DCRUM for Microsoft CRM
Hi,
Has anyone ever did DCRUM implementation for dynamics CRM ? I'm mostly interested in the User Recognition mapping section.
It seems like there is a single sign on process, so that the user is actually being authenticated when requesting the first page of the application.
Gil.
I don’t know how Outlook communicates with the CRM but I suppose it is using the interface called CrmService (http://msdn.microsoft.com/en-us/library/cc151038.aspx) . If this is the case we are lucky since there is detailed documentation on msdn (http://msdn.microsoft.com/en-us/library/cc151016.aspx) and there are just 6 methods.
We had investigated with Exchange 2013 similar case for Exchange Web Services, and user name extraction was possible as well from request header – EWS however is basing on WCF Web Services (.svc extension), CRM Service uses older ASP.NET Web Services technology (.asmx extension) – full documentation for SS configuration can be found here: https://apmwiki.compuware.com/display/DCRUM/Exchange+configuration
We will be possible to say more if we could see some requests / responses examples.
Hello everyone,
we are currently doing a customer project for Microsoft CRM used via an Outlook Plugin. Did anyone a page name recognition for this application?
We see a mix of SOAP, HTTP and plane XML requests here.
Thanks.
Friederike
A starting point is to find out how Dynamic users are authenticated. See this article: http://blogs.msdn.com/b/crm/archive/2012/09/19/enabling-kerberos-for-microsoft-dynamics-crm-2011.aspx for reference.
If we use a "basic" NTLM authentication, DCRUM 12.1 and higher will support it. If users are encrypted using e.g. Kerberos, we won't be able to recognize them.
Below is a Case360 case comment on NTLM:
"Based on the analysis of attached headerdata files, we was able to find the usernames for a small percentage of traffic. It's because there are unsupported authentication mechanisms found in traffic.
AMD supports NTLM authentication in it's pure/basic form of NTCR - NT Challenge/Response authorization. This works as designed and those few users that are visible in zdata files, had used this mechanism.
It is described in detail here: http://www.innovation.ch/personal/ronald/ntlm.html.
However most of the clients use more sophisticated mechanism to authenticate themselves to NTLM server, namely SPNEGO-based kerberos authentication. This protocol is not supported by AMD. The protocol authorization different that pure/basic form of NTCR is much more complicated as in the case of traffic between the client and the server the user name is not send throughout HTTP.
You can find more info here: http://tools.ietf.org/html/rfc4559."
Hi Adam,
I was actually reffering to the CRM and not the ERP.
Thanks.
Gil
Gil,
Request for support for MS Active Dynamics ERP is already logged in our systems and we're looking if it's viable for our system as it's the matter of creating new analyzer.
Currently we can use only generic (with transactions) for monitoring such application.
