Role-Based Access Control in Azure AD

Definition of RBAC

For large organizations that have multiple resources that are grouped into resource groups, granting the right permissions to the right person is what RBAC achieves. Azure RBAC provides fine-grained access management in Azure. An example would be allowing a user to manage VMs in a subscription while another to manage SQL DBs within the same subscription.

Every Azure Subscription is associated with an Azure AD. And every azure subscription has multiple resources or resource groups. Resource Groups are logical containers of resources.

Role based Access control provides the ability to grant required access to the right people of varying job descriptions.

For example, let’s say Resource Group 1 contains 2 resources, a SQL DB and multiple VMs. At a resource group level – User 1 is given the SQL DB contributor role while User 2 is given the VM Contributor role.

Resource Group	User	Role
Resource Group 1	User 1	SQL DB contributor (Built-In role) Can manage SQL servers and databases, but not their security-related policies
Resource Group 1	User 2	Virtual Machine Contributor (Built-In role) Can manage virtual machines, but not the virtual network or storage account to which they are connected

Note: Azure RBAC cannot authorize data level operations for Azure Resources. For example, the user who has the role SQL DB contributor can manage the SQL DB – it would not give permissions to manage distinct tables within the SQL DB.

Built in Roles

Azure RBAC has three basic rules that apply to all role types.

1. Owner: A person with an ‘Owner’ access has full access to all resources including the right to delegate access to others.
2. Contributor: A person with a ‘Contributor’ access can create and manage all types of Azure resources but can’t grant access to others.
3. Reader: A person with a ‘Reader’ access can view existing Azure Resources.

The rest of the below built in Roles allows management of specific Azure resources.

Role name	Description
API Management Service Contributor	Can manage API Management service and the APIs
API Management Service Operator Role	Can manage API Management service, but not the APIs themselves
API Management Service Reader Role	Read-only access to API Management service and APIs
Application Insights Component Contributor	Can manage Application Insights components
Automation Operator	Able to start, stop, suspend, and resume jobs
Backup Contributor	Can manage backup in Recovery Services vault
Backup Operator	Can manage backup except removing backup, in Recovery Services vault
Backup Reader	Can view all backup management services
Billing Reader	Can view all billing information
BizTalk Contributor	Can manage BizTalk services
ClearDB MySQL DB Contributor	Can manage ClearDB MySQL databases
Contributor	Can manage everything except access.
Data Factory Contributor	Can create and manage data factories, and child resources within them.
DevTest Labs User	Can view everything and connect, start, restart, and shutdown virtual machines
DNS Zone Contributor	Can manage DNS zones and records
Azure Cosmos DB Account Contributor	Can manage Azure Cosmos DB accounts
Intelligent Systems Account Contributor	Can manage Intelligent Systems accounts
Logic App Contributor	Can manage all aspects of a Logic App, but not create a new one.
Logic App Operator	Can start and stop workflows defined within a Logic App.
Monitoring Reader	Can read all monitoring data
Monitoring Contributor	Can read monitoring data and edit monitoring settings
Network Contributor	Can manage all network resources
New Relic APM Account Contributor	Can manage New Relic Application Performance Management accounts and applications
Owner	Can manage everything, including access
Reader	Can view everything, but can’t make changes
Redis Cache Contributor	Can manage Redis caches
Scheduler Job Collections Contributor	Can manage scheduler job collections
Search Service Contributor	Can manage search services
Security Manager	Can manage security components, security policies, and virtual machines
Site Recovery Contributor	Can manage Site Recovery in Recovery Services vault
Site Recovery Operator	Can manage failover and failback operations Site Recovery in Recovery Services vault
Site Recovery Reader	Can view all Site Recovery management operations
SQL DB Contributor	Can manage SQL databases, but not their security-related policies
SQL Security Manager	Can manage the security-related policies of SQL servers and databases
SQL Server Contributor	Can manage SQL servers and databases, but not their security-related policies
Classic Storage Account Contributor	Can manage classic storage accounts
Storage Account Contributor	Can manage storage accounts
Support Request Contributor	Can create and manage support requests
User Access Administrator	Can manage user access to Azure resources
Classic Virtual Machine Contributor	Can manage classic virtual machines, but not the virtual network or storage account to which they are connected
Virtual Machine Contributor	Can manage virtual machines, but not the virtual network or storage account to which they are connected
Classic Network Contributor	Can manage classic virtual networks and reserved IPs
Web Plan Contributor	Can manage web plans
Website Contributor	Can manage websites, but not the web plans to which they are connected

 

Assigning a RBAC role to a user

In this example – I have created a Windows Server 2016 machine and assigned a role to a user within the company.

Step 1: Click on the Access control blade of the respected resource / Resource Group

Step 2: Click on Add on the top right section of the blade

Step 3: Choose one of the built in Roles

Step 4: Assign the role to either of the below options: –

• Azure AD user, Group, Application
• Virtual Machine

Step 5: Review the roles assigned to users in your IAM Blade as below.

Custom Roles in RBAC

Apart from the built-in roles, Azure provides users with the ability to create new roles if the ones available do not serve the purpose.

Custom Roles can be created using one of the below methods: –

1. Azure PowerShell
2. Azure Command-Line Interface
3. REST API

Additional Resources

• Building your Hybrid Cloud with RBAC – Channel 9

 

Azure AD Conditional Access

Conditional access is a capability of Azure Active Directory that ensures that the right people get access to the right resources under the right conditions. This allows the admin to control how the right people access the resources and if not, the ability to deny access. For instance, what if one of your users accesses a cloud application from a highly risky IP or from a network that is not trusted? Would your application data and the user’s credentials be secure?

These questions can be addressed using conditional access. It allows you to enforce controls on the access to apps in your environment based on specific conditions. You can add additional requirements to allow access or ensure to block access if a certain criterion is not met. For example, you can ensure that users do NOT get access to sensitive data if they are accessing from a non-trusted network.

The above is the conditional access policy that can be configured in Azure Active Directory. The conditional access policy can be translated into:-

This means that: –

• When this happens = Condition Statement = ‘If users access Dynamics365 from a non-trusted network’

 

1. Then do this = Control = ‘Block access’

The combination of a conditional statement with a control is together called the conditional access policy.

The conditional access policies are found under the ‘Conditional Access’ section under ‘Security’ when you open your Azure Active Directory as shown in the snapshot below.

There are conditions and controls that you can utilize to grant access to personal and sensitive data in a fine-grained manner. These include:

Group membership – this allows to control a user’s access based on membership in a group.

Location – Use the location of the user to trigger multi-factor authentication, and use block controls when a user is not on a trusted network.

Device platform – Use the device platform, such as iOS, Android, Windows Mobile, or Windows, as a condition for applying policy.

Applications protected by Conditional Access

Azure Active Directory Conditional Access protects every application and not only Dynamics O365 and SharePoint. Any cloud, any application without a VPN. This is keeping in mind that a customer’s environment is heterogenous. Conditional access is provided to the below Microsoft Cloud Apps:-

• Azure Information Protection
• Azure Remote App
• Dynamics 365
• Yammer
• Exchange Online
• SharePoint
• Power BI
• Visual Studio Team Services
• Teams

Other non-Microsoft applications include:-

• Azure-AD connected applications
• Line-of-Business Applications
• Applications that use Azure AD application proxy
• Applications that use password single-sign-on
• Pre-integrated federated software as a service (SaaS) application

Creating your first Bot in .NET (Free!)

What will you need: –

1. Create your Bot – Visual Studio Community 2017
2. Test your Bot – Bot Framework Emulator
3. Azure Subscription – To host your Bot Service ; Get your Free 30 day trial version here.
4. Account in the Bot framework Portal – To register your Bot here.

All the above options are free, you would need to spend time and not money to gain this knowledge 😊

To reiterate from the previous article, the below are the options available during each phase of creating a Bot.

Visual Studio Community 2017

This is a free version of Visual Studio that you can download from here.

Download the Bot Application, Bot Controller, and Bot Dialog .zip files. Install the templates by copying the zip files to your Visual Studio 2017 project Templates. Visual Studio 2017 project templates directory is typically located at

%USERPROFILE%\Documents\Visual Studio 2017\Templates\ProjectTemplates\Visual C#\

Create your Bot

Open Visual Studio and create a new C# project. Choose the Bot Application template for your new project.

By using the Bot application template, you’re creating a project that already contains all the components that are required to build a sample Bot, including a reference to the Bot builder SDK for .NET. Verify that your project references the latest version of the SDK.

1. Right-click on the project and select Manage NuGet Packages.
2. In the Browse tab, type “Microsoft.Bot.Builder”.
3. Locate the Microsoft.Bot.Builder package in the list of search results, and click the Update button for that package.
4. Follow the prompts to accept the changes and update the package.

Thanks to the Bot Application template, your project contains all the code that’s necessary to create the bot in this tutorial. You won’t need to write any additional code. However, before we move on to testing your bot, take a quick look at some of the code that the Bot Application template provided.

Explore the code

First, the Post method within Controllers\MessagesController.cs receives the message from the user and invokes the root dialog.

The root dialog processes the message and generates a response. The MessageReceivedAsync method within Dialogs\RootDialog.cs sends a reply that echos back the user’s message, prefixed with the text ‘You sent’ and ending in the text ‘which was ## characters’, where ## represents the number of characters in the user’s message

Test your Bot

Download the Bot Framework Emulator. This is a desktop application that allows you to test your Bot.

Run your Bot

After installing the emulator, start your bot in Visual Studio by using a browser as the application host. This Visual Studio screenshot shows that the bot will launch in Microsoft Edge when the run button is clicked. This runs on IIS express and the default port number is 3979.

Start the emulator and connect your bot

At this point, your bot is running locally. Next, start the emulator and then connect to your bot in the emulator:

1. Type http://localhost:port-number/api/messages into the address bar, where port-number matches the port number shown in the browser where your application is running.

Click Connect. You won’t need to specify Microsoft App ID and Microsoft App Password. You can leave these fields blank for now. You’ll get this information later when you register your bot.

Test your bot by writing something to your Bot.

Now that your Bot is functional – you need to register your bot and then deploy your project to Azure.

Register your Bot on the Bot Framework

This step is done to connect your code to the Bot Framework. We get three properties once we register our Bot

1. Bot ID
2. Microsoft App ID
3. Microsoft App Password

You would need to extract this information from the Bot Framework and then input it , in the web.config file of Visual Studio.

To create a bot, go ahead and click on ‘My Bot’. Post which go ahead and create a bot. Click on Create a bot with the bot builder SDK. And then click on ‘Register an existing Bot using Bot Builder SDK’

Once you have these three fields, go ahead and insert them into the web.config file.

Now the connection between the code and the Bot is made – which is registered on the Bot Framework portal.

Publish your Web App on Azure

You can publish your code to Azure by using the ‘Publish’ option in Visual Studio

As a target choose the Microsoft Azure App Service.

After you choose a name for your app , go ahead and change the type of app to a ‘Web App’

By default, the web app is configured as a ‘Release’ version. Go ahead and change that option to ‘Deploy’ that would enable you to debug your Bot.

 

Once you publish the Web API , you would find it in the resource group mentioned above. Once you click on the web app in your Azure portal, extract the URL as shown in the snapshot below.

You get the app name from the above URL as aishwaryabot.

Connect your Azure Web app to the Registered Bot

Enter the messaging endpoint in the Microsoft Bot Framework in the settings section of your Bot you registered in the earlier step.

The format of the messaging endpoint should be:-

https://<appname&gt;.azurewebsites.net/api/messages

And Save the changes.

Now test the bot through the Microsoft Bot framework – by connecting to channels and using the test option as shown in the screenshot below

Conclusion

1. You have created a Bot on Visual Studio
2. Published your .Net code on Azure
3. Registered a Bot and connected it to the Web app deployed in Azure
4. Tested it in the Bot Framework and the Bot Emulator

Hope you have been able to create your first .NET bot using this article.

 

Create your own Bot in under 10 minutes!

Why do you need a Bot?

Bot is the next generation of Applications. Consider this scenario, you have the below three tasks to achieve

1. Order dinner from a restaurant
2. Check for flights and book tickets for the coming weekend
3. Check if the weather is appropriate to take a road trip with your friends at the end of the month

In the present-day world, you would go ahead and access three different applications on your phone.

1. To order take out
   • You sign in to an app that pools in all the restaurants that delivers to your area.
   • Filter on the cuisine you like the most
   • Check on the delivery time
   • Check on the promotions available
   • Order your food
2. To book your flight
   • Sign in to an app that checks for flights that displays the most economic options at times most suitable to you
   • Book the most convenient flight
3. To Check the weather
   • Look into your weather app and check weather forecast on the date that you intend to travel.

Now the entire process above would take average of 30 minutes at best.

With the advent of Bots, that are connected to trusted sources and holding your information such as favorite cuisine, credit card information and the vacation spots that are your favorite , the above could be completed in less than 5 minutes.

Bots could recommend restaurants based on your preferences and inform you of promotions that are available on the go. Flights would also be suggested, considering the time you are most comfortable travelling. It would suggest you go ahead and make the trip a few days earlier as the weather would be most apt then.

 

What is a Bot

Bots then simply becomes a way by which users interact to get to the right information in the shortest time.

It is the short version of the word ‘Robot’.

Note, that the capabilities of a Bot , extends far beyond just ordering take out for you 😊

Microsoft Bot Framework

Microsoft Bot Framework enables you to build and connect intelligent Bots to interact with your users naturally wherever they are — from your website or app to Cortana, Skype, Teams, Office 365 mail, Slack, Facebook Messenger Skype for Business and more.

How can I create my first Bot?

In this video series – we will first start off with creating a simple Bot – without using any code. This method can be used by small businesses for users to get their most common questions answered.

What do I need to create my first Bot?

1. Azure Subscription – don’t have one? No problem – Get a 30 day free trial version in 4 steps. The 4 steps are here.
2. FAQ List in a file / URL of the FAQs in a webpage

Watch the video here.

Post this series – we will talk about how you can build conversational Bots using LUIS (Language Understanding Intelligence Service)

Hope you enjoyed this session!

Azure Identity Models demystified!

Before we delve into Identity models and how Azure authenticates users attempting to access web and or on -premise applications – lets first go over a quick overview of the Identity.

Active Directory (On-premise) is an Identity authentication store. It stores Users, Groups, Group Policies, Organizational Units, VMs within the name space. In short active directory is traditionally known to store objects within a domain.

How different is Azure Active Directory From its On-premise version?

The on-premise version can store multiple objects. By objects I mean not just users and information about those users, but also OU’s, Groups, Group Policies, VMs etc.

Azure Active Directory is an online identity store. The only object it stores is that of Users. We can then call it an online identity store. It is designed for internet-based users and applications using HTTP and HTTPS communications.

Identity models for Azure

Below you can see a quick snapshot of the different types of identity management

Cloud Identity

Users are created and managed in the O365 portal. The username and passwords are stored in the Azure Active Directory. The Azure AD is the cloud directory used by O365.

Synchronized Identity

In this model, the user identity is managed in an on-premise server. The accounts and the password hashes are synchronized to the cloud. The user when attempting to sign on to a cloud application, does son, by entering the same password they enter in the on-premise environment. The AAD connect synchronizes usernames and passwords from On-premise AD to Azure AD.

Federated Identity

This model is another version of the synchronized identity. In the federated identity model, the user’s password is verified by the on-premise identity provider. The password hash is not synchronized to the Azure Active Directory. The architecture below uses Active Directory Federation Services (AD FS) or a third-party identity provider.

Deploy Dynamics365 app for Outlook in 2 simple steps!

The Dynamics365 app for outlook is faster, seamless, smarter and more convenient for users. This app makes it easier to track emails, tasks, appointments, opportunities without installing any additional software. You can also create records, and view and use information from Dynamics 365 such as email templates, sales literature and knowledge articles when composing messages and creating appointments.

Below is some important information before going on: –

1. Deprecation of the outlook add-in
2. Microsoft user guides

To deploy Dynamics 365 app for outlook for eligible users, here are a few prerequisites: –

1. Users with a valid O365 mailbox
2. Users with Email addresses configured and tested through Dynamics 365

The Dynamics 365 app for outlook appears as an add-in once it is pushed by the Dynamics 365 portal. For the app to be available the mailbox should be tested and configured.

STEP 1: Configure Mailboxes in ‘Email configuration’

Settings ==> System ==> Email Configuration

 

Under Email Configuration you would see an option called Mailboxes. This section would show you a list of Dynamics 365 users that have an O365 mailbox.

Please follow the below three steps in the order mentioned.

1. Approve email address
2. Activate the email address
3. Test and Enable Mailboxes

If the mailbox Is active and tested correctly, you would see a green check mark in the column, ‘test run status’

STEP 2: Add app for all eligible users in Dynamics 365

Dynamics 365 app for outlook is now available as an option under the settings tab.

Once you click on the Dynamics 365 app for outlook- you would see all the mailboxes that have been approved and activated in the view ‘Eligible users’

Now when you go to the mailbox of this user you would see the Dynamics add-in on the top-right of every email address.

 

Given that this email address is linked to an entity in Dynamics 365 – all information about that customer will be pulled into your Outlook portal.

More posts on Dynamics 365 to come! Stay tuned 🙂

Gamification in Dynamics365 : Engage your users!

Gamification in Dynamics 365 is a method of getting your employees to be more engaged and motivated at work. The theme being adding fun to work and to maintain a healthy competitive environment among peers and colleagues. The goal of gamification in Dynamics 365 is to increase both user engagement and data quality.

The goals of Gamification in Dynamics 365 are the below: –

1. Create awards to motivate employees.
2. Maintain a healthy competitive work environment.
3. Monitor performance without having to run reports.

Gamification Solution

STEP 1: Download the Microsoft Dynamics 365 – Gamification App

The first step would be to install the Gamification solution from the Microsoft AppStore. You can download the solution from this link.

Once you click on ‘GET IT NOW’ the app would

1. Ask you permission to access your O365 account.
2. Post which you would be asked to which instance this solution need be added to.

Once the solution is installed in the tenant you specified in the earlier step, you would see it in the solution list of the tenant.

You would now see a new module in Dynamics 365 called ‘Gamification’

STEP 2: Activate the solution from the Solution list

The next step would be to navigate to the Gamification solution from the list of solutions in the specified tenant.

Settings è Customization è Solutions è Gamification

Once you open the ‘Gamification’ solution – you would be asked to activate the solution by generating a security key.

Once the security key is generated – you would need to paste the security key in the space given below and then click on ‘Activate’.

Your Gamification solution is now Active! 😊

Gamification Role Types

In the gamification portal you can assign the below roles to users: –

Commissioner: This user is the main administrator for all aspects of the game. Note that users with the role of the commissioner cannot participate in the game and will not score points. They will and administer all aspects of the game.

Game Manager: A user with this role can carry out some admin tasks. These users cannot manage other users but can participate in games and secure points.

User: A regular user that can manage their own fantasy teams and get points for achieving defined KPIs based on their Dynamics 365 activity.

In the Dynamics 365 portal, a new security role is added – It is called the KPI Manager role. A user with this role has the rights to create, edit and delete KPIs that are set in the Dynamics 365 portal.

Creating a game on Dynamics 365

To create a game, the below changes would need to be done.

1. On the Gamification Portal: –
   1. Game Setup
   2. Add or Edit KPIs
   3. Assign players
   4. Assign Fans (Optional)
   5. Add or Edit Game Awards
2. On Dynamics 365
   1. Setup / Create KPIs

 

Setup in the Gamification Portal

Step 1: Create a new game

First, you would need to navigate to the gamification portal through Dynamics 365.

In the Gamification Portal, go ahead and click on ‘Game Setup’.

You would need to fill in the below information: –

1. Name of the game
2. Game Model
   1. Fantasy Teams
   2. Fixed Teams
   3. No Teams
   4. Stream TV
3. Draft Frequency
4. Changing first period roster
5. Start Date
6. End Date

For our demonstration, I have created a simple game where the number of users are limited and there are no teams. I have named my game as Creating Calls.

STAGE 1 : Add / Edit KPIs

STAGE 2: Add Players

In this stage – I have chosen one of the default KPIs and assigned that the number of points be 10 for every call made – with no floor or cap number of calls. In the second stage, choose the players you want to participate in the game.

STAGE 3: Add Fans

This is an optional Stage – where you can add users who are not participating in the game to be fans of teams / users who are participants.

STAGE 4: Add / Edit Game Awards

At this stage you name the award for the player who gets maximum points. Post the 4^th stage, go ahead and save the game.

STAGE 5: Activate your game!

This is perhaps the most important step – activating the game 😊

Under Games and then ‘Saved Games’ you would see the game you have just created. On the game you would see the option to go ahead and activate the game.

Setup in Dynamics 365

The below steps show you the setup that you would need to do in Dynamics 365 to get the data flowing between the two portals.

STEP 1: Setup the KPI in Dynamics 365

For this specific example – setup the KPI – Calls Made making changes as shown in the below snapshot.

STEP 2: Refresh Data in Gamification Settings.

Navigate to Gamification settings in Gamification è Gamification Settings

Once you go ahead and click refresh data – the data is now synced between Dynamics 365 and the Gamification Portal.

Viewing points in the Game

The example shows that as players create and make phone calls, points would get added. Go ahead and create a few phone calls where the owning user is a player of the game you have created.

Post which, you can check on the Gamification portal – how the changes are reflected.

When you navigate to My Games and choose the game you have created – you would see how the players are ranked based on the calls made and points calculated.

You can also see exactly how many phone calls are being made by each user by checking the player statistics. You can see this option under Teams è Player Stats.

There you go! 🙂

1. Microsoft Documentation

 

Embed Power BI Dashboards to your Dynamics 365 instance

In this post we will talk about how you can seamlessly integrate my two favorite Microsoft Products – Dynamics 365 and Power BI 😊

Settings in Dynamics 365

STEP 1: Navigate to the below and make the changes specified.

Settings ==> Administration ==> System Settings ==> Reporting

Set the ‘Allow Power BI visualization embedding’ as ‘Yes’

STEP 2: For Power BI to pull data from the correct organization/instance – we require the URL that points to the organization you are working on.

Navigate to Settings ==> Customizations ==> Developer Resources

In there copy the URL except the ‘/api/data/v8.2/’ . Save it on a notepad.

 

Here you would need to download the application from the services provided in Power BI. Navigate to http://powerbi.com/ and sign in with your O365 credentials.

STEP 1: There go ahead and click on ‘Get Data’ at the bottom left. Once you click on ‘Get Data’, click on ‘Services’

In the new window you can go ahead and search for Dynamics 365. As of today, Microsoft has released 12 applications that caters directly to the Dynamics 365 data. In our example – please go ahead click on ‘Sales Analytics for Dynamics 365’ as shown below.

STEP 2: Once you click on the application you would get a pop-up like the below, go ahead and click on ‘Get it now’ :-

The next step would be where the Power BI application request for a URL to connect to your Dynamics 365 Data. Paste the URL you earlier saved on a notepad.

To gain access to your Dynamics 365 data, Power BI app authenticates using the credentials you have signed in with. The system takes a few minutes to refresh data and pull data from Dynamics 365. Post the refresh the dashboard would look like the below in Power BI.

View Power BI Dashboard in Dynamics 365

To view your Power BI dashboard in Dynamics365, Navigate to Sales ==> Dashboards in Dynamics 365.

As in the first step you have allowed Power BI dashboards to be embedded in your Dynamics 365 tenant – you would now have the option as shown below.

Once you click on ‘Power BI Dashboard’ the next window would ask you to choose from the applications that you have loaded into your Power BI.

Go ahead and choose – ‘Sales Analytics for Dynamics 365’. The Power BI dashboard now gets embedded into your organizations dashboard.

And Voila! You have your Power BI embedded into your Dynamics 365 😊

 

Dynamics 365 : Introduction to Field Service

The customer service is a module that is available in the Dynamics 365 Enterprise Edition.

The two sub modules available are: –

• Field Service
• Resource Scheduling

 

Through each of the above sub modules the below processes are being fulfilled.

 

Service Agreements

Through the field service module, warranties against customer assets can be tracked efficiently. In addition, this module also provides a clear concise picture of terms and expiration dates.

Also, accurate billing is ensured with this module. Service and billing is made to conform with warranty requirements. Classify assets, track location repair history and maintenance schedules are maintained in the system.

With this module, users can seamlessly manage terms, conditions and automated renewals of contracts and service level agreements.

Schedule & Dispatch

By balancing workloads with resources Dynamics 365 field service can identify and organize resources by category. The system intelligently maps the requirements of the work order with the skill sets of the technician. By creating a schedule with geography, customer preference availability with SLAs the system automatically decreases the driving time from work.

Inventory Management

This module can provide remote access to inventory and parts information even when in a customer site. Users can also accurately track service stock at mobile and fixed locations.

Mobile

The native Dynamics 365 mobile app helps to ensure that technicians are on time with the most convenient schedule and turn-by- turn driving instructions to the customer location.

Users also get a 360-degree customer preference, history and can follow step by step instructions on how to complete the task at hand.

The mobile app also allows technicians to upload pictures of completed work, get customer sign off and even to collect payment.

Connected Field Service

With the power of IOT, the system notifies technicians of an anomaly in the machines allowing them to troubleshoot and resolve key issues remotely before the customer knows of an issue.

Predictive maintenance is also an important part of this module. This allows systems to repair, clean or replace parts when needed instead of an on a preventative maintenance schedule.

Also, work orders are created when self-healing steps don’t resolve the problem. The system would automatically dispatch the most preferred and best technician for the case.

Customer Centric Experience

Users can seamlessly keep track of service activities, including upcoming and previous appointments including self-scheduling with a customer portal. Automated voice and text messages reminders can be sent to customers about upcoming appointments.

Having visibility of where the technician is, also improves the customers knowledge on when they can expect service.

 

 

Introduction to Dynamics 365

Before we begin to explain how Dynamics 365 evolved , lets first understand the portfolio of products that Microsoft Dynamics comprises of: –

1. CRM
2. AX
3. GP
4. NAV
5. SL

CRM and AX have come together to create the Microsoft Dynamics 365 Enterprise edition.

Microsoft Dynamics 365 consists of a range of end-to-end, cloud based, intelligent business applications. Dynamics 365 will be available in Business and Enterprise editions.

Microsoft Dynamics 365 Business edition​	​Microsoft Dynamics 365 Enterprise edition
·         ​Financials ·         Sales * ·         Marketing * ​*Available Q2 CY 2017	·         ​Operations ·         Sales ·         Marketing ·         Customer Service​ ·         Field Service ·         Pro​​ject Service Automation
​Includes embedded intelligence, Pow​erApps and Flow	​Includes embedded intelligence, PowerApps and Flow

Power BI and Cortana Intelligence are natively embedded to help companies achieve their business goals with predictive insights, prescriptive advice and actionable next steps. The integration between Dynamics 365 and Office 365 brings together the two worlds of business processes and personal productivity.

Applications that are required by users can be found on Microsoft AppSource. The destination for business users to easily find and evaluate line of business SaaS apps add-ins and content packs from both Microsoft and Microsoft Partners.

As a user, you should note that if you are an existing Dynamics CRM online plan user – it is being retired. As an organization, you would need to renew to the new Dynamics 365 plans.

1. Click here to know details on switching between CRM online licenses to Dynamics 365 licenses.
2. Microsoft Dynamics 365 Business Edition – Licensing Guide here.
3. Microsoft Dynamics 365 Enterprise Edition – Licensing Guide here.