Unusual usernames prefixed with the hash character have been created in our D365 instances

(0) Share

Report

Posted on by M Jacquin

Hello All,

FYI, I am relatively new to the Dynamics 365 world so I am slowly getting up to speed on a few things with the platform, security, etc.

On the topic of security, I have noticed that a number of usernames are getting automatically created in our Dynamics 365 production and nextgen instances without our knowledge.

The common pattern is that they are all prefixed with the hash followed by a space (eg. "# Deflection", "# ChronusProdFirstParty", etc) and have been assigned the Service Reader user role.

My questions are as follows:

Is it normal for such usernames to be created in various Dynamics 365 instances?
As our service partner did not create these usernames, who is creating these usernames and how can I find our what purpose(s) they serve?
If Microsoft is in fact creating these usernames automatically, is it possible to be proactively advised by Microsoft when these usernames will be created in our D365 instances and what purpose(s) they serve?

Thank you in advance for your comments.

Cheers,

Michael Jacquin

I have the same question (0)

All responses (4)

Answers (0)

Suggested answer

PerezAguiar Microsoft Employee on at

Like (1)

Report

Hey!

Check if the accounts you're seeing are related to Microsoft default System accounts as documented on https://docs.microsoft.com/en-us/power-platform/admin/system-application-users. You'll see some of them: CDSFileStorage, CDSReportService, D365OfficeDataSvc.

If the accounts you see in the Dynamics environment are not listed in the previous article, the next step would be to check if there are apps registered on AzureAD with similar ID. For this, you can switch to the "User_: Applicatioin user" view and check the Application ID number.

Regards,

Was this reply helpful? Yes No
M Jacquin 85 on at

Like (0)

Report

Hi Daniel,

Many thanks for your prompt response.

You were right about the Microsoft default system and application usernames.

I am not sure what you meant about how to switch to the "User_: Application user" view though. Where can I find this information?

Thank you in advance.

Was this reply helpful? Yes No
PerezAguiar Microsoft Employee on at

Like (1)

Report

Hey!

Within the environment, if you go to "Advanced settings" and then go to "Security" and then "users", you should be able to go to the list of enabled (or disabled) users. Once you select a user, on the top you should be able to switch between different forms: User, ApplicationUser

Was this reply helpful? Yes No
M Jacquin 85 on at

Like (0)

Report

Thank you so much Daniel. You are a champ. :-)

Was this reply helpful? Yes No