Power Platform | The environment jeopardy winner!

In our last episode, I was bringing up the environment strategy again as I was asked around how many of them is to much and what would be the optimum?

So let’s start by digging into the various sources of doc pages that can be found around this by bringing up the basics. First, by repeating myself telling that some admin tasks are no longer bound to licensing. Have a look here:

Additional environments

As you can learn from this visual, it might be a good idea of getting control over who is able to create and maintain your environments inside your organization, especially if the last mentioned admin roles are not a single person or team in your organization.

Assuming you read previous article you’ve seen me pointing on three buckets of persona profiles you first want to control before creating any type of apps, flows or chatbots. You recognized me mentioning security groups and you found the article on how to add a security group to your environment to control access.

Security group added to environment

As you can see from above visual there’re some caveats you should know about. But many times, I’ve been asked what else happens based on the assignment. And that is an automatic user sync. The user sync can be done manually as well, but let’s first get into the details.

Understand user sync in Dataverse

First, we’re talking about an environment with Microsoft Dataverse provisioned here, not an environment which is Micosoft Teams related, where this concept works differently.

Second, some of the users found might be from previous activity (deactivated user for example), some based on non-licensing related (Admins) and some being part of different licensing than you thought (Dynamics 365 licensing in the mix).

User sync continued

But there’s more, especially regarding a recently introduced Office 365 E3 capability- Project App, which technically can be hosted in a non-default environment. And furthermore, some just-in-time (JIT) to be found users that started using a shared app for example and granted Microsoft Dataverse permissions.

Enable and disable users

Before looking into permissions, let’s shortly close the chapter by understanding of how to enable and disable a user. Something to be considered when you create or modify your environment strategy.

Understanding permissions

Now that we do understand how, why and when certain user can be found inside the environment, we finally can talk about giving the, permissions which is two folded.

One seen from the three buckets of persona profiles I introduced in my previous article. Second being specific to Micosoft Dataverse based apps, flows or chatbots considering how to access data rows, tables, etc.

I hope this provided a more simplified overview of items and topics which should be part of your environment strategy and before finally answering the above question, let’s calm down, relax after so many content. Until, then…