Saturday, January 8, 2011

Managing Active Directory User Accounts from CRM

One of the most frequently requested features from our customers is maintaining AD User accounts directly from CRM without using Active Directory Console. I know it can be done because I found somebody did that kind of work for CRM 3.0 before.

After thinking through all scenarios thoroughly, I found a way to implement it by triggering plug-in in CRM's User Profile. Below is the list of steps that my plug-in works for AD integration:
  1. Enquiry "Domain User Name" in Active Directory when User Profile is saved (pre-create) in CRM
  2. If plug-in cannot find user in AD, it will automatically create an account based on saving profile's data
  3. If user already exists in AD, it will skip the account creation steps
  4. Once User Profile is saved, MS CRM will automatically add ReportingGroup and UserGroup to specific AD user account (This is a feature of CRM)
You may need to provide following configuration settings to run plug-in successfully
  1. Default Password for all users
  2. DNS Name (or) IP Address
  3. Admin User Account which has permission to create user account in Active Directory
  4. Admin User Password
  5. LDAP Path (Optional, provide it if you want to create CRM user under specific OU)
For easier management, we create an OU to put all CRM's AD user accounts in one location. We also create one admin account to manage that OU for user accounts creations. If you want to allow users to change their Default Password from CRM, please read this article and follow the instructions. For us, we host an asp page (aexp4b.asp) in IIS and provide a link in CRM site-map to use "Change Password" feature.

I successfully tested this plug-in on following AD Domain Controllers
  • Win 2K Server with SP4,
  • Win 2K3 Server
  • Win 2K8 Server
Feel free to use this application. Either leave comment or email me if you want to know further information or give suggestion to me. But, please use it as your own risk :)

Download Link

Please refer below link to download PSXrmDevLib.dll for both 32-bit and 64-bit platform
PSXrmDevLib [32-bit]
PSXrmDevLib [64-bit]

Reference:
Using System.DirectoryServices.AccountManagement
CRM: Creating System user without going to AD to create AD user beforehand

I'm back in 2011

Dear all,

Happy New Year. I have been very busy with my work and family matters in past few months. I didn't have enough time to update my blog and to reply some of your emails. Please do accept my apology.

To be honest, there are TWO main reasons that made me keep silent in past few months.
  1. Microsoft is going to release CRM 2011 very soon and there is no point for me to write about old versions in my blog.
  2. Lack of motivation factors, I feel like my blog is not interactive enough and I doubt that my contribution will helpful for community.
But, anyway, I am back now. I believe, I still have a few more things to share with you all for my XRM application development experience. And, I hope my two cents of contribution will still be useful for our XRM development community. Please forgive me and welcome me back. Thanks!

Best Regards,
Thuta