If you are a Microsoft Dynamics 365 Online system administrator, you probably know that initial Dynamics 365 user setup is performed in the Office 365 portal and then configured within Dynamics 365. But you may not know that you can use the Security Groups feature in the Office 365 Portal to enable or disable Dynamics 365 access to custom groups of users you can create.
This feature can be useful for different scenarios, including:
- Limiting access for development or testing in non-production Dynamics 365 Online instances
- Restricting access to the Dynamics 365 Online production environment to system administrators only when importing a new solution set or other system maintenance
- Creating special groups for sales, service, or other business groups for more organized users management
There is actually a default security group that is pre-configured for Office 365 called System Administrators. This group includes all Office 365 users with global administrator rights.
Here’s how it works. You must have global administrator rights in the Office 365 Portal. If you do, log in to the Office 365 Portal with your credentials to the home page. Once logged in, do the following:
1. On the home page, navigate to Admin Center ❶ (Enlarge the menu on the left side) and select “Groups – Active Groups” ❷ on the navigation menu on the left side of the page.
Figure 1: Microsoft Office 365 Admin Center – Groups
2. This will take you to the Groups list. Navigate to the “Security“-tab, which will take you to the Security Groups management pages.
3. Left click on the [+ Add a group]-button to create a new group. This will open up a new window where you can enter your new security group name.
Figure 2: Office 365 – Security Groups
To create the group, begin with “Choose a group type” like in this case “Security”. Press the [Next]-button.
Figure 3: Group type
Enter a name for the group and add a description if you like. Press the [Next]-button.
Figure 4: Basics
The “Finish“-section opens. Make a review if everything is fine for you, then press the [Create group]-button.
Figure 5: Finish
This “New group created”-site opens. Press the [Close]-button.
Figure 6: New group created
After selecting the group, the window below will open on the right side. Navigate to the “Members“-tab. To add new “Owners” or “Members“, press “View all and manage ….”
Figure 7: Created group edit-section
Press “+Add” owners.
Figure 8: Add owners
A list with available owners is shown. Select the owner you want to add and press the [Add]-button.
Figure 9: Add owners
Do the same procedure with “Members” to add.
Voilà! Your new security group is created. Now, let’s use it to limit access to Dynamics 365 to our Testing Users. Select the “All admin centers” and click on “Dynamics 365 Apps“.
Figure 10: All admin centers
This site opens after selecting the correct environment. Press “Edit” to open the “Edit details” and then click the little pen.
Figure 11: Edit your security group
Now all groups are shown. Select the prepared group like in this case “TestUsers”. Press [Done] and [Save]. As long as the users in your group are licensed for Dynamics 365, access to your Dynamics 365 will be restricted to the users in the security group. Other licensed users inside of Dynamics 365 that are not in the security group will be disabled. To restore access, simply go back to the “Power Platform admin center” for that instance and clear the group name from the security settings.
Figure 12: Adding edited security group to Your Dynamics 365