Data Migration from CRM 4.0 to MS Dynamics CRM 2011 online

This is my second post for data migration from CRM 4.0 to CRM 2011. I think i mentioned in the last webcast that was shared as part of my post that we use our integration framework at the backend of our migration utility which allows us to take data from disparate solutions and feed it to MS Dynamics CRM 2011 on-premises and online. Although this webcast and the last one focused on migration from CRM 4.0 to CRM 2011 but the migration utility can be used for Goldmine and SalesForce as well. We are targeting CRM 4.0 to CRM 2011 just based on the demand and I will be preparing the next webcast for Goldmine. Anyways in this webcast we take data from CRM 4.0 to CRM 2011 online.

I think this webcast addresses the core issue for many who were just stuck with CRM 4.0 because they wanted to migrate to CRM 2011 online and the migration was not obvious. I would like to mention here that no matter what you have on your CRM 4.0 on-premises version you should be able to transition to Cloud provided you are working with intelligent consultants. There is always a work-around for some restrictions with the online solutions and Solution Experts should be able to share the solution with all the pros and cons.

The migration utility works perfectly for basic sales entities. We are still looking into reports to some how find a way to automate report migration from CRM 4.0 to CRM 2011 online but as it is reports require lots of manual work as one needs to change each report.

Enjoy this video and contact me if you have any questions. Hang in there for more videos on data migration from different solutions to CRM 2011 online.


CRM Online Email Reading Pane add-on

I wrote a blog on claim based authentication for CRM. The idea was that once the users are authenticated the claims enabled CRM 2011 could be extended to add business specific functionality. As mentioned in my last post the claim based authentication for CRM 2011 online is still not out of the cloud, so I have not tested the solution, but considering what Microsoft claims I would feel that the claim based solution would work with CRM 2011 as well. As for CRM dynamics I already showed how to enable single sign-on for writing web extensions. Here is the link to the post.

Building on the documented authentication model I have extended the CRM Dynamics online solution to provide users with a reading pane similar to outlook. Most of our clients have had an awful experience responding to mails using CRM Dynamics online. Primary drivers for this add-on are:

1. Users are accustomed to using outlook where one can quickly go through the emails using preview pane and reply to emails of interest.

2. In CRM in order to review the content and attachments one needs to open the mail by double-click and only then realize that this is not the mail one was in search for.

3. Productivity of sales representatives suffer a great deal just because half of the day is spent finding the right document attached in one of the hundreds of mails in the history section. Imagine having to open up each mail to find relevant content in outlook. If you cant imaging then just close your preview pane in outlook and try finding mail with content of your interest.

Keeping in view that most of our customers are accustomed to outlook we have provided the look and feel of outlook. Setting up our solution for CRM online clients is really simple and all that is required is to import the customizations and register on our online service to get things going. You have guessed it right its a hosted service solution.

After the initial setup a tab is added to the entity for which emails are to be previewed. This tab contains all the emails and a preview pane. One can quickly go through each mail in grid and on selection the description along with attachments open up in the preview panel at the bottom. As simple as it sounds and as elegant as outlook’s reading pane, this email reading pane is a great tool for sales representatives struggling with hundreds of emails each day.

CRM Add-on

MS CRM Dynamics Online and claim based authentication

MS CRM 4.0 implementation often involves customization. This customization might be custom web application that open up inside CRM or some content from CRM that opens up in the web applications. If the customizations reside on the same machine as CRM then authentication is not an issue. However at times its is imperative that these custom applications reside on separate servers. This requirement would increase with custom applications pulling data from CRM moving to the cloud. There would be an increased requirement for  single sign on or claim based authentication using windows identity foundation. Moreover incase of custom application the security considerations of end users can only be satisfied with a robust security provider in place.

The purpose of this article and ones to follow in this series is to configure STS between the IP and RP. In this post I will configure a web application on windows azure and then will use Microsoft Federation Gateway as the IP by establishing STS between the application and STS service. This would enable the authentication of our azure application to be handled by third party identity provider and would also enable using windows live Id to log into our application. As the token received would be based on the live Id it can be used for claim based authentication. Unfortunately CRM Dynamics does not support claim based authentication so we will be using the SDK class ‘Wlidticket’ for the generation of ticket to be used for accessing CRM service. The only problem is that for the generation of this ticket we will have to use the LiveId and password. Ideally we should have used the claims for subsequent calls to CRM service and this is what we would do with CRM 2011 in the next article. This is huge because it would mean that external application would have a windows Live login and they will be able to pull up CRM data without having to store user credentials. Many of the applications I have seen today are rejected by consumers because they either require multiple logins or they store user credentials. However that is for the next article. In this blog we will have to live with what is available in CRM Dynamics online. Before we start with the actual scenario I just want to highlight that we are using the federation gateway so that we could use windows live authentication service and this requires WIF. If you are not hosting application on windows Azure then you can also use RPS (Relying Party Suite). Anyways so lets get to setting up our windows azure application and configuring STS. Usually service account is used for accessing the CRM service so setup the live id for the service account in CRM online. In-order to enable impersonation on CRM online assign the proxy role to the service account.

Here is the summary of steps we need to do:

1. Register the azure service DNS on Microsoft federation service,

2. Configure azure application to accept the windows live security token. This is done using WIF.

3. Configure CRM online for the service account and enable proxy account.

4. Configure azure to use ‘Wlidticket’ class from CRM 4.0 SDK and generate ticket to be used for accessing CRM online service.


1. Register the azure service DNS on Microsoft federation service:

a. Use the service account linked with live id to access

b. Keep in mind that here you would start with test platform(INT) however in-order to work with CRM online you will have to use production platform.

c. Register a new site on



d. DNS would be the unique identifier for your website. I am using as DNS in this example. DNS name has to be a unique URI. Use the address for your cloud application if it is already available. This can be modified later..

e. On submission you will se the confirmation page. Confirm and go to ‘Modify editable site properties’.

f. Modify the site properties. I have changed the DNS to a URN. Later we will use this in our cloud application to establish STS. Note the return Url is using https.This is because we will be using the MBI_FED_SSL authentication policy.


g. Domain name is ‘’ as we plan to deploy our application on Azure Cloud.

h. Set Override Authentication Policy field to MBI_FED_SSL.


i. Click Submit and confirm. You have successfully established STS between MSM live and your cloud application. Now we will setup the cloud application and configure it to receive token from STS service.


2. Configure azure application to accept the windows live security token:

a. Make sure you have WIF, VS 2010 and azure account.

b. Start with your cloud application. This blog is not going to cover the details of creating Azure applications. Once the cloud application is in place we need to first of all configure it to use HTTPS. Generate a certificate and add it to your cloud application on (you can use selfssl for this)

c. Configuring your cloud application to use this certificate requires modifying the role properties in cloud application using VS 2010.

d. Go to Web Role properties under the cloud service project and perform following:

         i ) Under certifications add the certificate that you just added to the

         ii) Under Endpoints check https and uncheck http. Choose the certificate we just added.

        iii) Under configuration setup trust level to Full Trust. Check HTTPS endpoint.

e. Add WIF classes to enable the cloud applicationto receive and process the claims.

Add following classes:

  • CustomIssuerTokenResolver.cs
  • WIFSampleRequestValidator.cs
  • Wlidticketforazure.cs

Use the link for the labs on WIF.

f. Add required assemblies for accessing CRM online webservice and using Identity Model. Keep in mind you will be deploying on cloud platform so you have to make sure Copy Local is “True” for all Dlls that you will need on Azure platform.

g. Add web reference for the crm web service.

h. Add STS reference to the windows Live STS. Right click on the Web Role and add STS. The federation utility will start.


In the application URI use the DNS name configured for the URN or azure application on

i. In the ‘Security Token Service’ screen specify “Use an Existing STS’ and copy paste this link.

j. Use no encryption and no chaining and click finish. A dialog would open up that federation utility finished successfully.

k. Update the default page to get the ticket that will be used for authentication.


string ticket = LiveIdTicketManager.RetrieveTicket("devicePassword(add anything here>", "", " (this is received in the claim)", "<passWord>", "MBI_SSL", LiveIdTicketManager.LiveIdEnvironment.PROD (use INT for INT environment, true, "hostedServiceName" (url for azure application));


3. Configure CRM online for the service account and enable proxy account:

a. Make sure you have the account setup on CRM online and it has the proxy role.

4. Deploy application on Azure

a. Deploy the cloud app on Azure.

5. Test Application

a. Access the azure application. If all is configured properly you will be redirected to the windows live login page. Once you have given the login credentials you will receive the claim in your default application.


I have tried to skip the details and the post is long as is so please let me know if you have any questions. Make sure that you look into WIF in some detail so that you have clear understanding as to what is going on with the ticket and claim.

Ideally speaking once we have the claim we should use it for authentication in other applications. However CRM Dynamics online does not support claims so we used the ticket thanks to the Microsoft for providing with this work around. The actual purpose of this blog is to set ground for using claims with CRM 2011 online as it supports claim based authentication. I will be writing about that soon. Happy coding !!!

Cloud and the offshore model

In my last post regarding Cloud computing I promised that i will be writing more on the Cloud. I work for a company with an offshore office so I would like to look at cloud computing from the this perspective. What effect would cloud computing have on companies that have offshore model and how do such companies need to change to adapt to Cloud environment.

Cloud computing is nothing new for resources who have worked in the offshore model. In one of my recent engagement as CRM project manager we worked by setting up VMs for my developers. One night one of my developers called me to check why they were not able to connect to one of the machines. I explained that the machines they connected to were not physically present in the office because they were in remote data center. It is something that we have been doing for years to enable our offshore teams to work from remote locations. Offshore resources work by connecting to remote machines.  These remote machines for them are somewhere in the “CLOUD”. When the offshore model was in its infancy and the VMs were not available we would setup separate machines but subsequently with VMs it became easier as hardware cost also reduced for this model. So the business model was simple “services at reduced cost”. Of course this only covers one aspect of Cloud computing and the more compelling selling pitch of increased computational power was never addressed by the early pioneers of the offshore model. I think it was mostly because most of the businesses would not buy the idea of having their mission critical data in offshore locations. Time has changed and who knows maybe a Cloud offering at reduced cost with data centers in Ireland, China or Pakistan would be a good business plan. Anyways so although companies with offshore model need to reorient themselves to take advantage of cloud computational power yet they have loads of experience working on remote machines and are familiar with the problems Cloud environment has to offer.

Offshore developers have a lot to offer as they have worked with remote machines, VPN setups, integration between offshore and on campus applications, Firewalls, security issues and workarounds, authentication on remote servers and Data migrations. I was recently in a conference where one of the presenters described the authentication and impersonation requirements for an application to talk to another application on windows azure platform. Although the methodology described was new but the problem was an old one. So as far as technical know how is concerned Cloud is something that offshore model would embrace.

As far as the business side is concerned I already mentioned in my last blog that the cost on services need to be reduced. One way of doing that could be by developing IP and the other is of course to reduce cost on resources and increase IRR. Offshore model inherently offers great IRR per resource but offshore teams don’t necessarily do a great job building products and reusable services. So when i look at cloud i feel it’s a new opportunity for companies that outsource work load as with Cloud the outsourcing model would be more acceptable. However it’s also a matter of companies, with offshore business models, stepping up and making a case of partnering with other businesses so that they could sell their expertise. In order to do this they need to train their resources to take advantage of Cloud infrastructure and build applications that leverage the computational power available. 

Overall i feel its exciting times to be in the IT business and more so for companies with offshore model. In fact I feel that with Cloud every business model is an offshore model.

Cloud – What the hype is all about

So you must have heard about the Cloud by now. You must have heard about it as a new happening phenomenon that is going to change the IT world. I would agree that it is going to have a significant impact on the existing business models in the IT industry. However it would only change our lives for good if we adapt to it quickly. Those who fear change and resist it at times tend to lose their edge because they fail to adapt to the ever changing world.

There are so many examples of companies from 8Os that do not exist anymore. Those that exist and have thrived changed as the world and specially the consumer was changing. Studies by Gartner and Forrester suggest the same about Cloud. These studies are available for review incase some of you want to get some stats on the Cloud future. The way i look at it is alot simpler than the complex studies conducted by these research organizations. As far as i am concerned its the consumer expectation that governs how the businesses run. IT consumers have started to question their IT spendings and they are tired of spending more on IT than on operations. At the end of the day the goal of every business is to make profit and continuous cost of IT infrastructure and services is something that never flies with CFOs. Does it mean that businesses are not going to spend on IT? Answer is obviously NO. Its just that businesses would consider other options. It does not mean that IT service providers are going to go out of business it just implies that they need to change to meet consumer expectations of spending less on IT and more on operations.

Lets pause for a second and look back to see how other industries evolved over time. Power industry went through the same evolution cycle. Factories used to own their power grids that supplied electricity for their needs. Subsequently power generation was centralized and now you have subscription based electricity model where you pay every month just for as much as you use. Similarly the mobile manufacturers changed their business model to subscription based model as it was not economical to sell their cell phones directly considering the manufacturing cost. IT industry is no different and the time has come to change. Businesses want to pay for the platform, infrastructure and services only when they use these services. According to one estimate we only use around 30% of the computational power we have although we spend alot on purchasing and maintaining the harware resources. There is enough evidence to suggest that Cloud is the future and i believe that we should prepare ourselves for this change.

Lets elaborate a little on what exactly do i mean when i say that we need to change to adapt to Cloud computing. It’s not that we only need to start training ourselves on Cloud platforms and start building applications for cloud but its also about understanding this change from the business perspective. It means that once our applications our up and running the returns our not going to be very high initially and its only the continuity with our customers that would reap us reward in the long term. It means that the cost for services has to be reduced to be profitable in IT. It means that the quality of applications we develop must improve to leverage the computational power of the Cloud. It means that IT companies must change the way they manage their clients so that they ensure client satisfaction over longer period of time. It means that IT companies need to streamline their processes to increase IRR per employee. It means the IT resources need to manage their time more efficiently. It is quite clear that the change is manifold and It would take sometime to devise methodologies for different business models that would work best with Cloud. However we need to start now to have an edge over our competitors. Every resource, irrespective of the role in industry need to start thinking  from the perspective of Cloud because it indeed offers lots of opportunities.  

In the end i just want to state that Cloud computing is nothing new atleaast for some of us (more on this in my next blog). It does not mean that we need to stop focusing on the on-premises  model. Its just that Cloud computing offers opportunities and only those that would recognize this would benefit from it.