Get Ready for the Next Release of Microsoft Dynamics CRM
Problems configuring the CRM Outlook client? Use the wizard!
Customer Center for Microsoft Dynamics CRM 2013
Customer Center for Microsoft Dynamics CRM 2011
Technical Support FAQ: Online | On-Premise
Developer Center and SDK
my customer needs some features in the application and i don't know if i can make these features in CRM 2011 or not so please advice me
1- system prevent 2 active sessions for the same user
2- Password history and prevent password reuse
3- The system must support account lockout after a defined number of unsuccessful access attempts
4- Automatic log-out after specific idle time
Please advice me if i can implement this features on CRM 2011 on premise ,can i use active directory to make this or not ??
thank you all....
2) username & password is from active directoy, so this has nothing o do with crm
ok, then if i implement an ASP website on the CRM so user will access the ASP website then the website will handle all the functionality with CRM. in this case i can implement these functionality ??
The Dynamics CRM authentication and authorization are always handled by Active Directory. So any security model you implemented in Active Directory works for Dynamics CRM.
If you are in an on premise deployment you're requirement for log out (req 4) doesn't make sense. Do you want the user to be logged out from your Windows session after some time? You probably want the screen to lock for the Windows OS, after which of course the Dynamics CRM session is locked also. Password history and account lockout (req 2 and 3) are configured standard in Active Directory.
If you need an internet facing deployment (IFD) it is completely different cup of tea because you will need Active Directory Federation Services configured for that. Authorization and atuhorization are permitted by the use of SAML tokens, which have a standard lifetime of 8 hours, however they can be configured to a lifetime of say one hour if security requirments dictate that (req 4). Password history and account lockout (req 2 and 3) work the same as in the on premise solution.
The last option is a Dynamics CRM Online deployment, which you can implement with your own Active Directory to configure these security requirements. In that configuration you can configure online the same way as the IFD.
For the multiple session requirment (req 1), Dynamics CRM opens a lot of browser windows when you're working with it. Al these browser windows are sessions, so the first requirement doesn't make sense also.
Other Microsoft Sites
I'm a Customer
I'm a Partner
Follow Microsoft Dynamics