INTEGRATING DYNAMICS CRM AND SHAREPOINT SECURITY

Similar documents
INTEGRATING DYNAMICS CRM AND SHAREPOINT SECURITY

DETAILED BOOT CAMP AGENDA

Build Your Knowledge!

Connecting Software Connect Bridge - Exchange Server Sync User manual

Mirjam van Olst. Best Practices & Considerations for Designing Your SharePoint Logical Architecture

Team Collaboration, Version Management, Audit Trails

Microsoft Dynamics CRM Adapter for Microsoft Dynamics GP

Implementing an Advanced Server Infrastructure

NIIT Education and Training, Doha, Qatar - Contact: /1798;

Microsoft Dynamics CRM Event Pipeline

VMware vsphere Data Protection Evaluation Guide REVISED APRIL 2015

SharePoint Services: Using Workflows

The following is a summary of the items that Replicator does and does not replicate, with regards to Managed Metadata:

High Availability Setup Guide

Configuring and Deploying a Private Cloud

Implementing an Advanced Server Infrastructure

CA Clarity PPM. Connector for Microsoft SharePoint Product Guide. Service Pack

GRAVITYZONE HERE. Deployment Guide VLE Environment

PNMsoft Sequence Ticketing Solution (PSTS)

Siebel Application Deployment Manager Guide. Siebel Innovation Pack 2013 Version 8.1/8.2 September 2013

MS Implementing an Advanced Server Infrastructure

Best Practices for Implementing Autodesk Vault

PRiSM Security. Configuration and considerations

Achieving PCI COMPLIANCE with the 2020 Audit & Control Suite.

Siebel Performance Management Guide. Version 7.8, Rev. A April 2005

Using Colligo Contributor to Migrate Lotus Notes Applications to SharePoint

Authoring for System Center 2012 Operations Manager

2.0. Quick Start Guide

The Core Pillars of AN EFFECTIVE DOCUMENT MANAGEMENT SOLUTION

vsphere Upgrade vsphere 6.0 EN

Set up My Sites (SharePoint Server

Customer Relationship Management

Introduction to Zetadocs for NAV

Metalogix Replicator. Quick Start Guide. Publication Date: May 14, 2015

Advanced Service Design

Rödl Enterprise Application Integration Bus

Implementing HIPAA Compliance with ScriptLogic

PCVITA Express Migrator for SharePoint (File System) Table of Contents

How To Set Up Safetica Insight 9 (Safetica) For A Safetrica Management Service (Sms) For An Ipad Or Ipad (Smb) (Sbc) (For A Safetaica) (

Coveo Platform 7.0. Microsoft Dynamics CRM Connector Guide

MatchPoint Technical Features Tutorial Colygon AG Version 1.0

Microsoft Dynamics CRM 2013/2015 Event Pipeline

CA DLP. Stored Data Integration Guide. Release rd Edition

Using Business Processes for Document Approval

Customer Relationship Management

Course 20532B: Developing Microsoft Azure Solutions

User Document. Adobe Acrobat 7.0 for Microsoft Windows Group Policy Objects and Active Directory

User's Guide. ControlPoint. Change Manager (Advanced Copy) SharePoint Migration. v. 4.0

Implementing a Custom Search Interface with SES - a case study with search.oracle.com. An Oracle White Paper June 2006

P R O V I S I O N I N G O R A C L E H Y P E R I O N F I N A N C I A L M A N A G E M E N T

Developing Microsoft Azure Solutions

Developing Microsoft Azure Solutions 20532A; 5 days

Developing Visual Studio Workflows and Activities for SharePoint Sites

Redpaper Axel Buecker Kenny Chow Jenny Wong

Altiris Patch Management Solution for Windows 7.1 from Symantec Release Notes

Migrate from Exchange Public Folders to Business Productivity Online Standard Suite

CRM and Salesforce Product Comparison

Using the vcenter Orchestrator Plug-In for vsphere Auto Deploy 1.0

Foundations and Concepts

Quest Collaboration Services 3.5. How it Works Guide

System Administration Training Guide. S125 Document Management

Managing Physical and Virtual Machines in Paragon Protect & Restore

CA Clarity PPM. Demand Management User Guide. v

Configuring and Deploying a Private Cloud

LearningServer for.net Implementation Guide

Nintex Workflow 2010 Installation Guide. Installation Guide Nintex USA LLC, All rights reserved. Errors and omissions excepted.

Quest Collaboration Services How it Works Guide

CA ARCserve Backup for Windows

Configuring and Deploying a Private Cloud 20247C; 5 days

MatchPoint Benefits with SharePoint 2013

TIBCO ActiveMatrix BusinessWorks Plug-in for TIBCO Managed File Transfer Software Installation

VMware vcloud Director for Service Providers

EMC Replication Manager and Kroll Ontrack PowerControls for Granular Recovery of SharePoint Items

MS 20247C Configuring and Deploying a Private Cloud

Adobe Acrobat 9 Deployment on Microsoft Windows Group Policy and the Active Directory service

BizTalk Server Business Activity Monitoring. Microsoft Corporation Published: April Abstract

ADMINISTRATOR GUIDE VERSION

BITDEFENDER SECURITY FOR AMAZON WEB SERVICES

DataCove. Installation Instructions for Search Plug-in for Microsoft Outlook 2007 & 2010 (All Users)

Zenoss Service Dynamics Impact and Event Management Installation and Administration

TeamCompanion Solution Overview. Visual Studio

Business Intelligence with Maximizer CRM 10:

Course 6426: Configuring and Troubleshooting Identity & Access Solutions With Windows Server 2008 Active Directory Page 1 of 6

DMSplus for Microsoft SharePoint 2010

Nintex Workflow 2013 & InfoPath Form Design workshop

ImageNow Cluster Resource Monitor

enterp Oracle CRM On Demand Administration Essentials rise world's best-selling brand of

SharePoint 2013 Permissions Guide

WHITE PAPER. Understanding Transporter Concepts

Fast Track: Applications in Microsoft Dynamics CRM 2015 / CRM Online (Microsoft Training Course: F1082) - 2 days

Synthetic Monitoring Scripting Framework. User Guide

PCVITA Express Migrator for SharePoint(Exchange Public Folder) Table of Contents

VMware Cloud Automation Design and Deploy IaaS Service

Sophos for Microsoft SharePoint startup guide

Dell InTrust Preparing for Auditing Microsoft SQL Server

Oracle Exam 1z0-102 Oracle Weblogic Server 11g: System Administration I Version: 9.0 [ Total Questions: 111 ]

Transcription:

INTEGRATING DYNAMICS CRM AND SHAREPOINT SECURITY USING THE CONNECT BRIDGE This white paper provides overview about CB Dynamics CRM privileges to SharePoint permissions replicator solution and explains how it works. It explains architecture of the solution and the mapping between security model of Dynamics CRM and SharePoint. Connecting Software s.r.o. & Co KG HQ + Europe office Handelskai 340 Vienna, 1020, Austria officeeurope@connectingsoftware.com +43 (1) 370 72 00 Connecting Software Inc. North America office 1004 West Rose Circle Los Altos, CA 94024, USA officeamerica@connectingsoftware.com +1 (408) 768 8476 www.connectingsoftware.com All rights reserved. No part of the document may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the written permission of Connecting Software s.r.o. & Co. KG. Company or product names mentioned in this document may be trademarks or registered trademarks of their respective companies.

TABLE OF CONTENTS INTRODUCTION... 3 PRODUCT OVERVIEW... 4 ARCHITECTURE... 5 1.1 CB Replicator Windows service... 5 1.2 CB Replicator CRM solution... 5 1.3 Connect Bridge platform... 5 HOW IT WORKS... 6 2.1 Fully automated... 6 2.2 Event-based... 6 2.3 Support of all CRM entities... 7 2.4 Supported versions... 7 2.5 Absolute / relative document locations... 7 2.6 User mapping... 7 2.7 Security model mapping... 7 2.8 Access rights mapping... 9 2.9 Multitenancy... 9 SUMMARY... 9 CONTACTS... 10 Date: 20150424 www.connectingsoftware.com

INTRODUCTION The standard outofthebox integration between Dynamics CRM and SharePoint is a very powerful feature that allows you to link your SharePoint documents with your CRM records. Moreover you can manage SharePoint documents and use most of the SharePoint features directly from your CRM user interface. However there is a limitation. The outofthebox solution is missing security integration. The security models of Dynamics CRM and SharePoint differs significantly. The document capability of SharePoint is integrated into CRM but security permissions of CRM into SharePoint are not. Dynamics CRM User A SharePoint Account 1 Documents for Account 1 Account 2 Documents for Account 2 Cannot access Account 2 User B But still can access its confidential documents!!! Dynamics CRM users can only see records and documents relevant to them. However even a user with absolutely no rights to see documents for a particular entity in Dynamics CRM can see them in SharePoint document libraries. The rights needs to be integrated in all cases. Extending the scenario you share some specific document with a colleague who has no rights for that specific record. This has to be reflected in SharePoint as well. The standard outofthe box solution does not cover above described examples and rights management at all. Connecting Software provides simple solution. Date: 20150424 www.connectingsoftware.com

PRODUCT OVERVIEW The (CB replicator) covers whole Dynamics CRM security model. It ensures that the proper user rights are applied to the SharePoint folders. With this solution you can be sure that each document in SharePoint will be accessible to exactly those users who have access to the respective record in Dynamics CRM. Any additional modification of the Dynamics CRM privileges for each record will be automatically applied to the permissions in SharePoint. Dynamics CRM User A SharePoint Account 1 Documents for Account 1 Account 2 Documents for Account 2 CB Replicator Cannot access Account 2 User B Cannot access confidential documents anymore Date: 20150424 www.connectingsoftware.com

ARCHITECTURE The CB replicator consists of several components. These components interact together to achieve desired results. The deployment is quite simple despite multiple components. 1.1 CB Replicator Windows service The CB Dynamics CRM privileges to SharePoint permissions replicator service is a standalone service. It handles all the described application logic. It opens WCF endpoint where Dynamics CRM can send notification about the events. The service reads event and compares current and expected permissions in SharePoint. If evaluated permissions do not match it will write appropriate changes into SharePoint. 1.2 CB Replicator CRM solution The purpose of this solution is to collect all the events that occur in Dynamics CRM and can lead to possible permission replication request. The solution consists of CRM plugin and custom entities to maintain events persistence and necessary configuration information. The managed solution is deployed directly into Dynamics CRM. 1.3 Connect Bridge platform The CB Replicator uses Connect Bridge platform to access Dynamics CRM and SharePoint. The Connect Bridge has client server architecture and can be installed at the same machine as CB Replicator. For detailed information visit http://www.connecting-software.com. Date: 20150424 www.connectingsoftware.com

HOW IT WORKS The CB replicator brings all in one package. It has been designated to cover various client scenarios. 2.1 Fully automated The CB replicator is fully automated. There are no explicit user actions required to trigger permission replication. Users can concentrate on their work and CB replicator will ensure confidentiality of their documents in the background. 2.2 Event-based Small CRM solution is deployed as a part of the CB replicator. It automatically tracks/checks changes in Dynamics CRM. When some change occurs that requires security attention it will adjust SharePoint permissions accordingly. The CB replicator supports following list of events: SharePoint Document Location o Update User o Update (manager, position) o Disable o Add role o Remove role o Change business unit Team (including access team and access team template) o Delete o Add role o Remove role o Add member o Remove member o Change business unit Role o Update o Delete o Add privilege o Remove privilege o Replace privilege Business unit o Update o Delete o Disable o Change business unit Sharing (including cascading and re- parent action) o Grant (share) o Modify o Revoke Change record owner Organization o Update (hierarchy security properties) Position o Update o Delete Hierarchy security configuration (excluded entities) o Delete o o Revoke Enumerated events cover whole security model of Dynamics CRM. Therefore whatever the user does the CB replicator always ensures proper permission mapping to the SharePoint document locations. Date: 20150424 www.connectingsoftware.com

2.3 Support of all CRM entities The CB replicator works in generic way with any document enabled entity in Dynamics CRM. So all the standard entities are supported, e.g. account, contact, opportunity, quote or invoice. Moreover CB replicator supports all custom entities. 2.4 Supported versions Supported versions are Dynamics CRM 2011, 2013, 2015, Online and SharePoint 2010, 2013, Online. 2.5 Absolute / relative document locations The CB replicator fully supports absolute and relative paths. You can create document location in the way you want the CB replicator supports both. Moreover CB replicator is able to work with SharePoint document location across different SharePoint sites and site collections. 2.6 User mapping The CB replicator maps users between CRM and SharePoint automatically based on their login names. Additionally it is possible to override or completely disable this behavior and add custom mapping. You can configure mapping from any CRM user to any SharePoint user. 2.7 Security model mapping The CB replicator breaks security inheritance on folder in SharePoint and transfers CRM security model as item (folder) level permission on specific folders that are referenced by sharepointdocumentlocation record in CRM. Permission are mapped in one way: from Dynamics CRM to SharePoint. Date: 20150424 www.connectingsoftware.com

There are significant differences between Dynamics CRM and SharePoint security model so the complex permission mapping is required. In Dynamics CRM, we have several entities and actions that needs to be covered: User Team Access team Access team template Security role Business unit Sharing Privilege Privilege depth Hierarchy security (managers, positions) The SharePoint security model provides only: Users Groups Security roles (Privilege levels) The CB replicator maps target system security objects based on following rules: CRM User (systemuser) Manager Team Access team Access team template Security role Business unit Sharing Privilege Position SharePoint User User Group Group Group Group Group (for default team) User / Group Security role (configurable) Group Date: 20150424 www.connectingsoftware.com

2.8 Access rights mapping In Dynamics CRM there is a constant list of access rights that are mapped to dedicated SharePoint security roles (permission levels). CRM access right ReadAccess WriteAccess SharePoint permission level cbreplicator_crm _ReadAccess cbreplicator_crm _WriteAccess SharePoint permissions ViewListItems, OpenItems, ViewVersions, ViewFormPages, Open, BrowseDirectories, BrowseUserInfo, UseClientIntegration, UseRemoteAPIs, CreateAlerts AddListItems, EditListItems, DeleteListItems, DeleteVersions CreateAccess - DeleteAccess - AppendAccess, AppendToAcces s, AssignAccess, ShareAccess - This mapping is fully configurable so you can create custom mapping between CRM and SharePoint including custom permission levels. 2.9 Multitenancy With single installation of CB Replicator you can configure replication process for multiple Dynamics CRM instances. The CB Replicator also supports multiple SharePoint site collections for single Dynamics CRM organization. SUMMARY Many companies frequently use the outofthebox document integration between Dynamics CRM and SharePoint. Some of them are not aware of the security risk that is coming from this integration. For another companies is missing security integration the reason why they decided not to use this integration. The CB replicator is a tool to solve missing security integration. It takes the CRM security model and converts it into SharePoint security model. The proper mapping between different models ensures that same rights are applied on folders and underlying files in SharePoint as for belonging CRM record. Date: 20150424 www.connectingsoftware.com

With the CB replicator you can elevate whole power of document integration without having fear of possible security leaks and undesirable SharePoint data access. CONTACTS Connecting Software s.r.o. & Co KG HQ + Europe office Handelskai 340 Vienna, 1020, Austria officeeurope@connectingsoftware.com +43 (1) 370 72 00 Connecting Software Inc. North America office 1004 West Rose Circle Los Altos, CA 94024, USA officeamerica@connectingsoftware.com +1 (408) 768 8476 www.connectingsoftware.com Date: 20150424 www.connectingsoftware.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information