Dynamics 365 Connector Prerequisites

User Accounts and Application Permissions

Required Permission Description
Dynamics 365 Connector Account The connector requires an administrator account with full rights to properly crawl the content being indexed is required.

Connector Features and Requirements

Features Supported Additional Information
Dynamics 365 Support

Searchable content types Yes All content types.
Content Update Full and Incremental All BA Insight Connectors support both Full and Incremental crawls, unless noted.
Permission Types Yes

All BA Insight Connectors support fetch ACLs from the source system Your Source System is the repository where your data is stored (data to be indexed). This repository is managed by applications such as: - SharePoint O365 - SharePoint 2013/16/19 - Documentum - File Share - OpenText - Lotus Notes - etc. Your Source System repository can also be a database such as SQL or Oracle..

To make items public or restricted to a single user/set of users, you can do so within the Connector Framework.
Required Software .NET Framework v4.7.2 .NET Framework v4.7.2 must be installed on the machine the connector runs on.

Permissions

Read-only permissions must be granted to any table intended to be crawled. Base Permissions must also be granted for objects to support crawling functions such as security maps, secure items, incremental crawls Scanning and capturing only new data from all of your content sources. This data did not exist when the last crawl was run. and attachments. For more information, refer to the list of base permissions below

Base Permissions

  • activitymimeattachment

  • annotation

  • audit

  • businessunit

  • email

  • organization

  • role

  • roleprivileges

  • salesliterature

  • salesliteratureitem

  • systemuser

  • systemuserroles

  • team

  • teammembership

  • teamroles

Authentication Methods

The Dynamics 365 CRM Connector supports 3 authentication models:

  • User Password: Set up or choose a Dynamics user account that has full read access.

  • Azure application model with client secret

  • Azure application model with certificate

Both Azure models follow a similar set up. To set up one of these models, do the following:

  1. Open your Microsoft Azure portal.

  2. Navigate to Microsoft Entra ID > App registrations.

  3. Click New Registration.

  4. Copy the application (client) ID for use in the connector configuration.

  5. Click on your application and select API permissions from the left pane.
  6. Click Add a permission.
  7. Add the user_impersonation Dynamics CRM Delegated API permission.

  8. In the Grant admin consent confirmation dialog, click Yes.

  9. Click Certificates & secrets from the left pane. Depending on your desired model, select the Certificates or Client secrets tab and add a Client secret or upload a certificate.

  10. Copy the Client Secret or the Certificate ThumbPrintId depending on the model you want to use in the connector configuration.

  11. Configure Dynamics to use the Azure application.

  12. Open the Power Platform admin center: https://admin.powerplatform.microsoft.com/environments.

  13. Click Environments from the left pane.

  14. Select the environment and click Settings > Users + permissions > Application users.

  15. Click New app user.

  16. Select the Business unit from the drop-down list.

  17. Click Add an app and select your app from the list.

  18. In the Security roles field, click the pencil icon and add the appropriate security roles to allow full read permissions.

Application with Certificate
When using Application with Certificate Authentication the Certificate should be installed on the server hosting the Connector. Place the Certificate in the Computers Personal Store.