Personalized Community is here!
Quickly customize your community to find the content you seek.
Have questions on moving to the cloud? Visit the Dynamics 365 Migration Community today! Microsoft’s extensive network of Dynamics AX and Dynamics CRM experts can help.
2021 Release Wave 2Discover the latest updates and new features releasing from October 2021 through March 2022.
2021 release wave 2 plan
The FastTrack program is designed to help you accelerate your Dynamics 365 deployment with confidence.
FastTrack Community | FastTrack Program | Finance and Operations TechTalks | Customer Engagement TechTalks | Upcoming TechTalks | All TechTalks
This is an extension to a post I seen that explained problems and solutions regarding individuals who are deleted from AD and then added back later and how certain values in the CRM Database tables need to be changed to match certain values from AD.
Follow to see the post
However what I would like to do is gain some further knowledge as far as what the function of each piece is.
If AD's ObjectGuid doesn't match the users SystemUserBase.ActiveDirectoryGuid It will prevent you from being able to activate said user. Is this the only function of the ActiveDirectoryGuid in the login process? Because, if you manually make the the ActiveDirectoryGuid match the record that the user is associated with in AD it allows you to activate them but in some cases the user will still be unable to log in due to a mismatch with the AD's SID and CRM's MSCRM_CONFIG.SystemUserAuthentication.AuthInfo.
Within the MSCRM_CONFIG.SystemUserAuthentication.AuthInfo you will normally see 2 records. One that contains the SID formated
While the other is formatted
Which leads into my next series of questions.
When does it use one record over the other, or does it require to have both records?
Does it only use SID if you are using an automated login process? (making it so that the user doesn't have to use any credentials)
Is the latter what is required for the user to type in as their UserName.
Can it be changed and subsequently what ever you changed it to be required to be used as the UserName during login?
I apologize for the badgering of questions here but I want to make sure I fully understand what each piece is doing so that I can develop a process to fix what ever issue comes up regarding this.
Business Applications communities