Microsoft Dynamics CRM Connector

Installation and Configuration

Creating and testing a crawler account

Create a new account for Microsoft Dynamics CRM. This account must have the required read access rights for all data relevant for crawling in CRM. A read-only administrator account is best suited for this purpose.

Then test the account by logging in to your Microsoft Dynamics CRM and checking whether you can see all the data relevant for crawling.

Configuring Mindbreeze

Index

Click the “Indices” tab and then click the “Add new index” icon to create a new index (optional).

Enter the index path. If necessary, adjust the display name of the index service and the associated filter service.

To do this, the “Advanced Settings” must be activated first.

The following "Dynamic Constraints" must be configured to NOT reference the author in the documents:

A general documentation about these "Dynamic Constraints" settings can be found here.

Data source

Set-up

Add a new data source with the “Add new custom source” icon (located at the bottom right).

Connection Settings

Now enter the URL for your CRM in the “CRM URL” field.

You can disregard the “Organization Service URL” field if you have not changed the URL to the “Organization SOAP Service” of your Microsoft Dynamics CRM instance.

The credentials are specified with the "Credential" option. More detailed information about this can be found in the section "Credentials".

If you use Microsoft Dynamics CRM Online (that is, not on-premises), select the "Is Microsoft Dynamics CRM Online" option.

If you want the proxy settings from the "Network" tab to be ignored for the crawler, check the "Ignore Proxy" option.

Sources

For the final step, specify which part(s) of your CRM should be indexed in Mindbreeze InSpire.

First, go to the entity settings of your CRM. The entity name of the relevant entity from Microsoft Dynamics CRM is required to index all entities of a particular entity type from Microsoft Dynamics CRM in Mindbreeze InSpire.

The following screenshot shows the configuration of the entity type “Opportunity” in Microsoft Dynamics CRM. In this example, all sales opportunities (blue-bordered in the screenshot) are to be indexed; the Microsoft Dynamics CRM connector requires the internal name of the entity type (name "opportunity", red-bordered in the screenshot).

In addition, the internal name of the main field is required for the configuration of the connector (red-bordered in the following screenshot).

Navigate back to the data source settings in Mindbreeze InSpire and enter all the entity types you want to index in the “Entity Types” field, separated by a line break. If you want to index all sales opportunities, enter the value “opportunity” in a new line in the field “Entity Types”.

For each entity type entered, the main field must be entered in the “Primary Name Attributes” field. The first line of “Entity Types” is linked to the first line of “Primary Name Attributes”; the second line of “Entity Types” is linked to the second line of “Primary Name Attributes” and so on. Since “opportunity” is written in the last line of the field “Entity Types” in this example, the corresponding main field “Name” must be placed in the last line of the field “Primary Name Attributes”.

With the Advanced Setting "Entity Relation Resolution" you can also resolve database relationships and index the metadata of the connected entity in the document.

The following settings are necessary for this:

• Entity Name: The name of the entity from which the relationship originates. This name must be present in the configuration field "Entity Types".
• Foreign Key Column Name: The name of the attribute that contains the reference to the other entity.
• Referenced Entity Name: The name of the entity to which the reference points.
• Referenced Column Name: The name of the attribute to which the foreign key of the original entity points, usually a unique ID of the entity.

With the setting "Foreign Metadata Prefix" the metadata of the connected entity can be prefixed.

In CRM, you will find all these parameters in the entity settings.
In this example, the relationship between Account and Currency is resolved:

Entity Names can be found as above for the Entity Types setting.
For the Column Names, first look in the Relationships of the entity for the relationship to be resolved:

When you open the relationship, you will see the field "Name" under "Lookup Field". Set this as the "Foreign Key Column Name".

The "Referenced Column Name" is usually the primary key of the referenced entity. Most of the time the name of this column is simply the name of the entity + "id". You can check this in the "Fields" of the entity:

The complete configuration of this example looks like this:

With this feature you can also easily resolve multiple relationships per entity.

If you use this feature, you should be aware of the following things:

• The ACLs of the connected entity are ignored, the indexed document only uses the ACLs of the original entity. Therefore, you should not use this feature to resolve connections to entities with sensitive data.
• This feature supports 1:1 and N:1 relationships. If the connection to another entity returns more than one result per entry, this can lead to unexpected results.
  For 1:N relationships, you can instead index the N side and connect to the 1 side to avoid this problem.
• If you change the Foreign Metadata Prefix setting, you should do a full re-index, otherwise you may get unexpected results.

Principal resolution service

To determine which users are allowed to see which entities in Mindbreeze, you need to add a PrincipalResolutionService under Services.

“Microsoft Dynamics CRM Principal Resolution" must be selected in the drop-down list Service.

You must also specify a free port in the Bind Port field.

The "ACL Cache Expires Minutes" option can be used to define the number of minutes after which the cached rights information will expire and have to be re-downloaded from the CRM.

With the option "Resolve msDS-PrincipalNames" an LDAP server is used to convert the email addresses of the users logged into Mindbreeze Inspire Search Client to msDS-PrincipalNames. This is necessary if the user names in Microsoft Dynamics CRM are also msDS PrincipalNames. With some Microsoft Dynamics CRM instances (e.g. in the online version) it can happen that e-mail addresses are used as usernames. In this case, you have to disable this option.

The "CRM URL", "Organization Service URL", "Is Microsoft Dynamics CRM Online", and "Ignore Proxy" options must be configured as described in the "Connection Settings" section.

In the next step, the "Microsoft CRM Principal Service" needs to be added to the configured data source. Select the service you just configured from the Caching Principal Resolution Service drop-down list.

If the option "Resolve msDS-PrincipalNames" is activated, you also need to configure the required LDAP server. Switch to the Network tab and enter the domain name in the LDAP settings as a minimum.

In the next step, you need to configure a user under Credentials who, at a minimum, has the rights to read the UPN names of all users.

In addition, you need to create a link under Endpoints between the LDAP settings and the added credentials. The Location field must be configured as follows:

dns://<LDAP Server Domain Name>   (e.g. dns://mycompany.com)

Login information

For the next step, you’ll need the login information from chapter “Creating and Testing a Crawler Account”. In the Mindbreeze management UI, switch to the Plugins tab and add the credentials/login information under Credentials:

Now you have 2 possibilities to link the created credential with the crawler and the principal resolution service:

1. Select the credential with the option "Credential" in the Crawler and in the Principal Resolution Service configuration or
   
2. Under Endpoints, add a new endpoint. Enter the CRM URL in the Location field. In the Credential drop-down field, select the login information that has just been configured.
   

Caution: Depending on whether you are using an on-premises installation or Microsoft Online, the credentials must be configured differently (Username/Password or OAuth 2). The type of authentication is automatically detected by the connector, depending on how you have configured the connector. In the following table you can find in the first column the different types of authentication and in the columns to the right which fields have to be filled in the credentials configuration (X is a mandatory field, bracketed (X) is an optional field). It is absolutely necessary that the fields marked with X are configured so that the authentication type can be recognized. Please also read the next sections.

Authentication: On Premises

If you have an on-premises installation and have disabled the "Is Microsoft Dynamics CRM Online" option, this authentication method is suitable.

Create a new account for Microsoft Dynamics CRM or use an existing one. This account must have the required read permissions for all data in CRM that is relevant for crawling. A read-only administrator account is best suited for this purpose.

Credentials:

Now you can configure the credential in Mindbreeze Management Center in the Network tab as described in the section "Credentials". It is important that you configure the following fields:

• Type: Username/Password
• Username
• Domain (optional)
• Password

Authentication: Microsoft Online OAuth 2 Client Credentials (recommended for Microsoft Online)

If you have a Microsoft Online Dynamics instance and have enabled the "Is Microsoft Dynamics CRM Online" option, this authentication method is recommended. This authentication method is also suitable if you have a federated IDP (e.g. Okta) in use, through which users normally log in.

This authentication method does not require a real user, but instead requires an Azure app and a service user in Dynamics. To set this up, please follow the steps below:

Set up an Azure app

Log in to https://portal.azure.com and create an app in "Azure Active Directory" by clicking "New registration" under "App registrations". A redirect URI is not required.

Then create a client secret in the "Certificates & secrets" menu note down the created client secret.

Then switch to the "Overview" and note down the "Application (client) ID" (= Client ID) and the OAuth2 Token Endpoint (v1) or (v2).

Set up application user

Now create an application user in Dynamics that will be linked to the Azure app. To do this, go to "Security" "Users" in Dynamics Settings and switch to the "Application Users" view. Then click on "New" and add the "Application ID" of the Azure App. Next, assign a "security role" to get all permissions relevant for crawling. A read-only administrator role is best for this.

Credentials in Mindbreeze Management Center

Now you can configure the credential in Mindbreeze Management Center in the Network tab as described in the section "Credentials". It is important that you configure the following fields:

• Type: OAuth 2
• Access Token URL
• Client ID
• Client Secret

Authentication: Microsoft Online WS-Trust with username/password (deprecated)

If you have a Microsoft Online Dynamics instance and have enabled the "Is Microsoft Dynamics CRM Online" option, this authentication method can be used.

Attention: This authentication method is deprecated by Microsoft and is no longer supported by new instances. Use OAuth 2 client credentials instead (see above).

If for some reason you still want to use this authentication method, please follow these steps: Create a new account for Microsoft Dynamics or use an existing one. This account must have the required read permissions for all data in Dynamics that is relevant for crawling. A read-only administrator account is best suited for this purpose.

Then test the account by logging into your Microsoft Dynamics and check whether you can see all the data relevant for crawling.

Credentials:

Now you can configure the credential in Mindbreeze Management Center in the Network tab as described in the section "Credentials". It is important that you configure the following fields:

• Type: Username/Password
• Username (Email)
• Password

Synthesized metadata

In Microsoft Dynamics CRM, entities are often related to other entities (frequently also to entities of a different entity type). In order to display attributes of the linked entity in the search client, ”synthesized metadata” needs to be configured. To do this, the “Advanced Settings” must be activated first.

Click the “Add Composite Property” icon and assign a name for the referenced attribute in the “Name” field.

The link is created in the “Property Expression” field using the following pattern: mscrm_<Fremdschlüssel-Attribut>/mscrm_<Attribut im Referenzierten Dokument>.

In “categoryDescriptor.xml”, the name (“mscrm_parentcustomer_name” in the screenshot) can then be used as the metadata date ID.

Must-have synthesized metadata

The following Synthesized Metadata Definitions have to be configured, as they are used in the “categoryDescriptor.xml” which is included in the standard delivery:

1. Name: mscrm_parentaccount_name
   Property expression: mscrm_parentaccountid/mscrm_name
   
2. Name: mscrm_owninguser_fullname
   Property expression: mscrm_owninguser/mscrm_fullname
   
3. Name: mscrm_parentcontact_fullname
   Property expression: mscrm_parentcontactid/mscrm_fullname

Appendix

Troubleshooting

If you are having problems with indexing, the following tips may be helpful:

Check the logon information. Are they correct? Are you using the right type of login (on-premises versus Microsoft Online)?

Are the configured URLs correct?

You may not want the configured proxy from the "Network" tab to be used. If this is the case, you can check the "Ignore Proxy" option.

Does the crawl run abort after some time, e.g. because there has been a read timeout? It may help to set the "Page Size" to a lower value. You can also try to set "Maximum Download Retries" to a higher value or activate "Ingnore Unsuccessful Entity Types" to at least try to index content from other tables.