web
You’re offline. This is a read only version of the page.
close
Skip to main content
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Customer experience | Sales, Customer Insights,... / Dataverse owner change...
Customer experience | Sales, Customer Insights,...
Unanswered

Dataverse owner change fails on Automate when an AD privileged user has no activity to trigger their ID load into AAD Team

(0) ShareShare
ReportReport
Posted on by RCATBP 15

A flow adds a record to dataverse, the record owner is set as the Flow execution service account.
Attempting to change, or set the owner to a user ID, only works if that users AD privilege is already reflected in the AAD Team 

This can be forced if they use an app to add a record in the environment. I have now isolated the problem so it can be repeated.

Is there any way the user name can be forced from AD into the AAD team without them doing any dataverse activity?.

OR a way to override the default owner ID currently set as the Flow execution account.

Two attachments both show the initial successful record add to 'D003 Engagements'.

One fails as the 'T&S Power Apps' ID (which IS present in AD) has not been reflected in the Team group.

The same flow runs okay if the 'T&S Power Apps' ID is present in the Team group, as occurs if the user has used a screen App to add a record.  

The owner setting is vital as users can only see the records they own. Desperate to fix as deploy pending to 300 users!Cheers, richard


[View:/cfs-file/__key/communityserver-discussions-components-files/117/PAD_2D00_23NOV22_2D00_123101_2D00_add_2D00_engagement_2D00_owner_2D00_change_2D00_succeed.txt][View:/cfs-file/__key/communityserver-discussions-components-files/117/PAD_2D00_23NOV22_2D00_122915_2D00_add_2D00_engagement_2D00_owner_2D00_change_2D00_fail.txt] pastedimage1669210175429v1.png

I have the same question (0)
  • Luis Arellano Profile Picture
    Luis Arellano 36 on at
    RE: Dataverse owner change fails on Automate when an AD privileged user has no activity to trigger their ID load into AAD Team

    Hello,

    Do you have an additional process triggering?

    On both requests the owner being set is a4796a5b-1961-ed11-9561-000d3adf70c0 which is "-svc-GOCS-ETHCO-PAD -svc-GOCS-ETHCO-PAD"

    pastedimage1669271636318v1.png

    But the successful response is showing a8090e9b-0ace-eb11-bacc-000d3ab03cb4 (T&S Power Apps T&S Power Apps) as the owner.

    Just being in the AD group will not give them the permissions they need, what security roles does "T&S Power Apps T&S Power Apps" has when this fails?

    Could it be that you have a process to add them to the group when they add a record from the app? If so, should you validate that too in your flow?

    You can manually set the owner of the record, you have to open the create action in the flow, look for the Owner column and enter the Guid that you want like this "systemusers/userGUID" or "systemusers(userGUID)"

  • RCATBP Profile Picture
    RCATBP 15 on at
    RE: Dataverse owner change fails on Automate when an AD privileged user has no activity to trigger their ID load into AAD Team

    Hi Luis,

    Thanks for trying but it is not that straightforward.

    User T&S power Apps is in the AD group, aligned to AAD teams group which is aligned to custom role on Engagements which has Owner restricted Read/Write.

    When T&S Power Apps user can be 'seen' as surfaced in the AAD Group Screen then the Flow to change owner to them is successful.

    If T&S Power Apps user cannot be 'seen' as they have not initiated a file access activity as a user then the Flow fails.

    So you cannot manually reset the owner unless that can be seen in the AAD team Group.

    The flow has been coded to prove this and it is repeatable.

    1. Delete the AAD Team group name entry and the Flow fails.

    2. Get T&S to add a record manually, so their name appears in the AAD Group and the Flow then works.

    1&2 can be run and rerun, same issue.

    Any thoughts please, cheers, Richard

  • Luis Arellano Profile Picture
    Luis Arellano 36 on at
    RE: Dataverse owner change fails on Automate when an AD privileged user has no activity to trigger their ID load into AAD Team

    Could you share part of your flow? What you can try is add a validation to check if the user is part of the team. If it is, continue with the record owner change. Otherwise add it to the team and then continue wit record owner change.

  • RCATBP Profile Picture
    RCATBP 15 on at
    RE: Dataverse owner change fails on Automate when an AD privileged user has no activity to trigger their ID load into AAD Team

    Happy to share the entire flow, it has been built based on issues with the production flow so only a few steps.

    I will do next.

    For now how would you do the validation from Automate, I couldn't find a way.

    Second. How would you 'add' to the team which is aligned with AD?

    Cheers, Richard

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Pallavi Phade – Community Spotlight

We are honored to recognize Pallavi Phade as our Community Spotlight honoree for…

Congratulations to the October Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Customer experience | Sales, Customer Insights, CRM

#1
Tom_Gioielli Profile Picture

Tom_Gioielli 109 Super User 2025 Season 2

#2
MVP-Daniyal Khaleel Profile Picture

MVP-Daniyal Khaleel 97

#3
#ManoVerse Profile Picture

#ManoVerse 56

Last 30 days Overall leaderboard

Featured topics

Hide selecting Contact for potential customer when creating quote

Product updates

Dynamics 365 release plans