MSCRM

Microsoft CRM Email Troubles

Submitted by Robert MacLean on Thu, 09/25/2008 - 21:18

An email asking for help on a problem floated by me and I thought it was an interesting enough one to blog about. First off all I had was the following error message from the MSCRM Exchange router:

#61042 - An error occurred while processing the outgoing e-mail message with subject "CRM ADMIN TEST MAIL CRM:0004015" for SMTP: http://crmserver/tenant/ for delivery through exchangeserver. System.Net.Mail.SmtpException: Mailbox unavailable. The server response was: 5.7.1 Client does not have permissions to send as this sender

The guy asking the question was trying to figure out what was wrong with CRM because that’s where the error was coming from. The problem is that he was looking in the wrong place. If you read the error carefully the last bit is actually the most important: The server response was: 5.7.1 Client does not have permissions to send as this sender

It actually states that the server (not CRM, but Exchange) responded with the client not having permissions to send. This is a fairly common issue and the resolutions fall into one of two options:

  1. The email address in the from can’t be used because you do not have permission to use it (duh) and you merely need to change the address to one you have permission to use.
  2. The second option is to enable SMTP authentication which should give you the permissions to send them mail.

Microsoft CRM on Linux!

Submitted by Robert MacLean on Thu, 09/11/2008 - 17:22
I work with great people who are open minded (none of this my brand is better than your brand thinking), so much so they are IMHO the driving force behind interoperability in South Africa. When I recently presented a session on Microsoft CRM and said that it couldn’t be used on other operating systems, Henk, our Linux expert, took it as a challenge to get it to work.
The main issue is that for MSCRM to work it needs Internet Explorer and it needs IE because of the million lines of JavaScript that exist and a lot of it makes use of MSXML which is not available cross platform.
Henk did some magic and found a program/tool/package called IE4Linux! What is IE4Linux?:
IEs4Linux is the simpler way to have Microsoft Internet Explorer running on Linux (or any OS running Wine). No clicks needed. No boring setup processes. No Wine complications. Just one easy script and you'll get three IE versions to test your Sites. And it's free and open source.

They mention three versions which are 5.0, 5.5 and 6.0, however 7.0 is in beta. Since MSCRM needs 5.5 or higher it just might work! Henk did his magic to get it working and I did mine (which was very easy, just making sure my VM is running and getting the firewall configured) and without much fuss he got Microsoft CRM running on Linux!!! He has promised a whole post on IE4Linux so if you want to know more please watch his site, otherwise enjoy the pictures taken from his Linux box below of MSCRM!

crm_on_linux2-blog  crm_new_contact-blog crm_movie_on_linux-blog

When to use what

Submitted by Robert MacLean on Mon, 06/23/2008 - 18:56

The official MSCRM blog (http://blogs.msdn.com/crm – which I knew out of my head. I am aware I need to get a life) seldom excites me because they are still so far behind what companies, like where I currently work, but Amy Langlois really did shine today. So forgive this +1 post and if you are a Microsoft Dynamics CRM developer working with the SDK you must read it because it contains vital information on changes they are making to the SDK assemblies and when/what you should be using in your code.

Read all about it at: Web Services & DLLs or What’s up with all the duplicate classes?

The official way to change MSCRM ports

Submitted by Robert MacLean on Mon, 06/23/2008 - 18:42
Finally Microsoft have released a support article which details how to change the MSCRM web site ports correctly. This also fixes the workflow doesn’t work et al issues (see here). This is great to have, not because details a third way to do it (so besides the SQL edit and IFD tool), but that it actually fills in the gaps for everything else you need to do such as reconfiguring Outlook clients and data migration tools etc…

You can read it at http://support.microsoft.com/kb/947423/

The Zen of Hosting: Part 6 - Microsoft Dynamics CRM

Submitted by Robert MacLean on Fri, 06/20/2008 - 09:58

So in the first five parts we have looked at the standard stuff, now lets dive into a real product and we'll tackle the one I am most familiar with: Microsoft Dynamics CRM 4.0. Thankfully MSCRM 4.0 is the first version of the product to really support a hosted model. Somehow MSCRM 3.0 could do hosted, but based on the architecture you would have ended up hacking a lot in it to get it to work. I never did hosted MSCRM myself in version 3.0 so that thinking is just based my understanding of the architecture of MSCRM 3.0.

So how is MSCRM 4.0 different from 3.0 and how does that allow it to be easily hosted? Well firstly you can now have a single deployment with multiple databases, one for each organisation. This means that each organisations data, settings and customizations are completely separate! This is great if every machine is on the domain but in hosting you need a way to provide a way to login over the web or via a special client. This is because in a hosted model, despite the fact you have a domain, your end users may be on a separate domain. Thankfully MSCRM 4.0 provides BOTH! This is configured using the IFD tool which actually enables MSCRM to look at what the source IP address is, and if it is a local network IP uses standard NTLM authentication. However if it sees it as external IP address it presents a form based authentication which the user can use to login with, this means that not only does the web interface work over the Internet but it also means the outlook client works too.

If you are a regular MSCRM user you likely love the dynamic export to Excel, and for those who don't know what it is let me explain briefly. In MSCRM you can export almost any data to Excel and it can be updated dynamically live from within MSCRM. This works by creating a data set in the Excel spreadsheet and putting the SQL for your query in the data set. The problem with this scenario is that Excel uses direct connections to SQL to do this, so does this mean you need to expose your SQL server? Not at all, if you are running the Outlook client a button is added to Excel which actually reverses the SQL and uses the normal MSCRM web services to get the data! So you can still just expose MSCRM to the net, keeping security high, and lowering administrative overhead. Note: This is only available if you are using IFD deployments.

If you are planning to do hosted MSCRM you may find the hosted deployment guide interesting, as it explains how to setup MSCRM 4.0, however it is not the most logical guide as it is broken into three sections. The first section is how to configure your environment for hosted MSCRM. This is actually the exact same information as included in the HMC guide for configuration of the environment, which brings us to the second section how to use HMC with MSCRM. So not only do they repeat what is in the HMC guide, they then tell you to do go through that guide. It's pointless and a massive waste of space. The only advantage is that if you had never heard of HMC this might point you in the right direction. The last section in contrast has some interesting and useful information on the additional steps for MSCRM to get it to run in an IFD mode like how to edit the install configuration file to setup IFD from the install (but the easier and less error prone route is to use the IFD tool) and any extra configuration needed for hosted (such as changing the security of the web site in IIS to anonymous).

Something that is vital for a happy hosting environment for MSCRM is that you must make sure the async service is running all the time. This is vital not only because it manages the workflow (and what good is MSCRM without workflow), imports and background processes but in a hosted scenario it also handles logins which are done via the forms based authentication.

Really MSCRM is pretty easy to get hosted and setup and while the demo HMC web console doesn't provide automatic provisioning tools, a lot of the third party ones do have options for MSCRM. Something I have learnt is that when you deploy MSCRM 4.0, even if it is not a hosted deployment it is worthwhile to make every MSCRM deployment an IFD. My reasoning for this is two fold:

  1. Authentication is handled in a superior way, as you have normal NTLM and forms based. This can give you a way to solve those complex Kerberos based issues caused by problems in AD without needing to mess around with AD.
  2. If not now, at some point in the near future, someone in your business will want to work from home or while on a business trip. You can save them having to mess around with VPNs and just point them to the same URL as they normally use (provided you have setup your DNS and firewall right), so you will save some headaches for you and your users.

If this has interested you, make sure you go to TechEd Africa as there is a IFD Tips and Tricks session for Microsoft CRM!

The Zen of Hosting: Part 4 - HMC and AD

Submitted by Robert MacLean on Fri, 06/13/2008 - 16:33
In part 2 I started to write about Active Directory and how to get a single domain to work with multiple organisations, so lets get back to AD and look at how HMC helps with it? Well what HMC does to AD is it gives you a way to setup the OU structure and it sets up a number of properties on the AD object.

 

One of the great things about the OU structure is that allows you to have a top level organisation (which is called the hosting company), a second level organisation/s (the resellers) and a third level organisation/s (the customers). The second level is very exciting as this is actually the level at which sales are done and due to the structure the multiple resellers can exist and can work with their customer base but are secured away from other customers and resellers. If you thinking of white boxing a hosting solution, this is how it is done.

Security is obviously taken into account by the HMC engine will let a administrator on a hosting company level manage anyone within the system, on the reseller level you can work add accounts to your own account and any of your customer via the web interface. But does this mean you will spend your admin days in the web interface? Definitely not! Your AD skills still apply and you can still manage users, computers, set group policies and reset passwords etc... But you should be doing provisioning (creation of items) through the web interface or the engine as it will save you from having to edit AD properties manually later on for instance. If you aren't looking at white boxing it then you would just have your hosting company and one reseller and then various organisations as customers.

You may have picked up that I said you can use the engine to provision and you may have thought that meant you need to use the SDK and write code, well you don't have to! Microsoft have actually included a tool called Provtest which is a command line tool on your HMC server which you pass an XML file to. It takes the file and parses it and pushes it to the engine and displays the result. This is actually the same way the SDK works, in that you pass XML to the web services or COM+ object to do things. Microsoft also includes many samples with HMC, and even more in the SDK. So what you may find yourself doing it a lot of that, especially when you get to Exchange management.

One of the ways HMC also modifies the AD object properties is that the login name gets set in such a way that it allows each customer to have their own domain name (sort of) however it's just on the AD account name. This isn't an easy concept to grasp without an example, so lets say the hosting company domain is Contoso.local, and lets say that a customer named Northwind signs up with one of their resellers (who the reseller is, is not important). The Northwind guys decide they want their domain to be Northwind.com, so via the web interface they add Fred and set his login to be fred@northwind.com. What HMC does is set the AD account name to fred@northwind.com, however in the background it sets the SAM account name (or the pre-Windows 2000 name) to be contoso.local\fred_northwind.. Yes, it should be dot-dot, the first dot for the SAM account and second for the grammar. So all customers are on the same domain at the core but the account name is what they would use to login to OWA, their machine or an application like MSCRM.

The SAM account name is vitally important still as most applications don't like using account name internally. For example MSCRM allows you to login with the account name, but when adding users individually you cannot use the account name, you must use the SAM account name. Odd though the multiple user add option does work with the account name. This is a annoying problem as it means you need to expose the (ugly) SAM name to your customers and if you have named you hosting level with something distinctive it could limit your white box ability!

This disconnect between account name and SAM account is a massive pain in ass for service accounts too, as I lost way too much time during the deployment on many services just retyping passwords and resetting them because I thought I was losing my mind. Only to realise that the application didn't like something in the username and wanted the SAM account name. The worst experience I had with passwords during all of this was with Forefront, where it not only didn't like the account name but also didn't like the fact the domain name (on the hosting company level) had a dot in it.

The security isn’t perfect though as there are times when you can see all users in the system. In an earlier version of HMC, there was a problem with the address books where everyone could see everyone but that has been corrected. For MSCRM though the add multiple user interface shows all users when you hit the lookup if you have not configured MSCRM correctly. I’ll come back to this point later in the series when I take about MOSS.

MSCRM 4.0 Developer Errors: My new pet hate

Submitted by Robert MacLean on Wed, 06/04/2008 - 20:32
So if you follow all the posts on this site you'll know that I am involved with a hosted MSCRM system.  This is a great system as it allows multiple customers to share a single deployment, and while it has seperated most of the functions so that each customer is seperated nicely there are a few that are not. Developer errors are one of those, if you enable them, you enable them for all customers.

As a hosting providing I do not want to have to enable it globally as it means that the user interface for an error is ugly and I do not want to have to take individual support calls for customers to turn it on and off all the time.

This workflow job was canceled because the workflow that started it included an infinite loop

Submitted by Robert MacLean on Wed, 06/04/2008 - 20:10
 Found the best little tip for workflow creation in MSCRM 4.0. See there is a loop detection in the system which detects if the same workflow rule is called 8 times and if it is, stops the workflow from running with the message: "This workflow job was canceled because the workflow that started it included an infinite loop".
This happens even where there is no infinite loop (i.e. when you have catered for it). Well until today when I stumbled across a post on the news groups which clarifies that it is only 7 times per hour. If you stay under that, so once per day or once per year it won't fail.

You can read the actual post at: http://forums.microsoft.com/Dynamics/ShowPost.aspx?PostID=3021749&SiteID=27

MSCRM Workflow Stopping, IFD cannot login, Async Service Crashing

Submitted by Robert MacLean on Wed, 05/14/2008 - 18:08
Eek, my first post in 50 days. I have been very busy on a new business venture which is very exciting from an offering and technology view. So lots of long nights with not enough time to blog. I will be posting a huge multipart blog on the expierences of that in the near future. Add to that finding out I will be a parent in Jan '09 it's been extra hectic.

Anyway on to the my new favorite issue of MSCRM 4.0, the async service crashing. Should it crash it takes down lots of features, to name some big ones:
  • Imports
  • Data Duplication
  • Workflow
  • Logging into a IFD deployment via the forms login
Well this can occur if you have added a new deployment to your MSCRM deployment which contained workflows which were running. These rogue workflows crash async with a lovely message in the eventlog (The entity with ObjectTypeCode = 0 was not found in the MetadataCache.). Well Microsoft have released a hotfix for this issue, which is available at http://support.microsoft.com/kb/950680/en-us

MSCRM 4.0 Error: Invalid Action

Submitted by Robert MacLean on Tue, 03/25/2008 - 17:42
So I had a great surprise this morning walking into the office, MSCRM 4.0 greated me with Invalid Action, The Selected Action Was Not Valid. This is after a long weekend with no one doing anything, or any system changes. So first I check if it's my machine only, nope everyone. Next I check if the server does it to itself by logging on to the server and opening MSCRM, still same problem. IIS reset, same problem. Check services, same problem. Check if SQL is up and the database is fine, yip.

Then suddenly someone mentions an issue on MOSS where they can't edit a document... I wonder if it's related so I log on to the SQL box and check the disk space and (DUM DUM DUM!!) there is no space left on the disk drive for the databases. A quick clean of the transaction logs and the system is back up and running great.