Cloud Services – Bridging the gap between two Worlds

I wrote a blog, “Race to the Cloud”, about taking into consideration all the Pros and Cons before making a decision to build an application for cloud or hosting a service on the cloud. I got a lot of good feedback based on which I want to share what I see as the new trend in corporate world. The underlying theme, at least in my mind is the same as my previous blog but I will try to be more explicit in this one.

A friend of mine attended a CTO conference couple of years back and he shared that the theme for the conference was ‘New IT’. In reference to that conference, ‘New IT’ was about companies presenting newer versions of their solutions with additional functionality in front of CTOs in an effort to sell their products. However for me, based on feedback and discussions with a lot of friends and colleagues, “New IT” is about bridging the gap between consumer world and the corporate world. Making business applications that allow effective management of time yet are a lot of fun to use. Think of a CRM system that is as fun as Facebook. Yes there is a correlation as Facebook, in a way, is a contact management application. If that happens you will not have to check on employees to keep them from logging into Facebook in office hours. Mobile access to business applications that allows getting things done in a cool, sleek and time efficient manner. Applications that allow and facilitate team collaboration and insight. That is what New IT should be all about. In order to get there the race between Line of business applications in terms of functionality needs to end. Business applications no longer need to have a checklist of functionality with one application being better than the other based on additional features. The differentiator should be usability and design that makes the application likable. Users want to log back into applications not just because of pending work but also to explore additional functionality and enjoying the experience as they get their work done. Application still needs to provide functionality to get work done but the focus needs to be on user experience and customer delight.

“New IT” as defined above is where I see Cloud computing delivering on its promise. Applications hosted on the Cloud by Oracle, MSFT, Google or other service providers expose the functionality and features that address a business problem like CRM application helps manage customers, Agile PLM manages product life cycle, SharePoint manages documents and team collaboration, e-mail applications manage messages and go-to meeting or webex help manage meetings. These application are exposed via web services to end-users and Partners for them to use the functionality as well as extend the applications. Users and Partners can benefit from this opportunity to build add-ons, extensions, mobile applications and enhancements on top of the hosted platforms to improve user experience and make these applications fun to use. As the core functionality is already available so the focus needs to be on user interaction. This can help in bridging the gap between consumer and corporate space as IT team working for a start-up or tech savvy end-users are not bound to follow processes, procedures and get feature set approvals to have certain features/changes incorporated in the product lifecycle. Small Product companies leveraging cloud solutions are more likely to be innovative and creative about their offering than big corporate giants.

In MSFT eco-system, MSFT expects the partners to play the “New IT” solution provider role. In my viewpoint some of the challenges related to that are based on the way partners operate in addition to how MSFT pushed its cloud offering in the beginning. MSFT message related to Cloud offering always had an underlying theme of cost savings which in my viewpoint was not helpful. If MSFT had just focused on cloud offering as a recipe to undo the pains associated with managing and hosting applications that would have been a much stronger message. “MSFT cloud services to make your lives better by easy to manage and ready to go products” sounds better right? On the other hands as most of MSFT Partners, at least in CRM space, are service providers so they tend to align themselves with MSFT marketing message. Partners focused more on how to reduce CRM setup time and fulfill client expectations to pay less with cloud offering than on how to add more value. MSFT helped train partners on how to sell in waves and reduce sales cycle but not on how to leverage xRM to deliver more value. Independent Service Providers (ISVs) have built add-ons and applications but again the focus mostly has been on the feature set. I believe that going forward the companies that would flourish would focus mostly on “New IT” which is bridging the gap between corporate and consumer world. Building fun to use applications that make our lives better.

 

 

CRM 2011 Ribbon buttons

I recently implemented a functionality for one of our clients where they wanted help documents for each entity to be linked up to that entity. Help documents would reside in SharePoint and on ribbon button click the help document would open up. I documented that change and now I will just post the documentation here. I am sure it will help many interested in creating custom ribbons.

Help Documents – SharePoint

Custom Ribbons are created to link each entity with corresponding help document on the SharePoint site. Each entity that has a relevant help document available on SharePoint is linked via ribbon button. The purpose of the change is to allow users to get process related help on record creation for the entity that has help ribbon buttons.

Architecture

The overall architecture of this change is to link up each entity creation form in CRM with a custom page using ribbon button. This Custom page would open up the relevant help document on the SharePoint site based on entity on which the action was performed.

Implemented Solution

Here is the complete overview of the implemented solution:

Custom Ribbon

1. Generate ribbon Xml for all the ribbons in CRM using the sample provided in SDK. The location is provided in the document.

2. Ribbon Xml contains all the Groups for different entities. Each tab has all the groups and Scaling and Maxsize value of each group.

3. Under the tab identify the group where you want to add another group as shown in the figure below:

clip_image002[6]

4. Based on the structure in the generated ribbon Xml it is easy to create custom ribbon with the location and name. As part of this change we will create the group called “Help Group”.

5. Groups are added under the “CommandUIDefinition” section where the look and feel of Group and buttons inside the group is defined.

<RibbonDiffXml>

<CustomActions>

<CustomAction Id="Mscrm.Form.account.MainTab.CustomGroup.CustomAction"

Location="Mscrm.Form.account.MainTab.Groups._children"

Sequence="110">

<CommandUIDefinition>

<Group Id="Mscrm.Form.account.MainTab.CustomGroup.CustomHelpGroup"

Command="Mscrm.Form.account.MainTab.CustomGroup.Command"

Sequence="51"

Title="Help Group"

Description="$Resources(EntityDisplayName):Help document link"

Template="Mscrm.Templates.Flexible2">

6. The ‘Sequence’ in the Group tag defines where the group will appear on the CRM Entity Form.

7. Once we have added the Group then we add the buttons:

<Group Id="Mscrm.Form.account.MainTab.CustomGroup.CustomHelpGroup"

Command="Mscrm.Form.account.MainTab.CustomGroup.Command"

Sequence="51"

Title="Help Group"

Description="$Resources(EntityDisplayName):Help document link"

Template="Mscrm.Templates.Flexible2">

<Controls Id="Mscrm.Form.account.MainTab.CustomGroup.Controls">

<Button Id="Mscrm.Form.account.MainTab.CustomGroup.HelpButton"

Command="Mscrm.Form.account.MainTab.CustomGroup.HelpButton.Command"

Sequence="10"

LabelText="Xxx Help"

Image16by16="$webresource:xxx_HelpIcon16x16"

Image32by32="$webresource:xxx_HelpIcon32x32"

ToolTipTitle="Help document for users"

ToolTipDescription="This button opens up the help document."

TemplateAlias="o1" />

</Controls>

</Group>

8. Under the button we define the Command that executes once the button is clicked. The action that is performed on the button Click is then defined in the ‘CommandDefinition’ section.

<CommandDefinitions>

<CommandDefinition Id="Mscrm.Form.account.MainTab.CustomGroup.HelpButton.Command">

<EnableRules/>

<DisplayRules/>

<Actions>

<Url Address="$webresource:xxx_OpenXxxHelpEntityDocument" PassParams="true"/>

</Actions>

</CommandDefinition>

<CommandDefinition Id="Mscrm.Form.account.MainTab.CustomGroup.Command">

<EnableRules>

<EnableRule Id="Mscrm.Enabled"/>

</EnableRules>

<DisplayRules/>

<Actions/>

</CommandDefinition>

9. Similarly under the “Custom Actions” section we define other ‘CustomAction’ for MaxSize and Scaling.

<CustomActions>

<CustomAction Id="Mscrm.Form.account.MainTab.CustomGroup.MaxSize.CustomAction"

Location="Mscrm.Form.account.MainTab.Scaling._children"

Sequence="120">

<CommandUIDefinition>

<MaxSize Id="Mscrm.Form.account.MainTab.CustomGroup.MaxSize"

GroupId="Mscrm.Form.account.MainTab.CustomGroup.CustomHelpGroup"

Sequence="21"

Size="LargeLarge" />

</CommandUIDefinition>

</CustomAction>

<CustomAction Id="Mscrm.Form.account.MainTab.CustomGroup.Popup.CustomAction"

Location="Mscrm.Form.account.MainTab.Scaling._children"

Sequence="140">

<CommandUIDefinition>

<Scale Id="Mscrm.Form.account.MainTab.CustomGroup.Popup"

GroupId="Mscrm.Form.account.MainTab.CustomGroup.CustomHelpGroup"

Sequence="85"

Size="Popup" />

</CommandUIDefinition>

</CustomAction>

</CustomActions>

10. Once we have created the Custom Ribbon we will add the ‘RibbonDiffXml’ to Customizations exported from CRM.

Adding Custom Ribbon to Solution

1. In order to add Custom Ribbon created above to the entity we need to first of all create a Solution in CRM and add the desired entity to that solution.

2. Export that solution and open up the ‘Customization.xml’ file.

3. Each entity that supports Custom Ribbons would contain the ‘RibbonDiffXml’ tag that needs to be replaced with the Custom Ribbon that we created.

clip_image004[6]

4. Once we have added our ‘Custom Ribbon’ to the FormXml we can zip the Customizations.xml to make it part of the Solution and on importing that solution in CRM our changes will start appearing on the entity for which we have added the Custom Ribbon.

5. Here is the complete Ribbon Xml for ‘Account Entity’

<RibbonDiffXml>

<CustomActions>

<CustomAction Id="Mscrm.Form.account.MainTab.CustomGroup.CustomAction"

Location="Mscrm.Form.account.MainTab.Groups._children"

Sequence="110">

<CommandUIDefinition>

<Group Id="Mscrm.Form.account.MainTab.CustomGroup.CustomHelpGroup"

Command="Mscrm.Form.account.MainTab.CustomGroup.Command"

Sequence="51"

Title="Help Group"

Description="$Resources(EntityDisplayName):Help document link"

Template="Mscrm.Templates.Flexible2">

<Controls Id="Mscrm.Form.account.MainTab.CustomGroup.Controls">

<Button Id="Mscrm.Form.account.MainTab.CustomGroup.HelpButton"

Command="Mscrm.Form.account.MainTab.CustomGroup.HelpButton.Command"

Sequence="10"

LabelText="Xxx Help"

Image16by16="$webresource:xxx_HelpIcon16x16"

Image32by32="$webresource:xxx_HelpIcon32x32"

ToolTipTitle="Help document for users"

ToolTipDescription="This button opens up the help document."

TemplateAlias="o1" />

</Controls>

</Group>

</CommandUIDefinition>

</CustomAction>

<CustomAction Id="Mscrm.Form.account.MainTab.CustomGroup.MaxSize.CustomAction"

Location="Mscrm.Form.account.MainTab.Scaling._children"

Sequence="120">

<CommandUIDefinition>

<MaxSize Id="Mscrm.Form.account.MainTab.CustomGroup.MaxSize"

GroupId="Mscrm.Form.account.MainTab.CustomGroup.CustomHelpGroup"

Sequence="21"

Size="LargeLarge" />

</CommandUIDefinition>

</CustomAction>

<CustomAction Id="Mscrm.Form.account.MainTab.CustomGroup.Popup.CustomAction"

Location="Mscrm.Form.account.MainTab.Scaling._children"

Sequence="140">

<CommandUIDefinition>

<Scale Id="Mscrm.Form.account.MainTab.CustomGroup.Popup"

GroupId="Mscrm.Form.account.MainTab.CustomGroup.CustomHelpGroup"

Sequence="85"

Size="Popup" />

</CommandUIDefinition>

</CustomAction>

</CustomActions>

<Templates>

<RibbonTemplates Id="Mscrm.Templates"></RibbonTemplates>

</Templates>

<CommandDefinitions>

<CommandDefinition Id="Mscrm.Form.account.MainTab.CustomGroup.HelpButton.Command">

<EnableRules/>

<DisplayRules/>

<Actions>

<Url Address="$webresource:xxx_OpenXxxHelpEntityDocument" PassParams="true"/>

</Actions>

</CommandDefinition>

<CommandDefinition Id="Mscrm.Form.account.MainTab.CustomGroup.Command">

<EnableRules>

<EnableRule Id="Mscrm.Enabled"/>

</EnableRules>

<DisplayRules/>

<Actions/>

</CommandDefinition>

</CommandDefinitions>

<RuleDefinitions>

<TabDisplayRules />

<DisplayRules />

<EnableRules />

</RuleDefinitions>

<LocLabels />

</RibbonDiffXml>

Custom Ribbon Action

1. Now that we have the ribbon in place we need to define what action we want to perform on button click.

2. In the Custom Ribbon we have following actions defined

<Actions>

<Url Address="$webresource:xxx_OpenXxxHelpEntityDocument" PassParams="true"/>

</Actions>

3. This means that on button Click “xxx_OpenXxxHelpEntityDocument” resource will be instantiated and it will be passed the default parameters like ‘entitytypecode’.

4. We will add our custom ‘html’ page as a resource so that our page is launched on the button click.

5. The functionality to open up the Xxx Help Document is part of the Html Page.

Custom Page Opening Help Documents

1. Custom Html Page uses following scripts:

a. JSON

b. Rest library

c. MetaData

2. Custom Page receives the entitytypecode from the Custom Ribbon button and based on that it generates the documents name.

3. Custom page creates the URL for the document by fetching Absolute site URL of the SharePoint site from the ‘SharePointSite’ record. Name of the site containing the Absolute Url has to be ‘Default Site Collection’.

4. Custom Page appends the Relative Url of the SharePoint site by fetching it from the ‘SharePointSite’. This Relative Url is picked from the site that is tagged as ‘Default’ site.

5. In addition Custom Page appends the SharePoint library ‘Relative Url’ by fetching it from the ‘SharePointDocumentLocation’. The name of the record containing this Relative Url has to be ‘CRM_HELP_Docs’.

6. Custom page appends the name of the document after fetching the display name using the ‘Metadata’ library based on the ‘entitytypecode’ received in the parameters sent by Custom Ribbon. The name of the document has the convention "Xxx_Help_EntiydisplayName".

7. In case any one of these sites or library locations are missing Custom Page will throw an exception.

Error Handling

1. In case of any exception the window opened on Ribbon button click closes and the error message is displayed to the users

Deployment

Here are the deployment steps for this solution

Deployment using the Solution added to Project

1. Project already contains the solution for the entities that are part of the initial scope. In order to deploy this solution just import ‘XxxCustomHelpRibbon_1_0_0_0.zip’ file in the organization.

2. This is the unmanaged solution so in order to deploy on machines where the roll back is desired please do not use this method to deploy the solution.

Deploying using the Solution in CRM

1. XxxDev contain the ‘XxxCustomHelpRibbon’ solution. In order to deploy this solution on other environments just export this solution in ‘managed solution’ mode and import that solution in the desired environment.

MS CRM Dynamics Online and claim based authentication

MS CRM 4.0 implementation often involves customization. This customization might be custom web application that open up inside CRM or some content from CRM that opens up in the web applications. If the customizations reside on the same machine as CRM then authentication is not an issue. However at times its is imperative that these custom applications reside on separate servers. This requirement would increase with custom applications pulling data from CRM moving to the cloud. There would be an increased requirement for  single sign on or claim based authentication using windows identity foundation. Moreover incase of custom application the security considerations of end users can only be satisfied with a robust security provider in place.

The purpose of this article and ones to follow in this series is to configure STS between the IP and RP. In this post I will configure a web application on windows azure and then will use Microsoft Federation Gateway as the IP by establishing STS between the application and STS service. This would enable the authentication of our azure application to be handled by third party identity provider and would also enable using windows live Id to log into our application. As the token received would be based on the live Id it can be used for claim based authentication. Unfortunately CRM Dynamics does not support claim based authentication so we will be using the SDK class ‘Wlidticket’ for the generation of ticket to be used for accessing CRM service. The only problem is that for the generation of this ticket we will have to use the LiveId and password. Ideally we should have used the claims for subsequent calls to CRM service and this is what we would do with CRM 2011 in the next article. This is huge because it would mean that external application would have a windows Live login and they will be able to pull up CRM data without having to store user credentials. Many of the applications I have seen today are rejected by consumers because they either require multiple logins or they store user credentials. However that is for the next article. In this blog we will have to live with what is available in CRM Dynamics online. Before we start with the actual scenario I just want to highlight that we are using the federation gateway so that we could use windows live authentication service and this requires WIF. If you are not hosting application on windows Azure then you can also use RPS (Relying Party Suite). Anyways so lets get to setting up our windows azure application and configuring STS. Usually service account is used for accessing the CRM service so setup the live id for the service account in CRM online. In-order to enable impersonation on CRM online assign the proxy role to the service account.

Here is the summary of steps we need to do:

1. Register the azure service DNS on Microsoft federation service, msm.live.com.

2. Configure azure application to accept the windows live security token. This is done using WIF.

3. Configure CRM online for the service account and enable proxy account.

4. Configure azure to use ‘Wlidticket’ class from CRM 4.0 SDK and generate ticket to be used for accessing CRM online service.

 

1. Register the azure service DNS on Microsoft federation service:

a. Use the service account linked with live id to access http://msm.live.com

b. Keep in mind that here you would start with test platform(INT) however in-order to work with CRM online you will have to use production platform.

c. Register a new site on msm.live.com.

 

image

d. DNS would be the unique identifier for your website. I am using tayyab.cloudapp.net as DNS in this example. DNS name has to be a unique URI. Use the address for your cloud application if it is already available. This can be modified later..

e. On submission you will se the confirmation page. Confirm and go to ‘Modify editable site properties’.

f. Modify the site properties. I have changed the DNS to a URN. Later we will use this in our cloud application to establish STS. Note the return Url is using https.This is because we will be using the MBI_FED_SSL authentication policy.

image

g. Domain name is ‘Cloudapp.net’ as we plan to deploy our application on Azure Cloud.

h. Set Override Authentication Policy field to MBI_FED_SSL.

image

i. Click Submit and confirm. You have successfully established STS between MSM live and your cloud application. Now we will setup the cloud application and configure it to receive token from STS service.

 

2. Configure azure application to accept the windows live security token:

a. Make sure you have WIF, VS 2010 and azure account.

b. Start with your cloud application. This blog is not going to cover the details of creating Azure applications. Once the cloud application is in place we need to first of all configure it to use HTTPS. Generate a certificate and add it to your cloud application on windows.azure.com. (you can use selfssl for this)

c. Configuring your cloud application to use this certificate requires modifying the role properties in cloud application using VS 2010.

d. Go to Web Role properties under the cloud service project and perform following:

         i ) Under certifications add the certificate that you just added to the windows.azure.com.

         ii) Under Endpoints check https and uncheck http. Choose the certificate we just added.

        iii) Under configuration setup trust level to Full Trust. Check HTTPS endpoint.

e. Add WIF classes to enable the cloud applicationto receive and process the claims.

Add following classes:

  • CustomIssuerTokenResolver.cs
  • WIFSampleRequestValidator.cs
  • Wlidticketforazure.cs

Use the link for the labs on WIF.

http://channel9.msdn.com/Learn/Courses/IdentityTrainingCourse/WebSitesAndIdentity/WebSitesAndIdentityLab

f. Add required assemblies for accessing CRM online webservice and using Identity Model. Keep in mind you will be deploying on cloud platform so you have to make sure Copy Local is “True” for all Dlls that you will need on Azure platform.

g. Add web reference for the crm web service.

h. Add STS reference to the windows Live STS. Right click on the Web Role and add STS. The federation utility will start.

image

In the application URI use the DNS name configured for the URN or azure application on msm.live.

i. In the ‘Security Token Service’ screen specify “Use an Existing STS’ and copy paste this link.

https://nexus.passport.com/FederationMetaData/2007-06/FederationMetaData.xml

j. Use no encryption and no chaining and click finish. A dialog would open up that federation utility finished successfully.

k. Update the default page to get the ticket that will be used for authentication.

 

string ticket = LiveIdTicketManager.RetrieveTicket("devicePassword(add anything here>", "crm.dynamics.com", "serviceAccount@live.com (this is received in the claim)", "<passWord>", "MBI_SSL", LiveIdTicketManager.LiveIdEnvironment.PROD (use INT for INT environment, true, "hostedServiceName" (url for azure application));

 

3. Configure CRM online for the service account and enable proxy account:

a. Make sure you have the account setup on CRM online and it has the proxy role.

4. Deploy application on Azure

a. Deploy the cloud app on Azure.

5. Test Application

a. Access the azure application. If all is configured properly you will be redirected to the windows live login page. Once you have given the login credentials you will receive the claim in your default application.

 

I have tried to skip the details and the post is long as is so please let me know if you have any questions. Make sure that you look into WIF in some detail so that you have clear understanding as to what is going on with the ticket and claim.

Ideally speaking once we have the claim we should use it for authentication in other applications. However CRM Dynamics online does not support claims so we used the ticket thanks to the Microsoft for providing with this work around. The actual purpose of this blog is to set ground for using claims with CRM 2011 online as it supports claim based authentication. I will be writing about that soon. Happy coding !!!