Robert Pröll
.NET Software Architect
Key areas of interest: ALM, .NET C#, PowerShell, Azure, Dynamics 365 Tooling
Robert started in the area of ASP.NET projects and has now more than 10 years of experience in the international Dynamics Enterprise business.
He works mainly as an principal software architect at Kupp and as a external consultant for Microsoft.
Robert Pröll
.NET Software Architect
Create D365 Application Users via Scripts
Posted: 11.2020 | Category: Security
Robert Pröll | .NET Software Architect
Intro
The benefits of applications users for certain use cases are pretty clear, so let’s see how the setup steps can be simplified.
We assume the scripts are executed by a 3rd person, not a developer.
Requirements:
- PowerShell Execution Permissions
- 64 Bit OS / Parent process
- AzureAD Permissions to create AzureADApplications
- Administrator Role in D356
Basic Flow:
- Register App in AAD
- Create SystemUser in D365
- Assign security roles to new application user
Step 1: AAD Setup
Note: You can either use an existing AppId or predefined ones. The basic idea here is to register an app and return the id to continue the process via c#.
There are different ways to implement the same behavior, depending on your environment.
Result of the PowerShell script:
Step 2: Create a systemuser in D365
Create Application User in D365
Switch to "Application Users" to see the new user:
Step 3: Assign the appropriate security roles:
Done.
Tags: