locked
Re-Activate CRM User with NEW Active Directory Record RRS feed

  • Question

  • I have a custom workflow activity that I have written (vb.net) that:

    1. Creates the Active Directory user account; and
    2. Creates the CRM User

    This works well! 

    However, in the situation where a previous employee (with deactivated CRM record) returns to the firm, I have to:

    1. Create a NEW AD user account since we delete AD accounts when an employee leaves; and,
    2. RE-ACTIVATE the CRM User BUT tie it to the NEW AD account record even though the usernames match.

    When I try and reactivate the account, I get errors that the AD user doesn't exist since the NEW AD user account doesn't have the same ID as the original.

    Can anyone tell me how to do this properly in code and perhaps include a quick snippet?  Either VB or C# would work as I can translate either.

    Thanks,
    Glen

    Friday, June 5, 2015 7:08 PM

Answers

  • Finally figured it out using some examples I found regarding the reactivation of CRM users.  In a nutshell, I have to make sure that not only do I rename the CRM user to a bogus domainname and then BACK to the their LIVE name, but then I have to reload a copy of the user record BEFORE I try to set the record state/status.  My code is below.

            '> Have to rename CRM User record to a differennt existing AD user and then BACK to the recreated AD User
            existingUser("domainname") = "MYDOMAIN\dummyUserName"
            crmService.Update(existingUser)
            existingUser("domainname") = "MYDOMAIN\liveUserName"
            crmService.Update(existingUser)
    
            '> Now, try and reinstate the CRM user, BUT FIRST RELAOD THE EXISTINGUSER!!!
            existingUser = crmService.Retrieve("systemuser", existingUser.Id, New ColumnSet())
    
            '> Now reactive the user
            Dim stateReq As New SetStateRequest()
            stateReq.EntityMoniker = existingUser.ToEntityReference
            stateReq.State = New OptionSetValue(0)
            stateReq.Status = New OptionSetValue(-1)
            crmService.Execute(stateReq)
    
            '> Reload the existingUser one last time to make sure you have an up-to-date version.
            existingUser = crmService.Retrieve("systemuser", existingUser.Id, New ColumnSet())
    

    • Marked as answer by GDW0316 Friday, June 5, 2015 9:41 PM
    Friday, June 5, 2015 9:41 PM

All replies

  • Finally figured it out using some examples I found regarding the reactivation of CRM users.  In a nutshell, I have to make sure that not only do I rename the CRM user to a bogus domainname and then BACK to the their LIVE name, but then I have to reload a copy of the user record BEFORE I try to set the record state/status.  My code is below.

            '> Have to rename CRM User record to a differennt existing AD user and then BACK to the recreated AD User
            existingUser("domainname") = "MYDOMAIN\dummyUserName"
            crmService.Update(existingUser)
            existingUser("domainname") = "MYDOMAIN\liveUserName"
            crmService.Update(existingUser)
    
            '> Now, try and reinstate the CRM user, BUT FIRST RELAOD THE EXISTINGUSER!!!
            existingUser = crmService.Retrieve("systemuser", existingUser.Id, New ColumnSet())
    
            '> Now reactive the user
            Dim stateReq As New SetStateRequest()
            stateReq.EntityMoniker = existingUser.ToEntityReference
            stateReq.State = New OptionSetValue(0)
            stateReq.Status = New OptionSetValue(-1)
            crmService.Execute(stateReq)
    
            '> Reload the existingUser one last time to make sure you have an up-to-date version.
            existingUser = crmService.Retrieve("systemuser", existingUser.Id, New ColumnSet())
    

    • Marked as answer by GDW0316 Friday, June 5, 2015 9:41 PM
    Friday, June 5, 2015 9:41 PM
  • Yeah, the reason why this is happening is because CRM stores the users AD guid, so switching AD names on the user will reset this guid (the aduser can not be the same when switching, and you have to save between).

    Halldór Jóhannsson

    Monday, June 8, 2015 9:16 AM
  • Well, I spoke WAY too soon.  I've gotten this to work a couple of times, but I keep running into one particular problem.  It seems that for some reason, CRM is not seeing either my newly-created AD user OR the renamed CRM user.

    In my code example below, I put in a "pause" while attempting to do the second rename of the CRM user BACK to the true user name in order to get the newly-created AD User GUID properly recorded on the existing CRM user record. This routine starts immediately after creating the AD user. This seems to be working just fine.  Usually the rename works in one or two passes.

    I then even put in a "pause" just before attempting to execute the SetStateRequest.  It keeps failing with an error of "The selected object could not be found. Verify that the object exists in both the database and Active Directory."

    Any help would be appreciated.

    Sincerely,
    Glen

            '> Have to rename CRM User record to a differennt existing AD user and then BACK to the recreated AD User
            existingUser("domainname") = "MILLERMARTIN\" & "dummyID"
            crmService.Update(existingUser)
            existingUser = crmService.Retrieve("systemuser", existingUser.Id, New ColumnSet())
    
            '> The final rename may need several retries until the AD update propogates to the point where 
            '> the CRM server will see it.  After 5 minutes of trying, we will allow it to fail.
            Dim cntr = 0
            Dim SetUserNameSuccess As Boolean = False
            existingUser("domainname") = "MILLERMARTIN\" & currentApplicant("mm_username")
            Do Until cntr >= 20 Or SetUserNameSuccess = True
                traceService.Trace("  Rename Attempt# " & cntr.ToString & "...")
                Try
                    crmService.Update(existingUser)
                    SetUserNameSuccess = True
                Catch ex As Exception
                    '> Do nothing 
                End Try
    
                Threading.Thread.Sleep(30000)  '> Wait 15 seconds
                cntr += 1
            Loop
    
            If Not SetUserNameSuccess Then Throw New Exception("  Account rename failed.  Could not re-enable CRM user.")
    
            existingUser = crmService.Retrieve("systemuser", existingUser.Id, New ColumnSet())
    
            '> Now, try and reinstate the CRM user
            Threading.Thread.Sleep(60000)
            Dim stateReq As New SetStateRequest()
            stateReq.EntityMoniker = existingUser.ToEntityReference
            stateReq.State = New OptionSetValue(0)
            stateReq.Status = New OptionSetValue(-1)
            crmService.Execute(stateReq)
    

    Monday, June 8, 2015 4:19 PM
  • Are you doing both the renames in a single call to the custom workflow activity (both renames there is)?

    You might have better luck to split up the calls, first do a rename from the old adname to the dummy adname, then have the workflow itself do a wait for a few seconds or a minute, then do another call with the custom workflow activity to rename the user from the dummy adname to the correct adname.


    Halldór Jóhannsson

    Monday, June 8, 2015 4:43 PM
  • The only solution I found was to put multiple tries at re-enabling the user into a delayed loop.  After a few minutes (and tries) it finally succeeds.  What I suspect is that there is a delay between my direct Active Directory updates and what CRM seesin Active Directory since we have multiple domain controllers.

    So, here's a question for everyone:  IF my supposition is correct, how often does CRM update itself from Active Directory?

    Tuesday, June 9, 2015 7:02 PM