Retrieve Office 365 directory information from SharePoint online - sharepoint

I was wondering if is it possible to retrieve Office 365 directory information (i.e. security group membership) from SharePoint online programmatically (for example through a workflow custom action)?
By the way, I am not looking for retrieving Sharepoint group membership information.
I know the custom development is pretty limited with SharePoint online since the code has to run as a sandbox solution. Is there any web service or any another solution available?

I have been looking for information about this matter but I could not find anything so I guess there is no way to do this.
In our case there is an active directory synchronized with office 365. So we will use a powershell script to read data from AD and update a sharepoint list every day.
Then we will be able to use this data from custom code (like a workflow custom action).

Related

Document management in MS Dynamics CRM 2013 without Sharepoint

As answered in other questions you can't use the free Sharepoint Foundation 2013 for document management in MS Dynamics CRM 2013.
So I ask if there is a (good *) way of using document management in Microsoft Dynamics CRM 2013 without using Sharepoint?
(* good = easy to understand for non technical users and not too complicated to manage)
I search for a way to attach all kinds of documents to different entities like:
- pictures to accounts (not profile picure)
- PDF documents to account
- ...
I know you can use notes.
I'm a bit confused because there are attachments on entities like email.
Can I integrate these attachment-functions on other entities like accounts?
edit 18.12.2014
Yes, you can use Sharepoint Foundation, we make it work (SP Foundation 2010).
I can use documentmanagement with sharepoint, but not automated because the crmlistcomponent is not working.
Maybe someone from here can help me over there:
My Question on Sharepoint stackexchange site
The attachments mechanism isn't available for common customizations, sadly. Microsoft wants us to use the notes... Except maybe ("maybe" as in "I never bothered to check due to the monstrous amount of hoops to jump through while having almost no benefits") for activity entites.
That said, you can use SP 2013 Foundation for document management, if you want. Here's the step-by-step guide. We deployed a CRM 2013 + Document Management based on SP Foundation just a couple of days ago following these steps.
To Run the Microsoft SharePoint Foundation Sandboxed Code Service, follow the below steps.
SharePoint Central Administrator
Under>> Service Applications
Manage services on server
Look for>>Microsoft SharePoint Foundation Sandboxed Code Service is running
Start the service
After completing all the 5 steps
To Install List Components in SharePoint
Go to Site Settings
Under>> Web Designer Gallery>> Click on “Solutions”
Click on Upload solution
and Click on Activate
To Set Broser File handling to Permissive
Go to SharePoint Central Administration
Application Management
On the Ribbon click onthe General Setting
Web Application Generation Setting pop-up window will appear
Scroll down to look for Browser file handling >> Select >>Permissive
Click Ok, save settings and restart the server/IIS
try to Activate the List compoent
Ensure the after successful activation will enable the Deactivate button.
Sometime it is very annoying you need to do several click to get this working.
Go to CRM and add the URL into Document management, all will work fine.
FYI the "CRM 2013" list component retains the 2011 look-and-feel.

SharePoint 2010 user groups - when was user added

Is it possible, in SharePoint 2010 Foundation to find out when a user was added to a particular user group? I have full admin privileges as a site owner. I can find this information out through Audit Log reports but unfortunately I did not turn these on from day one so am looking for another method. I assume that SharePoint must be storing this information somewhere.
You can achieve this using Powershell, use the repadmin command. Like below
repadmin /showobjmeta dc1 'CN=Domain Admins,CN=Users,DC=rivendell,DC=com'
For more detail check this post

How to create a new user on Dynamics CRM Online through calling APIs

I want to design an application to sync user information between local system and CRM online. I found we can't create user in CRM online through APIs directly as CRM on-premise. System said we only can add user through office 365 admin portal. But I have no idea about how to use office 365 APIs to create CRM online user. Did you guys encounter the situation before? Please help me, thanks!
Ok, let me answer my question. Right now if we want to operate Dynamics CRM Online User or License information, we need to operate Active Directory Graph Service associated with CRM Online. This Service is a web api based service. We can get the example code on "http://visualstudiogallery.msdn.microsoft.com/7e947621-ef93-4de7-93d3-d796c43ba34f", and current there is one helper library can be used you guys can download it on http://code.msdn.microsoft.com/windowsazure/Windows-Azure-AD-Graph-API-a8c72e18.

CRM 2011 and SharePoint Integrations Permissions

I'm developing a document management based on the crm sharepoint integrations at the moment. It is realy a nice way to take advantage of the sharepoint document capabilities inside crm 2011.
BUT!:
I see a huge drawback with this attempt, because the sharepoint security model differs from the crm security model. This way, even if a user has no acces to a account entity, for example, it is possible for him to go to the sharepoint site and look at the documents of this entity, because he got permissions on the list for his own account entities.
Why the heck there is no thread about this big security problem? Is there maybe a simple solution to get around this problem?
I hope someone is able to help me.
Best regards,
Gerrit
There exists a commercial out-of-the-box solution solving this problem from Connection Software company (http://connecting-software.com/index.php/en/solutions/products/cb-dynamics-crm-privileges-to-sharepoint-permissions-replicator).
Basically they deploy tiny plugin into CRM that collects all the event that can possibly require change of permissions. There is a extra service that is processing these events and writes folder-level permissions into SharePoint accordingly.
Eugh. Sharepoint.
In my opinion there is no easy way around this and there are other problems with the way it integrates.
I was on a project where we discussed options around this very issue but was moved on before we came to a conclusion.
My suggestion was to use the Sharepoint Security APIs to assign permissions on SP based on roles/events in CRM. All users start with no permissions in SP.
e.g.
User is assigned as owner in CRM - use plugin to call SP API to give permissions to that specific folder. Previous owner has permissions removed.
Opportunity is created. Use SP security API to give permissions to owner of Opportunity to the folder associated with the opportunity.
And etc etc and so on.
It isn't too pretty and depending on requirements could become particular pain to maintain and test, but I didn't see many other options.
But there are plenty of problems with SP integration I think I was lucky that I was moved on to another project!

sharepoint and ActiveDirectory

Hi guys i am new to sharepoint . Actually we are using WSS not the MOSS 2007. we don't have shared service provider installed and no user profile service web service installed.Now I need to populate the active directory data to sharepoint list and after that I have to sync both Active directory and sharepoint list.which means the changes happened to Active directory data it must reflect in sharepoint list also.
What we are doing is extracting active directory data to SQL Server database and populating sharepoint list from SQL server database. I need a solution to populate sharepoint list from SQL Server database and sharepoint list must synchronize with SQL Server database table or stored procedure all the time automatically.
Can anyone suggest me the best solution to solve both importing the active directory data and sync the active directory and sharepoint list.
If anyone of you provide the sample source code that will be helpful.
I just want to clarify a bit first. Not sure if you're looking to configure sync for proper user profiles (which mundeep's answer solves nicely) or a generic SP list.
If you're looking to:
AD <-> SharePoint list
It's probably easier to break this problem down into two parts:
AD -> SP list
and:
SP list -> AD
For AD -> SP list
Microsoft provides some guidance on monitoring the AD for changes. Unfortunately, neither of these methods is a specific event message system (if anyone knows of one, please chime in!) both are essentially polling.
I would create a Windows service to handle this part of the solution.
The service would (in pseudo-code):
look for records that have changed
for each record that has changed:
get the matching SP item from the SP list (probably based on username)
update/add/remove the properties of the SP item
save the SP item
For SP list -> AD
I would create a custom event handler and attach it to the SP list.
Again in pseudo-code:
On SP item delete:
remove the matching AD record (if that's the behaviour you want)
On SP item create:
create a new AD record
On SP item update:
find the matching record in the AD
update the changed properties (which are flagged in the SP event handler)
The SP side of things is a little more elegant because events are raised only when something happens. This is definitely more efficient than polling.
What I'm suggesting has the added benefit of removing SQL (explicitly) from the solution. You can use the ADSI interface in the .NET framework to handle the AD update code. It's in the System.DirectoryServices assembly.
The AD polling service could use the SP object model if it's installed on the WSS box or the web services if it's on another system.
Again, if you're just looking to use the actual WSS/SP user profiles, use mundeep's solution.
1) Have you look into the User Information Lists & User Profiles? Sahil Malik has a very good overview of 'All you ever wanted to know about user profiles'. Keep in mind that because you are using WSS you don't have SSP Admin.
2) If you read the above article you will he mentions "How can profile information be kept up to date, if in case I am not using MOSS (and have no SSP)?" and his answer is an import/export utiltiy, the codebase of which (or even the utility itself) should give you a good start on what you want to do.
3) Also mentioned in the above article is a good diagram on how user information flows.

Resources