Sign in
Microsoft.com
 
Microsoft
 
 
 

locked
crm 2013 installation - org unit question RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote
    Hello, I was installing CRM 2013 and I got to the following step in the installation where it prompted me to select an org unit:

    https://www.dropbox.com/s/9vy0u2ve6lehmck/select%20org%20unit.png

    What am I supposed to select here?  What is the intent and best solution for this step?
    Tuesday, April 22, 2014 5:47 PM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi dotnetteramg123,

    I would suggest you create a new Organisation Unit called "MSCRM" and select it for the install. Please make sure the installing user has full permissions to this OU in the Active Directory. During the CRM  install it will create 4 security groups and put them inside this OU. Dynamics CRM 2011 installs 4 Active Directory Security Groups (PrivReportingGroup, SQLAccessGroup, ReportingGroup and PrivUserGroup

    The following is for CRM 2011 and from the below link, that should be the same for CRM 2013 too.

    http://technet.microsoft.com/en-us/library/gg197600.aspx

    As part of the installation of Microsoft Dynamics CRM 2011, the setup program requires the input of a domain organization unit in which the CRM security objects will be created. Although this organization unit may be any container in the domain hierarchy, it is recommended that you define a dedicated container for these objects for manageability. Also, you should consider locating this container in the domain hierarchy to limit access to other domain resources for CRM services and functionality enabled under these credentials.

    For example, you may create an organization unit named "CRM Security Groups," and select that container during the CRM setup procedure. Upon install, CRM will create four security groups for the CRM deployment in that organizational unit. Each security group will contain the GUID of the CRM deployment as part of the name.

    If you plan to install multiple CRM deployment groups in the domain, mapping the security groups to the CRM deployment group may be challenging. Consider performing the following:

    • Prior to installing CRM, create unique organization units for each is CRM deployment group, to isolate the security objects during the install. Each container will include only the security groups related to that CRM deployment group.
    • After installing CRM, update the description of the security groups with an easily identifiable value to create the mapping. This value is then displayed in Active Directory Users and Computers for easier identification.
    • Proposed as answer by Eranger Wednesday, April 23, 2014 1:45 AM
    Wednesday, April 23, 2014 1:45 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi dotnetteramg123,

    Just to add to what Eranger said, you can give the Organizational Unit any name that you want; but it's better to have a meaningful name (like CRM, etc.). Also, the Organizational Unit needs to be created before installing CRM so you can select it in the wizard. Although you can reuse any existing Organizational Unit, it's always best to create a fresh one for CRM.

    Also, going ahead you will be asked to select user account(s) for running various CRM Services (Async, Sandbox, Monitoring, etc). So, if you plan on having one/multiple accounts for various roles, you might want to create the account(s) in the same Organizational Unit.

    Admin QuikView Solution for CRM 2013

    Friday, April 25, 2014 11:24 AM