Getting error while creating groups in Office 365 Admin portal - dynamic

I have created trial account in MS Dynamic 365 CRM. I have logged and created a new user by making my role into global administrator using Microsoft Office 365 Admin Portal. I have also completed that to successfully. But when I tried to create groups (for user roles) I'm getting error like this
Message: The server was unable to process the request due to an internal error. For more information
about the error, either turn on IncludeExceptionDetailInFaults (either from ServiceBehaviorAttribute
or from the configuration behavior) on the server in order to send the exception
information back to the client, or turn on tracing as per the Microsoft .NET Framework SDK documentation
and inspect the server trace logs.
Your request couldn't be completed. Please try again in a few minutes.
I have tried many time still getting same error.
How can I fix this ?
How can assign user into groups and permissions

Please change the Question subject line - its misleading. Actual security roles creation & assigning users can be done from Settings - Security menu from Dynamics 365 instance url.
But you are facing issues in Office 365 Admin portal. Please try to reach out to contacts in https://www.microsoft.com/en-us/dynamics/crm-customer-center/contact-technical-support.aspx but am not sure will they support trial orgs or not.

Related

VSTS login fails with 401 not authorized - [user] has multiple accounts associated with it

I try to give new users in our domain access to our VSTS. We have MSDN enterprise subscriptions via MPN. The subscription is assigned and visible for the user if he logs in my.visualstudio.com with his work account. If the user tries to access the VSTS at [ourprojects].visualstudio.com he gets “VSTS login fails with 401 not authorized – [user] has multiple accounts associated with it. Your work or school account does not have access to [ourprojects].visualstudio.com, but your personal account does have access. “.
Signing in with the personal account as suggested by the error message leads to another error: “This Microsoft account does not exist.” This is correct. The account in charge is definitely a work account in Microsoft Azure Active Directory. So the first error message is somehow strange and leads into the wrong direction.
Our domain accounts are synchronized with Azure Active Directory (AAD). I can see the new users both in our domain and AAD. The user can login into my.visualstudio.com with his work account. So sync with Windows Server AD and AAD looks working correctly. MSDN assignment works, too.
Loggin into my.visualstudio.com redirects to the login page of our domain. thsi is corect and works fine. But this redirect does not take place loggin into VSTS.
For other older accounts in our domain VSTS access with work account works completely fine. Has anybody experienced similar problems?
Finally I talked to Microsoft support. It turned out that this VSTS account is not backed by Azure Active Directory. It has to be converted to do so.
To check if a Azure DevOps/VSTS account is backed by AAD, you can look in the settings page ("gears"->Settings) of Azure DevOps at the very bottom.

publish web application in azure facing permission issue with office365

We are doing Office 365 with asp.net mvc , in this example working fine for local system,(we are using VS2015), when i publish to azure web application its successfully published.
After open the URL click the Email button go to login page and enter the credentials its successfully logged and redirect to mail page now it showing some error message, but local working fine everything.
Please let me know anything required after publish.
Oops you've reached an error!
We weren't able to process the action you requested. This was caused by an exception in the below table:
Exception Cause Action
AdalException This exception is thrown when either you have a stale O365 access token that can cause authentication errors, or you attempted to access a resource that you don't have permissions to access.
You'll may need to refresh the access token. Try signing out and signing back in to the app again, or refreshing the session Click here.
Make sure the app is configured with the correct service permissions in the Services Manager menu. If any of these permissions are not configured, or configured incorrectly, some parts of the app may throw an error. For example Right click the project, select Connected Service..., and ensure the following permissions are set for this app:
(Calendar) – Have full access to users’ calendar and Read users' calendar
(Contacts) – Have full access to users’ contacts and Read users' contacts
(Mail) - Send mail as a user, Read and write access to users' mail, and Read users' mail
(Users and Groups) – Enable sign-on and read users’ profiles.
Thanks,
hemanth

Office 365 Starter Project - Make sure the app is configured with the correct service permissions

I am using the following project: https://github.com/OfficeDev/O365-ASPNETMVC-Start
I set the configurations as requested in the documentation but I am receiving an error after sign in.
Cause Action
AdalException This exception is thrown when either you have a stale O365 access token that can cause authentication errors, or you attempted to access a resource that you don't have permissions to access.
Make sure the app is configured with the correct service permissions in the Services Manager menu. If any of these permissions are not configured, or configured incorrectly, some parts of the app may throw an error. For example Right click the project, select Connected Service..., and ensure the following permissions are set for this app:
(Calendar) – Have full access to users’ calendar and Read users' calendar
(Contacts) – Have full access to users’ contacts and Read users' contacts
(Mail) - Send mail as a user, Read and write access to users' mail, and Read users' mail
(Users and Groups) – Enable sign-on and read users’ profiles.
The permissions are set correctly:
How can I solve this problem?
You are missing the Send permission under the Mail API.
I fixed the problem...I was logging with the developers account without an assigned license. You have to create a new user and ensure that it has the Microsoft Office 365 Developer set as Assigned license.
If not this error would occur:
When making a request as an account that does not have a mailbox, you must specify the mailbox primary SMTP address for any distinguished folder Ids.

Azure Multi-tenant application

I need to build an app with Office 365 API and tried several examples provided here: https://msdn.microsoft.com/en-us/office/office365/howto/starter-projects-and-code-samples.
I manage to login to tha app with a user from within my own Azure Active Directory, e.g. user.name#tenant.onmicrosoft.com.
But, whenever I use another Office 365 account from another domain e.g. user#pivabo.be I get this error:
AADSTS50020: User account 'user#pivabo.be' from external identity provider 'https://sts.windows.net/908b6c6d-f582-461d-9e73-88a4e48f5d88/' is not supported for application 'df1a02fd-f096-46df-9b5a-5cf1b0f9ef6d'. The account needs to be added as an external user in the tenant. Please sign out and sign in again with an Azure Active Directory user account.
The defined application in Azure is set to Multi-tenant!!
I also tried to add the foreign users to my AAD but everytime I get the message "This Microsoft account does not exist"
EXCEPT: I also made a hotmail account which I was able to add to my AAD and with this account logging in to the app was succesfull. But, without adding it to my AAD I get the above error message.
Any help would be welcome.
Make sure you are using "https://login.microsoftonline.com/common/..." and not "https://login.microsoftonline.com/[your tenant name]" when forming authorization link.
I am late to the party, but what it fixed for me was that I had to use "common" as tenantId.

Error While Passing Credentials from SSRS to Sharepoint Data Source

I am using SSRS 2008 R2 to build a report that uses a Sharepoint list as its data source, to which it is configured to connect using Windows Authentication (Integrated Security). The problem is that when the report is deployed to the Report Server, the SharePoint source rejects the credentials, returning:
An error has occurred during report processing. (rsProcessingAborted)
Query execution failed for dataset 'ListDataset'. (rsErrorExecutingCommand)
An error occurred when accessing the specified SharePoint list. The connection string
might not be valid. Verify that the connection string is correct. (rsSPDataProviderError)
The request failed with HTTP status 401: Unauthorized.
The Sharepoint data source accepts my credentials when I test the report locally in BIDS, but does not accept them after they 'double-hop' from the Report Server. What is the best work-around? Do I need to create a Service Account in SSRS, supply those credentials in the data source within SSRS, and grant the necessary read permissions to the Service Account via Sharepoint? Any suggestions would be greatly appreciated.
This is the same answer to a similar question:
I usually create a user called Reportuser (e.g. reportuser#[domain].com). Create this user on your domain, make sure it has access to SharePoint.
In BIDS/visual studio in the properties for the datasource for your report, under the credentials tab, click the radio button next to "Use Windows Authentication (integrated security)". Upload the datasource to the report manager website. ( You've done this part).
Navigate to the Report manager website, and the properties of the uploaded datasource.
Under the section starting with "Connect using":
Check the "Credentials stored securely in the report server" option
Enter the username and password like this (where domain is replaced with the domain of your network): reportuser#domain.com password
Important part: Tick the "Use as Windows credentials when connecting to the data source"
Test the connection and will work - I have just tested it.