Edit

Share via

Synchronize user information with Active Directory

  • Article

Note

If you have enabled Unified Interface only mode, before using the procedures in this article do the following:

  1. Select Settings (Gear icon.) on the navigation bar.
  2. Select Advanced Settings.

    Advanced Settings.

Dynamics 365 Customer Engagement (on-premises) supports two methods for authenticating users:

  • Integrated Windows Authentication

  • Claims-based authentication

By default, customers who purchase Customer Engagement (on-premises) and deploy it on-premises use Windows Authentication. These customers also can set up claims-based authentication for Internet-facing deployments (IFDs) of the product.

With integrated Windows Authentication, each user record in Customer Engagement (on-premises) must be associated with a user account in Active Directory to enable log on to Customer Engagement (on-premises). When the user records are associated, Customer Engagement (on-premises) automatically reads and stores other information about the user record (including the first and last name, the email address, and the globally unique identifier, or GUID) from the Active Directory directory service.

However, changes to the Active Directory information associated with a specific user can create discrepancies with the information maintained in Customer Engagement (on-premises), thereby preventing the user from accessing Customer Engagement (on-premises). Specifically, if value of the User SamAccountName logon attribute in Active Directory changes for a user, the corresponding user information in Customer Engagement (on-premises) won’t match and the user won’t be able log on.

To ensure that the user can successfully log on to Customer Engagement (on-premises), you must update the information in the Customer Engagement (on-premises) user record so that it matches the detail in Active Directory.

Before you start, be sure to record the value of the User SamAccountName logon attribute for the affected user before updating the corresponding user record in Customer Engagement (on-premises).

  1. Go to Settings > Security.

  2. Choose Users.

  3. In the list of users, choose to select the user record you want to update, and then choose Edit.

  4. In the User Name text box, type an Active Directory user name that isn’t used by any Customer Engagement (on-premises) user record.

    Important

    If you specify a user name that already exists in Active Directory, Customer Engagement (on-premises) will try to map the user to the updated user in Active Directory, and when it locates an existing record with the same GUID, the mapping will fail.

    If all the user accounts in Active Directory are used by Customer Engagement (on-premises) user records, create a temporary Active Directory user account.

  5. Save the user record, and then in the User Name text box, type in the User SamAccountName logon value that appears for the user Active Directory, which you recorded prior to starting this procedure.

  6. Choose Save and Close.

See also

Manage security, users and teams
Add or remove territory members