web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Microsoft Dynamics CRM (Archived) / Clarity needed for on-...
Microsoft Dynamics CRM (Archived)

Clarity needed for on-prem "Sandbox" Server/Role

(0) ShareShare
ReportReport
Posted on by bpr_admin

I am now having major confusion over the sandbox as a function and a role in CRM on-prem

My Understanding:

  1. When I initially read documentation, it seemed like the sandbox role was best placed on it's own server in the production cluster so that it could create an isolation for any code that we wrote and ran in production as well as any plug-ins we imported as a solution, separate from the built-in code.
  2. When I read about Google chrome running as a sandbox in windows, it is a security feature, and creates isolation. (this gives you insight to my understanding of what a "sandbox" does in secure computing)

What we have:

  • A production D365 (ver 8.2) cluster where a sandbox server has the sandbox role on it.
  • A development D365 server configured as "Full Server" on it (but I don't think the sandbox role is on it)

Why I'm confused:

  1. All youtube videos about "sandbox" in D365 online seems to refer to a dev environment, not a production environment
  2. If it's only for dev, when even have a server/role and just instead create a new dev cluster or server?
  3. What does the freaking Sandbox Processing Server actually do?
  4. What role does the Sandbox Server/Role play in security best practices on a modularized CRM cluster where all roles are broken out to their own servers?

*This post is locked for comments

I have the same question (0)
  • bpr_admin Profile Picture
    bpr_admin on at

    Anyone? Surely I thought this would be an easy answer. But it looks like most people don't have clarity about this either, Yikes.

  • Suggested answer
    Aric Levin - MVP Profile Picture
    Aric Levin - MVP 30,190 Moderator on at

    I think you are confused.

    The Sandbox Processing Server that you are referring to for CRM On-Premise (as a server role), has nothing to do with Sandbox environment in CRM Online.

    CRM Online refers to non-production server instances as Sandbox Instances. These can be dev/test/production. The main reason is also the Sandbox instances have a different cost then production instances.

    Sandbox Processing service handles things like integration, plugins, processes, etc...

    When searching online search for "CRM Sandbox processing service or role"

    Hope this helps.

  • David Jennaway Profile Picture
    David Jennaway 14,065 on at

    To add to the previous reply, when considering the Sandbox Server on premise, the main security-related aspect is that you can configure plugin assemblies to run within the Sandbox Service, which applies code-access security to restrict what the plugin code can do (so that it has very little access to local resources)

    Whether the Sandbox service runs on a different server from other roles is more an consideration for load balancing than for security. One possible security use is, if a plugin makes an http/https request to an external service (this is permitted in the sandbox), then you could configure firewall rules to only allow such traffic from the sandbox server

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Introducing the 2026 Season 1 community Super Users

Congratulations to our 2026 Super Stars!

Congratulations to our 2025 Community Spotlights

Thanks to all of our 2025 Community Spotlight stars!

Congratulations to the February Top 10 Community Leaders

These are the community rock stars!

Leaderboard > 🔒一 Microsoft Dynamics CRM (Archived)

#1
JS-09031509-0 Profile Picture

JS-09031509-0 3

#2
AS-17030037-0 Profile Picture

AS-17030037-0 2

#2
Mark Eckert Profile Picture

Mark Eckert 2

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans