Archive for December, 2010

Introduction to Queues in Microsoft Dynamics CRM 2011

December 22, 2010 Leave a comment

Microsoft Dynamics CRM 2011 Release Candidate (RC) Announcement

December 16, 2010 Leave a comment

The Microsoft Dynamics CRM 2011 Release Candidate (RC) is now available for download in the Microsoft Download Center.  As with the Microsoft Dynamics CRM 2011 Beta, the Release Candidate is available for anyone to download, and will be available until the RTM release scheduled for Q1, 2011.   This release represents the combined efforts and feedback from customers and partners working on the Microsoft Dynamics CRM 2011 Beta so thank you for all of you involved in this process.

imageUpgrades:  On-premises Beta databases can be upgraded to this new RC release which can then be upgraded to the upcoming RTM release.  CRM Online Beta customers will continue to have access to their CRM Online Beta instance until the CRM Online RTW launch in January, at which time they can choose to opt-in to upgrade their Beta instance to a production subscription.

Release Candidate is the last external milestone before the CRM Online Release to Web (RTW) launch in January 2011, and the on-premises Release to Manufacturing (RTM) in Q1, 2011, so please continue testing and validating this new pre-release version as well as continue building your deployments and solutions to be ready for the RTW and RTM releases.

Thank you,

The Microsoft Dynamics CRM 2011 Team   

Microsoft Dynamics CRM 2011 Server Release Candidate

Available in English only 

Microsoft Dynamics CRM 2011 for Microsoft Office Outlook

Available in 25 languages

Microsoft Dynamics CRM 2011 Language Pack

Available in 41 languages

Microsoft Dynamics CRM 2011 E-mail Router

Available in 25 languages

Microsoft Dynamics CRM 2011 Report Authoring Extension

Available in 25 languages

Microsoft Dynamics CRM 2011 List Component for Microsoft SharePoint Server 2010

Available in 41 languages


Bryan Nielson

Integrating Microsoft Dynamics CRM via App Fabric (using SAML token)

December 13, 2010 Leave a comment

In an earlier article called Integrating Microsoft Dynamics CRM via App Fabric, we saw how we can integrate Microsoft Dynamics CRM 2011 with an external application via the Windows Azure platform App Fabric. We converted a classical pull model of integration to a more efficient push model. The data was queried only when needed.

I would like to draw your attention to the authentication mechanism that was employed to authenticate with the Access Control Service (ACS). We used the management key approach and this implicitly made assumption that the key can be shared between CRM system and the owner of the syncing module. In many of the integration scenarios the CRM system and the external application (including the syncing module) may not be owned by the same business. The sharing of the ACS account’s management key is not possible.

Editor’s Note: For more overview material on AppFabric’s ACS there is an excellent article here: Access Control in the Cloud: Windows Azure AppFabric’s ACS.

Consider the scenario where an ISV has setup an endpoint on the App Fabric to which they want other CRM systems, its customers, to post data so that it can provide appropriate service. The ISV owns the Azure account and the rules on the ACS. It needs to enable its customer’s CRM systems to be able to post data to its endpoint and also be able to easily control and filter who is allowed to do so.

ACS provides the use of SAML tokens to authenticate and this is a good alternative for our need. Our goal is to allow CRM system to authenticate via SAML token and also allow ISV to configure rules in ACS based on the token’s issuer signature.

We start by first procuring an X509 certificate. You can use a self signed certificate too. Generate both private (.pfx) and public (.cer) certificate parts of the certificate. Add the .pfx certificate to the certificate store of the Async box, as we are running the plug-in asynchronously, under Computer account -> Local computer -> Personal -> Certificates.

Update the RetrieveAuthBehavior() show in the earlier blog sample with the code below.

private TransportClientEndpointBehavior RetrieveAuthBehavior() { // Behavior TransportClientEndpointBehavior behavior = new TransportClientEndpointBehavior(); behavior.CredentialType = TransportClientCredentialType.Saml; behavior.Credentials.Saml.SamlToken = GetTokenString(); return behavior; } private string GetTokenString() { // Generate Saml assertions.. string issuerName = "localhost"; Saml2NameIdentifier saml2NameIdentifier = new Saml2NameIdentifier(issuerName); // this is the issuer name. Saml2Assertion saml2Assertion = new Saml2Assertion(saml2NameIdentifier); Uri acsScope = ServiceBusEnvironment.CreateAccessControlUri(SolutionName); saml2Assertion.Conditions = new Saml2Conditions(); saml2Assertion.Conditions.AudienceRestrictions.Add( new Saml2AudienceRestriction(acsScope)); // this is the ACS uri. saml2Assertion.Conditions.NotOnOrAfter = DateTime.UtcNow.AddHours(1); saml2Assertion.Conditions.NotBefore = DateTime.UtcNow.AddHours(-1); X509Certificate2 localCert = RetrieveCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindBySubjectName, issuerName); if (!localCert.HasPrivateKey) { throw new InvalidPluginExecutionException("Certificate should have private key."); } saml2Assertion.SigningCredentials = new X509SigningCredentials(localCert); // Add organization assertion. saml2Assertion.Statements.Add( new Saml2AttributeStatement( new Saml2Attribute("", "Org1"))); // The submitter should always be a bearer. saml2Assertion.Subject = new Saml2Subject(new Saml2SubjectConfirmation(Saml2Constants.ConfirmationMethods.Bearer)); // Wrap it into a security token. Saml2SecurityTokenHandler tokenHandler = new Saml2SecurityTokenHandler(); Saml2SecurityToken securityToken = new Saml2SecurityToken(saml2Assertion); // Serialize the security token. StringBuilder sb = new StringBuilder(); using (XmlWriter writer = XmlTextWriter.Create(new StringWriter(sb, CultureInfo.InvariantCulture))) { tokenHandler.WriteToken(writer, securityToken); writer.Close(); } return sb.ToString(); }

The code generates a self-signed token to authenticate to the app fabric. We could add any claims to the generated token, for example, adding the organization claim would be quite useful.

Configuring new rules in the App fabric

Since we are trying to authenticate via the signed SAML token, we would need to add the issuer and rules into the ACS to identify the token and issue “Send” claim in response. I am using the acm.exe that ships with the App Fabric sdk to configure rules in ACS.

First create the issuer entry in ACS-SB.

>Acm.exe create issuer -name:LocalhostIssuer -issuername:localhost -certfile:localhost.cer -algorithm:X509

Object created successfully (ID:’iss_334389048b872a533002b34d73f8c29fd09efc50′)

Next retrieve the base scope of the service bus: >Acm.exe getall scope

Use the scope id and issuer id to create the following rule.

>Acm.exe create rule -scopeid:scp_b693af91ede5d4767c56ef3df8de8548784e51cb -inclaimissuerid:iss_334389048b872a533002b34d73f8c29fd09efc50 -inclaimtype:Issuer -inclaimvalue:localhost -outclaimvalue:Send -name:RuleSend

The rule basically says to output “Send” claim when the input claim (any claim) is signed by the specific issuer

With the above rule in place any organization in the customers CRM system will be allowed to post. If the CRM system is multi tenant, i.e. with multiple organizations, we can make the rule more granular to allow only certain organizations.

Rule using organization claim.

>Acm.exe create rule -scopeid:scp_b693af91ede5d4767c56ef3df8de8548784e51cb -inclaimissuerid:iss_334389048b872a533002b34d73f8c29fd09efc50 -inclaimtype: -inclaimvalue:Org1 -outclaimvalue:Send -name:RuleOrgSend


Shashi Ranjan

Integrating Microsoft Dynamics CRM via App Fabric

December 13, 2010 Leave a comment

I am excited about the Microsoft’s Azure initiative. App Fabric is a part of Window Azure platform and as indicated at, makes it simpler to connect cloud and on-premise applications. It also simplifies the on-premise to on-premise application connection separated by firewalls and enables management of such interaction via the configurable rules of Access Control Service (ACS).

Consider a simple application which syncs accounts created in CRM system with another system. This application works in a classical polling model, where it polls CRM every so often for any newly added accounts. The polling interval may differ based on the other system requirements on how current the data needs to be represented. The higher the urgency, more the load it is going to put on CRM by repeatedly running the search query for new accounts.

It would be nice if the syncing module had some mechanism of being notified if a new account has been created, classical push model, which will allow it to only query CRM if needed and better if it can be notified with all the account details it needs to sync between the two systems. Lets try to see how we can alleviate the need of continuous polling with still maintaining the same data consistency between the two systems.


We have a functional CRM 4.0 system with App Fabric SDK installed, an account with the Windows Azure platform App Fabric and a program that polls CRM via the SDK to sync data every, say 15 minutes.

Our goal is to enhance the polling code to run search query against CRM only when new accounts are created and cut down on blind polling behavior.

To achieve our goals, we will write a plug-in in CRM that would post to the App Fabric any time a new account is created, The endpoint to which the data is posted by CRM is maintained by the application and it will track when was the last account in CRM created on.

Plug-in code

using System;
using System.Globalization;
using System.IO;
using System.Text;
using System.Xml;
using System.ServiceModel;

using Microsoft.Crm.Sdk;
using Microsoft.ServiceBus;

namespace AppFabricPlugin
    public class Plugin : IPlugin
        // Variables
        private string SolutionName;
        private string ServicePath;
        private string MgmtKey;

        #region Constructor
        public Plugin(string config)
            if (String.IsNullOrEmpty(config))
                throw new InvalidPluginExecutionException("config can not null or empty.");

            // Parse config.
            string[] parts = config.Split(new char[] { ';' });
            if (parts.Length == 3)
                SolutionName = parts[0];
                ServicePath = parts[1];
                MgmtKey = parts[2];
                throw new InvalidPluginExecutionException("Invalid config.");

        #region IPlugin Members
        public void Execute(IPluginExecutionContext context)
            // Set mode to http (https).
            ServiceBusEnvironment.SystemConnectivity.Mode = ConnectivityMode.Http;

            // Address.
            Uri serviceUri = ServiceBusEnvironment.CreateServiceUri(Uri.UriSchemeHttps, SolutionName, ServicePath);

            // Binding
            WS2007HttpRelayBinding binding = new WS2007HttpRelayBinding();
            binding.Security.Mode = EndToEndSecurityMode.Transport;

            // Create the channel factory.
            using (ChannelFactory<IServiceBusChannel> channelFactory = new ChannelFactory<IServiceBusChannel>(binding, new EndpointAddress(serviceUri)))
                // Apply the auth behavior

                // Create and open the client channel
                using (IServiceBusChannel channel = channelFactory.CreateChannel())
                    // Use context correlationupdatetime to track the operation time.
                    channel.Execute(context.PrimaryEntityName + ";" + context.CorrelationUpdatedTime.Value);

        #region Private members
        private TransportClientEndpointBehavior RetrieveAuthBehavior()
            // Behavior
            TransportClientEndpointBehavior behavior = new TransportClientEndpointBehavior();
            behavior.CredentialType = TransportClientCredentialType.SharedSecret;
            behavior.Credentials.SharedSecret.IssuerName = "owner";
            behavior.Credentials.SharedSecret.IssuerSecret = MgmtKey;

            return behavior;

        #region Contracts        
        [ServiceContract(Namespace = "")]
        public interface IRemotePluginContract
            [OperationContract(IsOneWay = true)]
            void Execute(string data);

        public interface IServiceBusChannel : IRemotePluginContract, IClientChannel { }

Service listener code

public void Main(string[] args)
    // Set mode to http (https).
    ServiceBusEnvironment.SystemConnectivity.Mode = ConnectivityMode.Http;

    // Address.
    Uri serviceUri = ServiceBusEnvironment.CreateServiceUri(Uri.UriSchemeHttps, SolutionName, ServicePath);

    // Binding
    WS2007HttpRelayBinding binding = new WS2007HttpRelayBinding();
    binding.Security.Mode = EndToEndSecurityMode.Transport;

    using (ServiceHost host = new ServiceHost(typeof(RemoteService)))
        host.AddServiceEndpoint(typeof(IRemotePluginContract), binding, serviceUri);


        Console.WriteLine("Press [Enter] to exit");

public class RemoteService : IRemotePluginContract
    #region IRemotePluginContract Members
    public void Execute(string data)
        // Do something.

Plug-in registration

Compile and register the plug-in on account create. Register it to run asynchronously so that the post can happen independent of the actual create. In the config part add a semicolon separated string containing the solutionname;solutionpath;sharedkey

Configuring the ACS

We don’t need any rules configured in the ACS as we are using shared secret key to authenticate. All you would need to have is a solution name space on the App Fabric and use the management key. I have provided some links for you to get started.

With the above system in-place, the syncing module only needs to query CRM if the last account created on time is greater than then last time it synced. The model can be further improved and tweaked based to the requirements, but this simple demo enables us to see the integration empowerment that Windows Azure platform App Fabric enables. The best thing I like is it enables management of data syncing between the two systems.


If you are new to Windows Azure:

If need more info on App Fabric:

If you to download App Fabric SDK:

If you need more info on CRM plug-in registration tool:


Shashi Ranjan

Demystifying the Recurring Appointment series expansion in Microsoft Dynamics CRM 2011

December 9, 2010 Leave a comment

Microsoft Dynamics CRM 2011 Beta is out and so is the support for creating and managing recurring appointments within Microsoft CRM.

Now we can create and manage recurring appointment within Microsoft Dynamics CRM 2011 using its familiar Web client user interface and it also allows you to perform full bi-directional synchronization with Microsoft Dynamics CRM Client 2011 for Outlook.

Recurring appointments look and feel is almost similar to Outlook’s Recurring appointments, this was done to ensure that users get familiar interface of Outlook’s recurring appointment but there are two important differentiators as well that I want to highlight here.

1. Outlook Recurring Appointments follow Rule based OnDemand expansion model while in CRM occurrences get created and persisted in Database as individual Appointment records. This expansion based model allows other components of CRM to work independently on individual appointments records.

2. Unlike Outlook, CRM allows us to update recurrence rule of recurring series and still maintain past history of recurring series. On every update of recurrence information, past appointment instances of recurring series are preserved and they can be viewed from a common grouping link in recurring series records.

In this blog post I wanted to share more detail on recurring appointment series expansion logic, as it has some settings that you can configure as per your organization’s business requirements.

Expansion based model works best for business system like CRM very well but it has its own set of challenges, like high storage cost and initial processing cost in series expansion. Series maintenance cost(like update and delete cost) is also high when series definition changes. To address some of these concerns partial expansion based model is followed in CRM, which mitigates performance issues as well as allows an organization to define its own expansion rule as per business needs for long running recurring appointments.

This is how we define partial expansion model –

I. Initial expansion window configurable by business policy.

II. Future expansions done by background expansion service for a configurable time window on incremental basis.

Now let’s take one concrete example to explain how partial expansion based approach works. Assume you have a never ending recurring series definition; in this case partial expansion of a recurring series will work in this way.

I. On recurring appointment series creation, immediately 15 appointment instances would be created (controlled by RecurrenceExpansionSynchCreateMax setting).

II. An Asynchronous “OnDemand” expansion job would be created, which will expand the series for next 12 months time window (controlled by FutureExpansionWindow).

III. There is a weekly “Recurring” series expansion job pre configured into CRM system which will take care of expanding any series for next 7 days into system. This job will keep expanding series regularly and it will ensure that you have access to next 12 month’s worth of instances for any series.

There are a number of organization settings that you can tweak to adjust recurring series expansions as per your organizations need.

a. RecurrenceExpansionSynchCreateMax – Specifies the maximum number of instances to be created synchronously after creating a recurring appointment. CRM default is 15 instances. This setting allows us to control synchronous creation of series instances. Default value 15 allows us to work immediately on created series instances, having a larger value will keep user waiting for series creation operation to complete.

b. FutureExpansionWindow – Specifies the maximum number of months in future for which the recurring activities can be expanded. CRM default is 12 months. After this period series instances will keep on expanding on Weekly basis (like a sliding time window) until series expansion is fully complete as per series end date definition. This setting ensures that at any day you will be able to see instances in CRM calendar for future time window controlled by FutureExpansionWindow.

c. PastExpansionWindow – Specifies the maximum number of months in past for which the recurring activities can be created. CRM default is 3 months. On web client this setting prevents user to specify recurring series start date more than three months in past. Further, this setting allows us to control how many past instances of series we want to synchronize from Outlook side. Generally, most of the time we are interested in present information instead of past information so it will prevent the synchronization of very large number of past instances from Outlook side.

d. RecurrenceExpansionJobBatchSize – Specifies the value for number of instances created in on demand job in one shot. There is no CRM default value for this setting, which means this setting is ignored unless set to some positive integer value. This performance tuning setting allows to tune Asynchronous expansion of recurring series, if there are too many instances that needs to be created because “FutureExpansionWindow” is very large, in such cases this setting will allow automatic pausing of recurring series expansion job to give other Asynchronous jobs an opportunity to complete their work.

e. RecurrenceExpansionJobBatchInterval – Specifies the interval (in seconds) for pausing expansion job. CRM default is zero seconds. If pausing happens because of “RecurrenceExpansionJobBatchSize” setting, then paused series expansion job will sleep for the specific seconds as per this setting. This setting should not be changed unless you want to do expansion related performance tuning yourself.

These settings are not available in System Settings page in CRM, so you’ll want to write a simple SDK program to change them if you want to tap into them.

You can find more detail in SDK documentation on how to work with recurring appointments and it’s interaction with other sub systems in CRM.


Prabhat Pandey

Bulk Activity Management

December 9, 2010 Leave a comment

Activities form a major part of Microsoft Dynamics CRM. Sometimes it becomes necessary to perform operations on many of these activities at once. Microsoft Dynamics CRM 2011 provide ways to manage multiple activities at once. With the new grid view of Dynamics CRM 2011 you just have to select the multiple activities you want to manage together using the checkboxes. You do not have to hold down the control key like in CRM 4.0 for multiple selections. The only bulk operations supported by Microsoft Dynamics CRM 4.0 was Assign to operation.

Bulk Activity Editing

Microsoft Dynamics CRM 4.0 provided Bulk Editing capabilities for various records. Bulk edit was not supported for Activities. With the new Dynamics CRM 2011 bulk edit support has been provided for most activities. Activities that do not allow bulk editing include Recurring Appointments. You cannot bulk edit components of different activity types. This is because each Activity will have its own unique bulk edit form. Also some fields also might be disabled if incompatible for bulk editing.

Let us assume that we want to send letters to 3 personalized emails to 3 different Contacts informing them about the new Dynamics CRM 2011. First we create 3 Emails each of them having different recipients.


Select the three different emails and click on Edit.


An “Edit Multiple Record” form appears. We can now place in the text about how much we like CRM and how awesome it is in the fields we want.


All entries that are left blank indicate that you do not want to update the original entry in the Email. So now if you actually check the individual mails, you can find a personalized mail for each user.


Note that there is no way to blank off any entry using the bulk edit feature.

Other Bulk Management Operations

Bulk operations such as Mark Complete and Cancel require that the activities be of the same type. When either of them is selected there is a pop up window where you can select the status of the activities. So if I have to set the status of three Letters as Sent


Operations such as Set Regarding, Add Note and Add to Queue support activities of different types. Lets assume that we want to perform Set Regarding operation on the three emails and maybe a couple of corresponding appointments to a particular campaign. We can use advanced find to actually find the records we want to perform the bulk operation. Select all of them.


Then select Set Regarding. A lookup dialog box pops up where we can select the appropriate campaign we want.


Note that some of these operations that are not supported for certain activities. So these operations will not act upon these activities in bulk also. For example, Email activity does not support Mark Complete operation.


Girish Rao

CRMUG Summit 2010

December 6, 2010 Leave a comment

The last week in October the CRM User Group,, held its annual Summit. This year it was in Orlando, Florida. CRMUG as an organization is unique in that it is user driven, not vendor driven. Sure, there are vendors and resellers such as myself, but the bulk of the energy comes from the customer base. This carries forward to the Summit. As with most conferences there were a large number of breakout sessions along several tracks. The sessions were run mainly by the member users themselves.

imageThose of us who are on the partner side who presented were cautioned not to push our products or services. The exception was the Vendor Showcases which were meant to be a chance for vendors to explain their products. I attended the one presented by my ‘Battle Buddy’ (you had to be at Summit to understand) Erik van Hoof of CWR Mobility from The Netherlands. Even though I’ve been using CWR Mobile CRM for some time I learned new stuff. There was also an Exhibit Hall where vendors and partners could display as well.

Being primarily user oriented gave the attendees an opportunity to learn from each other. We often get caught up in our own little worlds and ways of doing things. It’s reassuring to see that others may be, or have been, struggling with the same issues and to see how they have resolved those issues. The sessions were designed to be interactive, not just a presentation. There was often a lot of very interesting discussion and interaction between the attendees. The session tracks were Sales, Service, & Marketing, CRM Support, CRM Development, IT Infrastructure, and Community Resources. Microsoft provided two User Experience researchers to perform studies with attendee volunteers. The one I attended was very interesting with a lot of good interaction and discussion.

imageSeveral Microsoft Dynamics CRM MVPs were there to support CRMUG. These included Mitch Milam, Scott Sewell, Joel Lindstrom, Donna Edwards, and yours truly Larry Lentz. In addition to sharing our own knowledge and experience we all learned a lot from our attendance. I know I did.

In addition to the general conference which ran from Tuesday through Thursday, The CRMUG Academy conducted full and half day formal classes on Monday and Friday. I taught the 80141A Integrating Microsoft Dynamics CRM 4.0 with SharePoint. 80003A Workflow in CRM 4.0 was also taught. Additionally I taught a half day Forms Customization class on Friday.

Next year the CRMUG Summit will be held in Las Vegas starting November 7th. See you there!


Larry Lentz