Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Dynamics 365 Community / Forums / Microsoft Dynamics CRM (Archived) / Employee Self Service ...
Microsoft Dynamics CRM (Archived)

Employee Self Service Portal first time sign-in without using the invitation process

(0) ShareShare
ReportReport
Posted on by Hari Prasad

Hi all,

Is there any guidance / documentation available on silently onboarding employees to the ESS?  My scenario is:

  • Azure AD accounts will be created for employees through ADFS and AD Connect
  • Employee data will be loaded (on a daily basis) as Contact records from payroll system to Dynamics 365 online
  • Employee should be able to sign in to the ESS without having to use Registration / Invitation redemption process

There will over 3,500 employees.  ESS licensing is sorted.  I am mainly interested in technical approach / solution.

Thanks,

Hari

*This post is locked for comments

  • Blitzey Profile Picture
    Blitzey 370 on at
    RE: Employee Self Service Portal first time sign-in without using the invitation process

    Hi Nadeeja,

    How are you creating the 3 process in your workflow? can you please show how you made each? That would be very appreciated.

    Thanks in advance

     

  • Hari Prasad Profile Picture
    Hari Prasad on at
    RE: Employee Self Service Portal first time sign-in without using the invitation process

    Thanks Nadeeja,

    Appreciate your help once again.  Will try this out.

    Hari

  • Verified answer
    Nadeeja Bomiriya Profile Picture
    Nadeeja Bomiriya 6,804 on at
    RE: Employee Self Service Portal first time sign-in without using the invitation process

    Hi Hari,

    Please see the below screenshot of the workflow.

    Prepare-Contact-for-Portal-Login.png

    Update Contact step, updates the Username field.

    You should be able to get the GUID from PowerShell.

    https://docs.microsoft.com/en-us/powershell/msonline/v1/get-msoluser

    The GUID is the objectid I believe.

  • Hari Prasad Profile Picture
    Hari Prasad on at
    RE: Employee Self Service Portal first time sign-in without using the invitation process

    Thanks Nadeeja,

    Looks like exactly what I am looking for.  I have looked at the contact record created when a user first logs in to the portal.  The Username is a guid - I am assuming this is the guid for the user account in Azure AD.  Any information you can share on how you get this guid and update the contact record?

    Hari

  • Verified answer
    Nadeeja Bomiriya Profile Picture
    Nadeeja Bomiriya 6,804 on at
    RE: Employee Self Service Portal first time sign-in without using the invitation process

    Hi Hari,

    I implemented a solution for ADFS implementation in a recent project for a similar requirement.

    You need to prepare the contact record with all required information.  For example, Username field, External Identity record.  Also need to run the "Reset Security Stamp" workflow which regenerate the security stamp.  Best way to get the information you need to prepare the contact is to create a Contact record by login in via Portal using Azure AD credentials.  You'll see all the relevant URLs and domain names etc.

    Once all required fields are setup, when the user login for the first time, the Portal will NOT create a new Contact.  Instead, it'll use the existing record.

  • Hari Prasad Profile Picture
    Hari Prasad on at
    RE: Employee Self Service Portal first time sign-in without using the invitation process

    Hi Prashant - thanks for the reply but not what I am looking for.

    Hi Nadeeja, the issue is not with logging in using Azure AD.  When a user logs in for the first time to the portal using Azure AD, the portal creates a Contact record and associates the Azure AD guid and security stamp with that contact (you can see that when you switch the Contact form to Portal Contact.  In my scenario, I will already have the contact records created in CRM (through data load).  I don't want to create another contact record for the same person.  What I want to achieve is associating the Azure AD guid and security stamp with the contact record (in the background / powershell / some other mechanism).

  • Suggested answer
    Nadeeja Bomiriya Profile Picture
    Nadeeja Bomiriya 6,804 on at
    RE: Employee Self Service Portal first time sign-in without using the invitation process

    Hi Hari,

    The new Dynamics 365 Portal is pre-configured to login using Azure AD.  Users can simply to login using their credentials if they have them.

    2843.SignInAzureAD.PNG

  • PS Profile Picture
    PS 23,577 on at
    RE: Employee Self Service Portal first time sign-in without using the invitation process

    Check if this helps:

    dynamicscrmcoe.com/register-dynamics-crm-online-existing-azure-active-directory

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

December Spotlight Star - Muhammad Affan

Congratulations to a top community star!

Top 10 leaders for November!

Congratulations to our November super stars!

Tips for Writing Effective Suggested Answers

Best practices for providing successful forum answers ✍️

Leaderboard

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 291,269 Super User 2024 Season 2

#2
Martin Dráb Profile Picture

Martin Dráb 230,198 Most Valuable Professional

#3
nmaenpaa Profile Picture

nmaenpaa 101,156

Leaderboard

Featured topics

Product updates

Dynamics 365 release plans