it would now be just using one account for everyone!).
Any ideas for how I can approach this? Is there a configuration setting that I can play with to try and get this working using integrated security? Any help/comments are appreciated!
To create a report subscription you must meet a few reqs:
First is,
A report that can run unattended (that is, a report that uses stored credentials or no credentials).
To do what your wanting to do I suggest you setup data driven subscriptions. Heres a link to get you started. Data Driven Subscriptions Theres also several good videos of the basic setup. Like this one sqlLunch #8
Here's another walkthrough that's pretty decent: Walkthrough
Hope any of this helps ya.
Thats a nice one to have in your tool belt as well.
If you just drop the subscribed report into a file share instead of emailing it, the users can fill in their username and password, so it will run as them. The only problem with doing it this way is when they change their password, they will need to go and put the new password into the subscription again.
I guess they could have another account with a password that wont expire to run the report as, but that's probably not good practice
what you could do is have the list of users in a table in the database with what they're permissions are, then set up a data-driven subscription to get the list of users and get their permissions and filter the report accordingly.