Skip to main content

Notifications

Microsoft Dynamics 365 | Integration, Dataverse...
Answered

Latency issue between Azure AD Security Groups and Environments Teams

Posted on by 7

Hello,

I have created Azure AD security groups for my Dataverse security model (Field based security using Environment Teams). I then created Environments Teams for those AAD security groups and assigned security roles for those teams. It has been more than 24 hours and I still don't see the Teams members in the Environment?!! 

AAD-issue-and-Env.PNG

Thank you

  • Suggested answer
    PerezAguiar Profile Picture
    PerezAguiar on at
    RE: Latency issue between Azure AD Security Groups and Environments Teams

    Hey! 

    When you configure the Inactivity & Session TimeOut, users receive a warning and are requested to login again

    community.dynamics.com/.../setup-inactivity-timeout-in-microsoft-dynamics-365-online

  • MaSc4Crm Profile Picture
    MaSc4Crm 247 on at
    RE: Latency issue between Azure AD Security Groups and Environments Teams

    Hi Daniel,

    this means - I need to setup an automatic "expiring/inactivity" rule for each D365 environment - this is the only option.

    Can I force the user by code to re-login e.g. by revoke the token?

    Can I force the user by using "a button" to re-loging?

    Regards,

    Martin

  • Suggested answer
    PerezAguiar Profile Picture
    PerezAguiar on at
    RE: Latency issue between Azure AD Security Groups and Environments Teams

    Hey! This will depend on many factors.

    Usually when you login, a token is submitted and you're authenticated using that token. If you're removed from the security groups, that token might still be valid for some time (24 hrs, 7 days, 1 hr).  this will depend on AzureAD.

    On CRM, you can take advantage of Access Management and establish some Session Time Out and INactivity timeout. If the token changes removing the access and the user hits one of those timeouts (Session or inactivity), they will be logged off.

    learn.microsoft.com/.../user-session-management

    Regards,

  • MaSc4Crm Profile Picture
    MaSc4Crm 247 on at
    RE: Latency issue between Azure AD Security Groups and Environments Teams

    Hi,

    when does the changes in the Azure AD (e.g. an user from a group) takes place in D365?

    E.g. an user is still working with CRM and is already logged in.

    Regards,

    Martin

  • Verified answer
    PerezAguiar Profile Picture
    PerezAguiar on at
    RE: Latency issue between Azure AD Security Groups and Environments Teams

    Hey Ahmed.

    Official documentation: https://docs.microsoft.com/en-us/power-platform/admin/manage-teams#about-group-teams

    Team members are dynamically derived (added and removed) when they access an environment based on their Azure AD group membership

    This means that even if you Create a group on AzureAD and create a Team within the environment associated to those AAD Groups, they're not going to automatically populate with the users. Instead, as users login to the environment, they will show on the list.

    Regards,

  • Suggested answer
    AhmedSalih Profile Picture
    AhmedSalih 7 on at
    RE: Latency issue between Azure AD Security Groups and Environments Teams

    I asked in another community form and I got the answer. Here it is powerusers.microsoft.com/.../1548067

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

December Spotlight Star - Muhammad Affan

Congratulations to a top community star!

Community AMA December 12th

Join us as we continue to demystify the Dynamics 365 Contact Center

New! Quick response templatesâš¡

Save time with the new custom templates!

Leaderboard

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 291,151 Super User 2024 Season 2

#2
Martin Dráb Profile Picture

Martin Dráb 229,963 Most Valuable Professional

#3
nmaenpaa Profile Picture

nmaenpaa 101,156

Leaderboard

Product updates

Dynamics 365 release plans