Microsoft Dynamics CRM (Archived)

Employee Self Service Portal first time sign-in without using the invitation process

(0) Share

Report

Posted on by Hari Prasad

Hi all,

Is there any guidance / documentation available on silently onboarding employees to the ESS? My scenario is:

Azure AD accounts will be created for employees through ADFS and AD Connect
Employee data will be loaded (on a daily basis) as Contact records from payroll system to Dynamics 365 online
Employee should be able to sign in to the ESS without having to use Registration / Invitation redemption process

There will over 3,500 employees. ESS licensing is sorted. I am mainly interested in technical approach / solution.

Thanks,

Hari

*This post is locked for comments

I have the same question (0)

All responses (8)

Answers (2)

PS 23,577 on at

Like (0)

Report

Check if this helps:

dynamicscrmcoe.com/register-dynamics-crm-online-existing-azure-active-directory

Was this reply helpful? Yes No
Suggested answer

Nadeeja Bomiriya 6,804 on at

Like (0)

Report

Hi Hari,

The new Dynamics 365 Portal is pre-configured to login using Azure AD. Users can simply to login using their credentials if they have them.

Was this reply helpful? Yes No
Hari Prasad on at

Like (0)

Report

Hi Prashant - thanks for the reply but not what I am looking for.

Hi Nadeeja, the issue is not with logging in using Azure AD. When a user logs in for the first time to the portal using Azure AD, the portal creates a Contact record and associates the Azure AD guid and security stamp with that contact (you can see that when you switch the Contact form to Portal Contact. In my scenario, I will already have the contact records created in CRM (through data load). I don't want to create another contact record for the same person. What I want to achieve is associating the Azure AD guid and security stamp with the contact record (in the background / powershell / some other mechanism).

Was this reply helpful? Yes No
Verified answer

Nadeeja Bomiriya 6,804 on at

Like (0)

Report

Hi Hari,

I implemented a solution for ADFS implementation in a recent project for a similar requirement.

You need to prepare the contact record with all required information. For example, Username field, External Identity record. Also need to run the "Reset Security Stamp" workflow which regenerate the security stamp. Best way to get the information you need to prepare the contact is to create a Contact record by login in via Portal using Azure AD credentials. You'll see all the relevant URLs and domain names etc.

Once all required fields are setup, when the user login for the first time, the Portal will NOT create a new Contact. Instead, it'll use the existing record.

Was this reply helpful? Yes No
Hari Prasad on at

Like (0)

Report

Thanks Nadeeja,

Looks like exactly what I am looking for. I have looked at the contact record created when a user first logs in to the portal. The Username is a guid - I am assuming this is the guid for the user account in Azure AD. Any information you can share on how you get this guid and update the contact record?

Hari

Was this reply helpful? Yes No
Verified answer

Nadeeja Bomiriya 6,804 on at

Like (0)

Report

Hi Hari,

Please see the below screenshot of the workflow.

Update Contact step, updates the Username field.

You should be able to get the GUID from PowerShell.

https://docs.microsoft.com/en-us/powershell/msonline/v1/get-msoluser

The GUID is the objectid I believe.

Was this reply helpful? Yes No
Hari Prasad on at

Like (0)

Report

Thanks Nadeeja,

Appreciate your help once again. Will try this out.

Hari

Was this reply helpful? Yes No
Blitzey 370 on at

Like (0)

Report

Hi Nadeeja,

How are you creating the 3 process in your workflow? can you please show how you made each? That would be very appreciated.

Thanks in advance

Was this reply helpful? Yes No