• Release History
  • Documentation
  • Back to www.mscrm-addons.com
  • Release History
  • Documentation
  • Back to www.mscrm-addons.com
home/Knowledge Base/DocumentsCorePack(DCP)/User privilege requirement for the AttachmentExtractor Online Service

User privilege requirement for the AttachmentExtractor Online Service

131 views 0 Updated on July 25, 2022

In this article, we want to describe which minimum privileges are necessary for the user defined in the AttachmentExtractor Service Online Configuration.

AttachmentExtractor Service with Server2Server connection:

Server2Server connections are named user connections, where only the privileges of the user, that have been defined for the service are evaluated by security.

While creating the AttachmentExtractor Service this Server2Server user must have

  • SystemCustomizer privileges and
  • mscrm-addons.com security roles

After the installation, you could remove the SystemCustomizer role from the user, but it is not recommended because sometimes we need to update the AttachmentExtractor solutions.

AttachmentExtractor Service with AppAccess connection

AppAccess connections are based on the “act on behalf of another user” privilege management. The AppAccess connection requires as many privileges as any user requires for the use of the product. Security for “act on behalf of” is determined by matching privileges present on BOTH the impersonated user and the “act on behalf of user”. Privileges only present on one user are ignored by Dynamics.

While creating the AttachmentExtracotr Service this AppAccess user must have

  • SystemCustomizer privileges and
  • mscrm-addons.com security roles

After the installation, you could remove the SystemCustomizer role from the user, but it is not recommended because sometimes we need to update the AttachmentExtractor solutions.

AttachmentExtractor Service SharePoint Integration

If you want to extract to a SharePoint location you need to use a user for the configuration with the following privileges.

The SharePoint user must always be able to log in to the root site of SharePoint. (Not see any data, but be able to logon without any error)

The user must have modify rights to the target folder. If the product is configured to create SharePoint folder information, the same rights are required for any existing libraries and folders in all possible target paths.

The SharePoint user must be able to call the SharePoint REST API with a POST to /_api/contextInfo

If the AttachmentExtractor service has the setting “Create SharePoint attributes” set to true, then the SharePoint user must be able to read the attribute metadata on the library level and write attribute values.

Tags:privilegessecurity rolesAttachmentExtractor

Was this helpful?

Yes  No
Related Articles
  • Template Management in DocumentsCorePack 
  • “Undefined”-labels in Chrome 114 and higher
  • Generate large documents using the Multipart-feature of DocumentsCorePack 
  • How to automate the E-signature process via Power Automate
  • Technical Description: The AutoMergeWorkingItem (AMWI) 
  • Dataverse Online OData v2.0 endpoint removal for custom “ExportToWord” Button
Leave A Comment Cancel reply

You must be logged in to post a comment.

Latest Articles
  • Template Management in DocumentsCorePack 
  • “Undefined”-labels in Chrome 114 and higher
  • Integrating JSON data into documents
  • Generate large documents using the Multipart-feature of DocumentsCorePack 
  • Recap: DynamicsMinds Conference 2023
Popular Articles
  • DocumentsCorePack Template Designer – Getting Started
  • Where do I find the Unique Organization name in Microsoft Dynamics 365?
  • Step-by-Step: How to configure a One-Click-Action
  • mscrm-addons.com Application Access for Dynamics 365 (App Access) – DocumentsCorePack
  • DocumentsCorePack Online Service Configuration
Top Rated Articles
  • IMPORTANT information for Dynamics 365 online customers using DocumentsCorePack and/or AttachmentExtractor
  • How to activate the DocumentsCorePack connector for PowerApps & Microsoft Flow
  • Step-by-Step: How to configure a One-Click-Action
  • “Undefined”-labels in Chrome 114 and higher
  • “Blocked by Conditional access” error in Azure Active Directory
Categories
  • *News and General Infos* 52
  • Webinars 36
  • Template Designer(DCP 181
  • DocumentsCorePack(DCP 198
  • TelephoneIntegration (TI 65
  • AttachmentExtractor (AE 62
  • PowerSearch (PS 48
  • ActivityTools (AT 59
  • SmartBar (SB 53
  • GroupCalendar (GC 46
Our Vision

“We see it as our purpose to provide products that simplify and speed up our customers’ Microsoft Dynamics 365 experience.”

Knowledgebase
LogIn
mscrm-addons.com
  • Products
  • Online Shop
  • Downloads
  • My Account
About Us
  • About Us
  • Case Studies
  • Newsletter
  • Partner Program
  • Contact
Support
  • Support
  • Terms & Conditions
  • Documentation
  • Webinars
  • Legal Documents
  • Impressum
  • © 2022 www.mscrm-addons.com. All Rights Reserved.