Best practices and things to know about server-side synchronization
Applies To: Dynamics CRM 2015
Consider the following when planning and deploying server-side synchronization.
Best practices for configuring server-side synchronization
If you use Microsoft Dynamics CRM Online and Microsoft Exchange Online
By default, the Microsoft Exchange Online email server profile is created for CRM Online organizations and should be your first choice. If you want to use your own profile, you use CRM Online and Exchange Online and both services are on the same tenant, use the following settings in your email server profile (Settings > Email Configuration > Email Server Profiles).
Settings |
Recommendation |
|---|---|
Auto Discover Server Location |
Yes |
Incoming Connection |
|
Authenticate Using |
Server to Server Authentication |
Use Impersonation |
No |
Use same settings for Outgoing |
Yes |
If you want to use one set of credentials to process emails with Outlook or Exchange
Using one account to process email to all mailboxes is easier to maintain but requires using an account that has access to all mailboxes in Outlook or Exchange. The account must have impersonation rights on Exchange. If that single account is compromised, all mailboxes using that account are compromised. Use the following settings in your email server profile (Settings > Email Configuration > Email Server Profiles to use a single account for email processing.
Settings |
Recommendation |
|---|---|
Incoming Connection |
|
Authenticate Using |
Credentials Specified in Email Server Profile |
User Name |
The administrator’s user name |
Password |
The administrator’s password |
Use Impersonation |
Yes |
Use same settings for Outgoing |
Yes |
Delegation (Use Impersonation = No) is not supported for syncing Appointments, Contacts, and Tasks.
If you want to use individual credentials to process emails with Outlook or Exchange
An alternative to a single account to process emails is using individual accounts. This method requires more maintenance effort but does not focus security on a single account. If you want each user account to synchronize with Outlook or Exchange and you’re not using the Microsoft Exchange Online email server profile, use the following settings (Settings > Email Configuration > Email Server Profiles).
Settings |
Recommendation |
|---|---|
Incoming Connection |
|
Authenticate Using |
Credentials Specified by a User or Queue |
Use Impersonation |
No |
Use same settings for Outgoing |
Yes |
Set the following in each user mailbox:
Settings |
Recommendation |
|---|---|
Credentials |
|
Allow to Use Credentials for Email Processing |
Yes |
User Name |
The user name for the mailbox |
Password |
The password for the mailbox |
How to allow email credentials over a non-secure channel (on-premises versions only)
By default, Microsoft Dynamics CRM doesn’t allow users to enter their email address and password when it detects that the credentials may be transmitted over a non-secure channel, such as HTTPS. Dynamics CRM enforces this by disabling the ability to select “Yes” next to “Allow to Use Credentials for Email Processing” on the user mailbox form.
.jpeg "Allow to Use Credentials for Email Processing")
However, if your deployment is using SSL offloading where Dynamics CRM can’t detect the offloading, you can configure Dynamics CRM on-premises versions to allow the transmission of email credentials. Notice that this work around is only available with Microsoft Dynamics CRM 2013 and Microsoft Dynamics CRM 2015 on-premises versions.
Warning
Before you execute the following SQL statement, back up your configuration and organization database. More information: Back up the Microsoft Dynamics CRM System
USE MSCRM_CONFIG
GO
IF EXISTS (SELECT ColumnName, BitColumn FROM DeploymentProperties WHERE ColumnName = ‘AllowCredentialsEntryViaInsecureChannels’ AND BitColumn=0)
BEGIN
Update DeploymentProperties set BitColumn=1 where ColumnName=’AllowCredentialsEntryViaInsecureChannels’
END
For information about how to change this property in Microsoft Dynamics CRM 2011, see KB Article The 'Allow Email Router to use my credentials' option unavailable in CRM 2011.
Potential issues and resolutions
Using CRM Online with Exchange Online
If your company is using Exchange Online with CRM Online, note the following:
CRM Online supports server-side synchronization with Exchange Online in the same tenant with Server to Server Authentication. Other authentication methods or settings are not recommended or supported, including:
Using Credentials Specified by a User or Queue
Using Credentials Specified in Email Server Profile
Using Impersonation
Setting Auto Discover Server Location to No
Using an email server profile other than Microsoft Exchange Online
Using non-default network ports
Connecting CRM Online with Exchange Online in different tenant is not supported.
Unsupported email service configurations
Server-side synchronization doesn’t support the following scenarios:
Hybrid deployments:
CRM Online with Exchange (on-premises)
Microsoft Dynamics CRM (on-premises) with Exchange Online
Mix of Exchange/SMTP and POP3/Exchange
Creation of mass email marketing campaigns
Extensibility scenarios like extending EWS/POP3/SMTP protocols and creating custom email providers
Exchange Server 2003 and Exchange Server 2007
Server-side synchronization in CRM Online, or in a Microsoft Dynamics CRM (on premises) deployment that is configured for FIPS 140-2 compliancy, requires a POP3/SMTP email server that is also FIPS 140-2 compliant. Some email servers are not FIPS 140-2 compliant, such as MSN, Outlook.com, or Windows Live Mail.
For most situations not supported by server-side synchronization, you can use the Microsoft Dynamics CRM Email Router. More information: Choose a method for message synchronization
Note
We recommend that you don’t use a mixed configuration of Outlook synchronization and server-side synchronization for appointments, contacts, and tasks in the same organization, because it may result in updated CRM data not synchronizing to all attendees.
Appointment record is not created in CRM when tracked by invitee
Consider the following scenario regarding tracking an event in CRM:
An event organizer uses Outlook for the synchronization method.
An event invitee uses server-side synchronization for the synchronization method.
In Dynamics CRM for Outlook, the organizer creates an appointment and sends an invite to the invitee.
In Dynamics CRM for Outlook, the invitee tracks the appointment.
The invitee logs in to CRM and navigates to Marketing > Activities > Appointment > My Appointments
Result: the appointment is not created in CRM for the invitee.
This is a known issue and is not supported.
Status fields not listed in CRM for Outlook
Consider the following scenario:
In Dynamics CRM for Outlook, choose File > CRM.
Choose Synchronize > Review Synchronization Settings.
Choose the Synchronization Fields tab and the Contact entity.
Result: there is no Category: [CRM] Inactive Outlook/Exchange field and no Status Reason: Inactive CRM field.
This is a known issue and is not supported.
Service Appointments synchronize from CRM to Exchange or Outlook
Changes made to service appointments in CRM will update in Dynamics CRM for Outlook when you synchronize but the reverse is not true. When you make changes to service appointments in Dynamics CRM for Outlook, the changes are not synchronized to CRM.
See Also
Configure server-side synchronization
Troubleshooting server-side synchronization
Troubleshooting and things to know about Microsoft Dynamics CRM for Outlook
© 2016 Microsoft Corporation. All rights reserved. Copyright