Share
ReportCan we decrypt CRM portal password that is stored in password hash field?
You’re offline. This is a read only version of the page.
15
Can we decrypt CRM portal password that is stored in password hash field?
Hi Tanya,
Contacts who are created from Potal will be automatically assign to SYSTEM by CRM in default, and we couldn't change the process.
You could assign the contact to a specific user at first step in workflow:
Then the workflow shall be triggered. (You could add a check condition whether the contact has been assigned to specific user to harden the logic, then do following steps)
Regards,
Clofly
Hi Tanya,
Do you mean you can create valid Portal account successfully with 'Contact > Portal Contact Form' ?
I've tested for several hours and now would like share whole process:
1. Firstly, how did you build your custom Portal registration form ?
In my test, if I create a new contact form, Fullname field(firstname and lastname are included) is required, then drag the Email(emailadress1, the primary email)
and other 3 custom fields in form, the final rendered form in Portal in my environment is below:
As you see firstname and lastname should be populated so CRM can find the contact with email in To field in Send Email step:
2. My Send Email step: {Contact{Contact}} is dynamic value to the match contact.
3. Assign a web role for the contact if necessary, this step is optional, you could check web roles of other valid contacts who can sign in.
4. Sorry for I forgot this important point: Login enabled and Lockout enabled should both be set to True when sync customer_username to adx_identity_username
5. Final steps would be: adx.changepassword(just populate upper field with our raw text password) then adx.securitystamp(field is not required to be populated).
(I added other check condition in my full process, you could take it as reference, scope is Organization)
6. Success email:
In addition, another point might be very important:
each contact should has unique adx_identity_username(User Name), if there are duplicate username records,
those contacts will all get invalid sign-in, please also check it when testing, I was trapped in it for an hour.
After all steps below were done, then our work would be only make custom registration form look better and create a global js to hide
the two option field, I'm willing to give more detailed response if you still have any doubt.
Good Luck :)
Regards,
Clofly
Hi Tanya,
Have you mapped the email field to 'emailaddress1' field in CRM in Entity form ?
and Allow Email option is set to Allow in default for those contacts who were created from Portal ?
For your first invalid sign in issue,
Have you checked whether adx_identity_username and adx_identity_passwordhash and adx_identity_securitystamp are all populated ?
You could create a contact with same username and password by default registration form(or change an existing contact's password directly) to test whether data and hashed data could be match with record from custom registration form.
while adx_identity_securitystamp might be different.
Regards,
Clofly
if i'm creating record from portal in registration form then i'm getting this error-
"This message cannot be sent to all selected recipients. Verify that both the sender and the recipients have valid email addresses, and that the recipients are allowed to receive email".
I'm not getting this error if directly creating record from CRM .
Hi,
The hashing of the passwords is a one-way hash, which means it isn't possible to determine the original password from the resulting hash. Although Clofty's solution would probably work, in general it is not best practice to be sending passwords via email, as they can be intercepted.
If the user doesn't know their password, you should be using the reset password functionality, which doesn't result in the password being sent via email.
Nick
Hi Tanya,
If your environment is online,
grab the user raw text password could be difficulty for us because:
> the Register page is not accessible for us
> the raw text password is processed by fully back-end code, and there is no corresponding form in CRM for register form.(User record is saved in Contact entity)
So I would suggest an alternative, you could take it as reference.
1. Create 3 custom fields for contact entity: new_customportalregistration_username(Single Line Text), new_customportalregistration_password(Single Line Text), new_from_customportalregistration (Boolean, default to false, Optional)
2, Create a new form: Custom Portal Registration Form, add default email field and previous 3 fields to this form.
3. Create an Entity Form, set the Mode to Insert and the Form Name to Custom Portal Registration Form, add an redirect page or information after success submit.
4. Create an alternative Web Page for Register Page(hide the link to default Register Page), add previous form on the page.
5. Write JS code to set the new_from_customportalregistration field to true/checked and hide it. (As it's stated as optional field in step 1, because we should have a check condition for new contact record)
6. Create a Workflow, entity is Contact and started when record is created.
7. Set Check Condition to
if new_from_customportalregistration eq true
or new_customportalregistration_username contains data (if you not add the new_from_customportalregistration field as flag)
8.1 Send an email to new created contact with password value in new_customportalregistration_password
8.2: update/sync new_customportalregistration_username data to real portal credential fields: adx_identity_username
(You might need to add this field to Contact Main Form, its Display Name is User Name)
8.3 update real(hashed) protal password field with a step: Adxstudio.Xrm.Workflow.Identity (1.0.0.2):Adxstudio.Xrm.Workflow.Identity.ChangePassword. populate its value field with new_customportalregistration_password
8.4 Add another step: Adxstudio.Xrm.Workflow.Identity (1.0.0.2):Adxstudio.Xrm.Workflow.Identity.SetSecurityStamp (Value is not required to be set)
8.5 update new_customportalregistration_password field to empty to keep contacts privacy.
Regards,
Clofly
Stay up to date on forum activity by subscribing. You can also customize your in-app and email Notification settings across all subscriptions.
#1
André Arnaud de Cal...
291,253
Super User 2024 Season 2
#2
Martin Dráb
230,188
Most Valuable Professional
#3
nmaenpaa
101,156
All responses (
Answers (