New Platform DLP Capabilities

DLP (or Data Loss Prevention) is a very important capability in the Power Platform. With being able to bring together multiple data sources, both within the Microsoft technology stack as well as from other providers gives users amazing capabilities.

However with such great capabilities comes great responsibility. Of course, we trust users to be able to make proper judgements as to how different data sources can be used together. But certain industries require proper auditing around this, and so being able to specify DLP policies are extremely important to any governance team.

Being able to set how data connectors can be used together (or, in the reverse, not used together) across both Power Apps as well as Power Automate flows is imperative in any modern organisation.

To date, Power Platform DLP capabilities have existed that allow us to be able to categorise connectors (whether Microsoft provided or custom) into three categories. These categories specify how the connectors are able to function – they’re able to work with other connections that are in the same category group, but cannot work with connectors that are in a different category group.

So for example, it’s been possible to allow a user to create a Power App or a Power Automate flow that interacts with data from Dataverse, but cannot interact with Twitter (in the same app or flow).

With this approach, it’s possible to create multiple DLP policies, and ‘layer’ them as needed (much like baking a 7 layer cake!) to give the functionality required per environment (or also at the tenant level).

Now this has been great, but what has been missing has been the ability to be more granular in the approach to this. What about if we need to read data from Twitter, but just push data out to Twitter?

Well, Microsoft has now iterated on the DLP functionality available! It’s important to note that this is per connector, and will depend on the capabilities of the connector. What we’re now able to do is to control the specific actions that are contained within a connector, and either allow or not allow them to be able to be utilised.

Let’s take the Twitter connector as an example:

We’re able to see all of the actions that the connector is capable of (the scroll bar on the side is a nice touch for connectors that have too many actions to fit on a single screen!). We’re then able to toggle each one to either allow or disallow it.

What’s also really nice are the options for new connector capabilities.

This follows in the footsteps of handling connectors overall – we’re able to specify which grouping they should come under (ie Business, Non-Business, or Blocked). As new connectors are released by Microsoft, we don’t need to worry that users will automatically get access to them.

So too with new actions being released for existing connectors (that we’ve already classified). We’re able to set whether we want them to be automatically allow, or automatically blocked. This means that we don’t need to be worried that suddenly a new connector action will be available for users to use, that they perhaps should not be using.

From my perspective, I think that any organisation that’s blocking one or more action capabilities for a connector will want this to be blocked by default, just to ensure that everything remains secure until they confirm whether the action should be allowed or not.

So I’m really pleased about this. The question did cross my mind as to whether it would be nice to be able to specify this on a per environment basis when creating a tenant-level policy, but I guess that this would be handled by creating multiple policies. The only issue I could see around this would be the number of policies that could need to be handled, and ensuring that they’re named properly!

Have you ever wanted these capabilities? How have you managed until now, and how do you think you’ll roll this out going forward? Drop a comment below – I’d love to hear!

Environment types, capabilities & backups

Interesting title to start a blog post with, right? I can’t tell you how much I tried to work out what to call this, but then I figured that I’d just put at a high level what I’m going to be talking about!

So let’s start at the beginning. Environments within Dataverse. An environment is essentially a container for all sorts of different components, such as data models, apps, code, etc.

Examples of what an environment can contain

Within the Power Platform, there are different types of environments. As a quick recap, currently we have the following:

  • Default. Every Power Platform tenant has a default environment. We of course shouldn’t be using this for any proper development!
  • Production. Used for any Line of Business application
  • Sandbox. A sandbox environment is any non-production Dataverse environment. Isolated from production, a sandbox environment is the place to safely develop and test application changes with low risk.
  • Trial. Used to take out a trial
  • Trial (Subscription Based). Used to take out a trial when there’s subscription licensing in place
  • Developer. Personal environment, limited to one user. Previously called the Community plan.
  • Teams. Used when an app is created within Teams, to use a Dataverse for Teams environment. Doesn’t have full Dataverse capabilities, and has various limitations
  • Support. Only able to be created by Microsoft support during a support case. Is essentially a clone of an existing environment, used for diagnosis purposes.

Now, sandbox & production environments are automatically backed up – backups occur continuously, using Azure SQL Databases underneath. It’s also possible to create a manual backup instance of an environment as well, which usually takes a few seconds to carry out (restoring a backup, on the other hand, takes quite a bit longer…).

When restoring an environment, it’s not possible to restore to a production environment (though the backup could be from a production environment). It’s only possible to restore the backup to a sandbox environment – you’d then need to promote the environment from sandbox to production.

Let’s move away from backups for a moment. When we create an environment, we have the ability to select that the environment should be enabled for Dynamics 365:

This is actually a REALLY IMPORTANT CONSIDERATION! At this point in time, it’s not possible to update from a Power Platform Dataverse environment to then bring in Dynamics 365 capabilities. What this means is that if an organisation starts with just Power Apps, and then wants to expand into using Dynamics 365, IT’S NOT POSSIBLE TO DO THIS NATIVELY. Even Microsoft Support can’t do anything around this – you’d need to create a new environment, enable it for Dynamics 365, and then restore a backup to it.

It’s something that a lot of us would like be in place, but we’re not sure if it’ll ever come about. This is a tweet of mine from 2019 that Charles Lamanna responded to (I was SO thrilled that he actually responded to me!!):

https://twitter.com/clamanna/status/1176629306484637696

However, it’s still not in place. As a result, we recommend to all clients that when they deploy a Dataverse environment, they toggle the switch above (Note: A Dynamics 365 license is NOT needed to toggle this). Once this has been toggled (without deploying any of the Dynamics 365 apps), the Dynamics 365 apps and functionality can be installed/deployed at a later point in time.

There are actually various capabilities, such as the Data Export Service (yes, I know it’s now been deprecated) that actually relied on having the environment enabled as a Dynamics 365 environment in order to work. We found this out the hard way at a client, and had to do an overnight environment re-build to get the capabilities in place.

But there’s one other thing to consider around the differences between a native Dataverse environment, and an environment which has been enabled for Dynamics 365. This is around backups.

Now, backups are of course very important (thankfully they now occur automatically, as mentioned above – I remember my onpremise days when needing to run these manually!). But there are also some important differences for backup behaviour when it comes to environment types. See, it turns out that environments aren’t actually equal in backup behaviour. This is what actually happens:

  • Sandbox environments (all types) – backups retained for 7 days
  • Dataverse production environment (not enabled for Dynamics 365) – backups retained for 7 days
  • Dataverse production environment (enabled for Dynamics 365) – backups retained for 28 days

See that? Having Dynamics 365 enabled for an environment gives you FOUR TIMES as much backup retention time! That’s incredible!

Dataverse Environment enabled for Dynamics 365 – 28 days of backups available!

So not only are you able to then upgrade to Dynamics 365 applications at a later date, you then also have more peace of mind (hopefully you don’t need to use it though!) around keeping backups for longer.

This is really cool – I hope it helps you plan your environment implementation strategy! Have you ever come up against issues when using environments, or the type/s of environment? Drop a comment below – I’d love to hear!

Staying up to date with release information

Microsoft releasing new functionality can be an interesting experience, to say the least. As a cloud platform (SAAS – Software As A Service), functionality is released the entire time. A user could log off on Friday for the weekend, and come back on Monday morning to find that something has changed slightly, or a new button is present in the interface. Over time, most of us have come to accept this.

However this is for the ‘smaller’ functionality parts within the system, whether that’s Dynamics 365, or Power Platform related. There are of course two MAIN release announcements each year. These are the Wave 1 (Spring) and Wave 2 (Autumn) release windows, with information announced about what is included in each one publicly. This information usually starts to be available around 4-6 weeks or so before the release starts to hit.

Now that’s not to say that everything within a Wave release is released in a ‘Big Bang’ moment. Far from it actually, based on my experience. Microsoft will announce what is coming as part of the Wave release, along with projected timeframes as to when it will be available. Obviously, just because it’s been announced for Day X doesn’t mean that actually happens, at least for some of the time.

But there’s an inherent time-sink to being on top of all of this information. Firstly, people need to download the Wave release information (there’s one for Dynamics 365, and a second one for Power Platform), wade through all of the information, and somehow then remember it. Let’s just say that this can be challenging for a lot of people…

But what if there was somewhere where we could track this? Well, to date there hasn’t been, at least not until now.

Microsoft have created & made available the ‘Dynamics 365 & Power Platform Release Planner’, which can be found at https://experience.dynamics.com/releaseplans:

So just as a start, this is already MUCH better than the downloadable PDF documents for wave release information (admittedly the information is also available online as a Microsoft document, but still it’s lacking in certain areas).

But there’s more to this functionality than simply presenting a list of areas. Let’s take a look into some of these.

To begin with, there’s the sitemap on the left hand side. This allows us to select a specific area of interest, whether it’s Dynamics 365 or Power Platform (amusingly this reminds me a little of a model-driven app!).

Once in an area, we can then select between Planned features, Coming Soon features, and Try Now features by using the options in the menu bar. This is a nice little piece of functionality, in my opinion, allowing us to see what falls under each ‘category’:

By default, the items are displayed in a list format. However, we’re also able to toggle the view from the menu bar to a release date format, which shows us all items grouped by release month:

There’s also some filtering functionality, allowing us to narrow down the results even further:

Opening a line item (regardless of whether it’s being displayed as a list, or arranged by date) will give further information around the specific item. It also includes a lovely little timeline widget, showing the release dates information, as well as where it’s actually up to currently (which I think is great to have it as a visual reference!):

In here, links are included to documentation around the release overview, as well as specific documentation around the selected functionality item.

Now if this was all that there was, I think that truthfully I would be quite satisfied. It’s a much more modern interface, and really looks nice. I know that various colleagues of mine would be quite satisfied as well.

But….it doesn’t stop there. There’s something else, which is really the cherry on top of the cake icing! So what is it? Well, it’s the ability to create a PERSONALISED release plan information overview.

So on each item of functionality, there’s a button called ‘+ To my plan’:

Note: You do need to be signed into the portal to have this option available to you

Clicking this will add it to a personalised release plan, which you can access from the left-side menu. Here, all of the items that you’ve selected will show up. This is really cool, I think, as it allows you to see the overall picture, but also then focus on just the areas that you’re interested in:

It’s still got all of the functionality available for filtering, date/item sorting, etc. It’s also possible to toggle back to the ‘main’ view of all release information.

So in summary, I think that this is really cool. Admittedly (as it says on the site), it’s in BETA currently. I’m hoping that it’ll stick around, and come out of Beta pretty soon! Regardless, I’m definitely starting to make use of this already in tracking the upcoming features that I’m interested in.

Updates to the Power Platform Admin Center

There’s a saying amongst seasoned IT professionals who deal with Microsoft software. It goes something like this – ‘Why make do with one admin centre, when you could just have MULTIPLE admin centres to carry out functions!’.

It’s a bit of a tongue-in-check response to the numerous different admin centres that Microsoft technology seems to have. Now, I/we totally understand that over time, different (standalone) products have come together to co-exist, but their administration centres still differ.

Over time, Microsoft has been applying efforts to make them work better together, but it can still sometimes be quite frustrating not to know exactly where to go to in order to carry out specific function/s, or not to be able to see capabilities holistically overall in a single place.

So for example, we have:

  • Microsoft 365 Admin Centre
  • Power BI Admin Centre
  • Power Platform Admin Centre (which, for Dynamics 365 deployments, still leads users to the Classic Advanced Settings for some of the functionality…)
  • etc….

Now when it comes to Power Platform related items, admins would usually go to the Power Platform Admin Centre (which though it has a URL of admin.powerplatform.com, this auto-resolves to admin.powerplatform.microsoft.com – I have no idea why this is, given that no other admin centre seems to have this structure in place….another mystery…)

From here, we’d be presented with a list of environments, similar to the screenshot below:

The menu on the left hand side gave us a few of the different admin centres that we’re able to switch to. Alternatively, we could expand the overall menu to show us more capabilities, including other apps that we may wish to access:

So this is what we’ve been used to for the last few years. Essentially, information in different areas, and we’d need to go to each admin centre to find out what’s happening. So for example, if a Power Platform Admin user wanted to see any health advisories, they’d need to go to the Microsoft 365 Admin Centre to view the Service Health area there.

Not anymore! As part of the focus on unifying information across admin centres, Microsoft has now updated the functionality for this!

Now, with the new functionality, there’s a Home screen. On this, information is able to be presented to users, as well as applying one of several themes to the interface, such as a rainbow:

Now, in terms of information available to users, these are presented as ‘cards’. Within each card, information is shown, based on the card type:

At the moment, there are three cards to choose from:

Service Health

This section outlines any service health issues, such as outages or advisory information that users should be aware of. Clicking through it will bring users to the Service Health section of the Microsoft 365 Admin Centre:

From here, users can choose to switch across to other categories, such as Incidents, History & Reported Issues.

It’s (at least) one less click from the previous method, and I’m quite liking this. In my mind, it’s about making the information as accessible as possible (leaving aside that I think that Power Platform specific alerts should actually show within the Power Platform Admin Centre…)

Message Center

The second section is the Message Center. Here we’re able to see specific messages (yes, I know I have a LOT of messages sitting here!), and clicking on them will bring up the corresponding information directly within the same interface (which again, I’m really liking). So for example:

Nicely for messages, we also have options to filter the types of services that we want to see here. This, in my mind, is quite important, as we wouldn’t want Power Platform admins to be overwhelmed by messages that have absolutely no (usual) interest for them:

We also have the ability to specify which email notifications we want to be receiving. Again, we may be interested in some non-Power Platform notifications, but not want to see them directly within the Power Platform Admin Centre. Instead, we can specify to receive these via email – another nice touch!

Documentation

Finally, we have linked out to various Power Platform (& Dynamics 365) related resources on the Microsoft website. These are all static (ie they’re provided by Microsoft), but hopefully in the future admins will have the capability to add custom links to other resources as well.

What is nice about the documentation section though is that it’s got linked to the various Community forums. Microsoft has recently started to promote these within the products, and they can be a very helpful resource at times to be able to use!

There are also links to the Microsoft Centre of Excellence toolkit, which is a great resource that organisations should look to implement.

All in all, I think that this is a VERY good start to things. I’m hopeful that with Microsoft implementing this ‘home screen’ functionality with the ability to add cards to it, there will be additional cards that are released, bringing more information & functionality into the interface. I’m also hopeful that Microsoft will allow admins to add custom functionality here as well.

It’s a good first step – now let’s wait to see how this functionality iterates over time, and hopefully enables admin users in better ways!

‘Swarming’ for Customer Service

You might be wondering as to what I mean by ‘swarming’ in the title for this post. Don’t worry – it’ll become clear pretty soon! But first of all, let’s understand the story behind this new functionality.

Where to begin? Well, let’s take a look within an organisation. It doesn’t really matter what sort of organisation it is, as most organisations will have something similar scenarios overall. So, what are we actually talking about?

Customer Service is, of course, a very important functionality of any organisations. Customers who have purchased products may need support, or perhaps are having issues, and need them to be resolved. Customer service agents are there to handle the customer queries, and look to resolve them as soon as possible.

However, it’s possible that the customer service agents don’t actually know how to resolve the customer query/issue themselves. They can, of course, use the Knowledge Base, but that requires knowledge articles to be created & maintained.

Now within the organisation, there will be SME’s (Subject Matter Experts). These are the people who know the matter in precise detail, often being the people who have created the product and/or process to begin with. But these people aren’t usually carrying out the customer service function.

So what this means is that the customer service agents need to try to work out who might actually know the answer/s, be able to help resolve the customer issue, etc. This can take time, be laborious, and perhaps not even be able to be carried out (depending on the organisation).

Hmm. So, what if the system might be able to actually SUGGEST the right people for a problem or issue? Even better, what if the system could support them being involved directly with the record/s, regardless of whether they’re a user within Dynamics 365 or not?

Enter the swarming capability onto the Dynamics 365 scene….

The aim of swarming is to bring together the necessary experts within Dynamics 365. Now, having said that, not all users will actually be interacting directly within Dynamics 365. What happens is that a specific Teams chat is created, so that users outside of the system can see the necessary information, and give input on the situation.

This builds on the existing functionality of being able to use Teams chats directly within Dynamics 365, but takes it to a whole new level, by having the system automatically suggest relevant people within the organisation, and bring them into the swarm chat!

There are some necessary steps to configure to enable this to happen.

Firstly, Teams needs to be enabled within Dynamics 365:

Once we start to turn things on, we can then see the following. This allows us to be able to specify the types of records that we can use swarming on. This is great, as we may be building out custom functionality using other tables, and can enable swarming on these as well

Once Teams chat has been enabled, we can then start setting up the swarming capabilities:

As part of the setup, we have:

  • The ability to set the general message that users will see when they create a swarm
  • Activating the case form that’s used for swarming (as this will include the functionality for swarming on the case form)
  • A Power Automate flow that will be used for sending notifications & invites within Teams for suggested (internal) users
  • Creating swarm condition rules, which allows us to bring in specific conditions around skills etc

So, how does this work in practise, once the system has been initially configured?

Users can go to the relevant record, such as a case record. They’re able to select the ‘Create swarm’ from the menu bar:

This then allows the user to provide a summary of what the swarm is for, the scenario, as well as selecting the skills needed for the swarm. Dynamics 365 can also suggest skills that it thinks would be helpful as well:

Users from across the organisation are matched, according to the skills identified:

Notifications are sent to them within Teams, requesting their help with the matter:

When they accept the invitation, they’re then brought into the swarm:

In fact, the members of the swarm aren’t actually accessing the swarm information within Dynamics 365. Instead, they’re seeing & interacting with the swarm within Teams itself!

Once the swarm is active, information can be shared, and a solution found. The swarm can then be successfully closed down:

This is truly amazing. Obviously collaboration on issues is important, especially when considering that we’re trying to resolve customer issues as quickly as possible! I’m also really excited about this, as I was part of the initial group that Microsoft reached out to initially for feedback on the capabilities of it.

To now be able to collaborate with users who sit outside of Dynamics 365, but have them access the necessary information to help resolve things, is just mind-blowing. So many scenarios that come to mind as to how this can really empower organisations!

Can you think of a way in which this could change things in your own organisation, or at a client? Drop a comment below – I’d love to hear more!

Security Roles & Assigning Records

Let’s face it, and call a spade a spade (or a shovel, depending on where in the world you happen to be). Security roles are very important within Dataverse, to control what users can (& can’t!) do within the system. Setting them up can be quite time-consuming, and troubleshooting them can sometimes be a bit of a nightmare.

Obviously we need to ensure that users can carry out the actions that they’re supposed to do, and stop them doing any actions that they’re not supposed to do. This, believe it or not, is generally common sense (which can be lacking at times, I’ll admit).

Depending on the size of the organisation, and of course the project, the number of security roles can range from a few, to a LOT!

Testing out security can take quite a bit of time, to ensure that testing covers all necessary functionality. It’s a very granular approach, and can often feel like opening a door, to then find another closed door behind the first one. Error messages appear, a resolution is implemented, then another appears, etc…

Most of us aren’t new to this, and understand that it’s vitally important to work through these. We’ve seen lots of different errors over our lifetime of projects, and can usually identify (quickly) what’s going on, and what we need to resolve.

Last week, however, I had something new occur, that I’ve never seen before. I therefore thought it might be good to talk about it, so that if it happens to others, they’ll know how to handle it!

The scenario is as follows:

  • The client is using Leads to capture initial information (we’re not using Opportunities, but that’s a whole other story)
  • Different teams of users have varying access requirements to the Leads table. Some need to be able to view, some need to be able to create/edit, and others aren’t allowed to view it at all
  • The lead process is driven by both region (where the lead is located), as well as products (which products the lead is interested in)

Now, initially we had some issues with different teams not having the right level of access, but we managed to handle those. Typically we’d see an error message along the following lines:

We’d then use this to narrow down the necessary permissions, adjust the security role, re-test, and continue (sometimes onto the next error message, but hey, that’s par for the course!).

However, just as we thought we had figured out all of the security roles, we had a small sub-set of users report an error that I had NEVER seen before.

The scenario was as follows:

  • The users were able to access Lead records. All good there.
  • The users were able to edit Lead records. All good there.
  • The users were trying to assign records (ie change the record owner) to another user. This generally worked, but when trying to assign the record to certain users, they got the following error:

Now this was a strange error. After all, the users were able to open/edit the lead record, and on checking the permissions in the security role, everything seemed to be set up alright.

The next step was to go look at the error log. In general, error logs can be a massive help (well, most of the time), assuming that the person looking at it can interpret what it means. The error log gave us the following:

As an aside, the most amusing thing about this particular error log, in my opinion, was that the HelpLink URL provided actually didn’t work! Ah well…

So on taking a look, we see that the user is missing the Read privilege (on what we’re assuming is the Lead table). This didn’t make sense – we then went back to DOUBLE-check, and indeed the user who was trying to carry out the action had read privileges on the table. It also didn’t make sense, as the user was able to open the lead record itself (disclaimer – I’ve not yet tried doing a security role where the user has create/write access to a table, but no read access..I’m wondering what would happen in such a scenario)

Then we had a lightbulb moment.

photo of bulb artwork

In truth, we should have probably figured this out before, which I’ll freely admit. See, if we take a look at the original error that the user was getting, they were getting this when trying to assign the record to another user. We had also seen that the error was only happening when the record was being assigned to certain users (ie it wasn’t happening for all users). And finally, after all, the error message title itself says ‘Assignee does not hold the required read permissions’.

So what was the issue? Well, it was actually quite simple (in hindsight!). The error was occurring when the record was being attempted to be assigned to a user that did not have any permissions to the Lead table!

What was the resolution? Well, to simply grant (read) access to the Lead table, and ensure that all necessary users had this granted to them! Thankfully a quick resolution (once we had worked out what was going on), and users were able to continue testing out the rest of the system.

Has something like this ever happened to you? Drop a comment below – I’d love to hear the details!

MB-260: Microsoft Customer Data Platform Specialist

It’s been a while since I’ve taken an exam. Admittedly, this is for two reason. Firstly, the renewal process for exams now (as updated last year) is not to take it again, but rather to re-qualify through Microsoft Learn. The second reason is that I’ve been waiting for some new exams to come out (OK – there’s the DA-100, which is still on my list of things to do…).

Well, there’s a new exam on the block. In fact, it’s a different type of exam – this is a ‘Speciality’ exam, rather than focusing on a specific type of application. It’s the first of its kind, though there are likely to be more to follow in the future.

It’s the MB-260, which is all around Customer Data. That’s right – it’s not about how to do sales, or customer service, or something else. It’s about taking the (holistic) approach to ALL of the data that we can hold on customers, and do something with it.

The official page for it is at https://docs.microsoft.com/en-us/learn/certifications/exams/mb-260https://docs.microsoft.com/en-us/learn/certifications/exams/mb-260. The specification for it is:

Candidates for this exam implement solutions that provide insights into customer profiles and that track engagement activities to help improve customer experiences and increase customer retention.

Candidates should have firsthand experience with Dynamics 365 Customer Insights and one or more additional Dynamics 365 apps, Power Query, Microsoft Dataverse, Common Data Model, and Microsoft Power Platform. They should also have direct experience with practices related to privacy, compliance, consent, security, responsible AI, and data retention policy.

Candidates need experience with processes related to KPIs, data retention, validation, visualization, preparation, matching, fragmentation, segmentation, and enhancement. They should have a general understanding of Azure Machine Learning, Azure Synapse Analytics, and Azure Data Factory.

Note that there’s quite a bit of Azure in there – it’s not just about Power Platform, Dataverse, or Dynamics 365. People who handle reporting on customer data should have various Azure skills as well.

There’s also a new type of badge that will be available:

At the time of writing, there are no official Microsoft Learning paths available to use to study. I do expect this to change in the near future, and will update this article when they’re out. However the objectives/sub-objectives are available to view from the main exam page, and I’d highly recommend going ahead & taking a good look at these.

As in my previous exam posts, I’m going to stress that it’s not permitted to share any of the exam questions. This is in the rules/acceptance for taking the exam. I’ve therefore put an overview of the sorts of questions that came up during my exam. (Note: exams are composed from question banks, so there could be many things that weren’t included in my exam, but could be included for someone else! ). I’ve tried to group things together as best as possible for the different subject areas.

Overall, I had 51 questions, which was towards the higher number of questions that I’ve experienced in my exams over the last year or so. There was only a single case study though.

Some of the naming conventions weren’t updated to the latest methods, which I would have expected. I still had a few references to ‘entities’ and ‘fields’ come up, though for the most part ‘tables’ and ‘columns’ were used. I guess it’s a matter of time to get everything up to speed with it.

  • Differences between Audience Insights and Engagement Insights
    • What are the benefits of each
    • When would you use each one
    • What types of users will benefit from each type
    • How to create customer insights
  • Environments
    • Types of environments
    • How to create a new environment
    • What options are available when creating an environment
    • What is possible to copy from an existing environment
  • Relationships
    • Different types of relationships
    • What is each one used for
    • Limitations of different relationship types
  • Business level measures vs customer level measures
    • What each one is, and what they’re used for
  • Power Query
    • How to use
    • How to configure
    • How to load data
  • Data mapping
    • Different types available to use
    • Scenarios each type should be used for
    • Limitations of each type
    • How to set it up
  • Segments
    • What are segments, how are they set up, how are they used
      What are quick segments, how are they set up, how are they used
      What are segment overlaps, how are they set up, how are they used
      What are segment differentiators, how are they set up, how are they used
  • Measures
    • What are measures, how are they set up, how are they used
  • Data refresh
    • Automated vs manual options
    • Limitations of each type
    • Availability of each type
    • How to set up each type
    • How to apply each type
  • Data Unification
    • What is this
    • How it can be used
    • How to set it up
    • Limitations of it
    • Process validation
    • Changing existing models
  • AI for Audience Insights
    • What is this
    • What can it be used for
    • How to use it
    • Factors that can affect outcomes
  • Security
    • Using Azure Key Vault
    • Capabilities of this
    • How to set it up
    • How to use it
  • Dynamics 365
    • Capabilities for interacting with Dynamics 365
    • How to set it up
    • How to display data, and where it can be displayed
    • What actions users are able to carry out within Dynamics 365

Wow. It’s a lot of stuff. It’s definitely an exam that if you’re not already currently hands-on with the skills needed, I’d highly recommend you get a decent amount of experience with it before taking the exam!

I can’t tell you if I’ve passed it or not…YET!. Results aren’t going to be out for several months, and to be honest, I’m not quite sure how well I’ve actually done.

So, if you’re aiming to take it – I wish you the very best of luck, and let me know your experience!

Workaround for sharing Canvas Apps

Don’t you find it absolutely frustrating when there’s a canvas app that you want to get access to, or give other users access to, but can’t see it? It’s REALLY annoying, but it’s sort of the way that Microsoft has designed the platform (at least at this point in time).

See, when a user creates a canvas app, only the creator is able to see & launch it. If other users want to get access to it, the creator needs to share it. This can be done by sharing the app directly with another user, or by sharing it with an AAD Security Group (which is sort of best practise).

Now, of course there’s the Microsoft Power Platform Centre of Excellence solution, which includes a very handy app to assign permissions for canvas apps. After all, if a user is on holiday, sick leave, or has left the company, there needs to be some way of assigning permissions for other users to gain access to it. It’s really helpful, but of course needs the CoE solution installed.

Let’s think of another scenario. What about if we have some canvas apps as part of a solution, that’s deployed through (proper) ALM – such as using Azure DevOps with automated pipelines. Best practise for this is to use service principals (ie non-interactive user logins). This is great, but then the canvas app/s will be owned by this user. So without the use of the CoE ‘Set App Permissions’ canvas app, we’re sort of stuck, as we can’t gain access to the app.

Or can we…..?

So this is a scenario that I’ve been dealing with recently, and I’ve found a really cool workaround that doesn’t need the CoE ‘Set App Permissions’ canvas app to be able to handle the situation.

The example below (amusingly, in my opinion) is actually using the Microsoft CoE solution as an example, but this works with any canvas apps that are held within a solution (against, this heavily supports using solutions for ALL development items!).

So, this is what the actual installed apps look like in this environment:

As we can see, there are a lot of them! But what happens if I’m logged in as my regular user? What do I see if I go to the list of apps? Well, I’ll see the following:

Now, as we can see, I’m able to see the model-driven app (as these aren’t hidden at all). But I’m not able to see ANY of the canvas app! So how can I get access to it, or share it with other users?

Well, if I take a look at the solution itself, I can see the following when browsing to the list of apps (I’m really loving the new Solution Explorer layout, I’ll freely admit!):

I can try to play the canvas app (in this case, the ‘Set App Permissions’ app) directly from the solution. But when I try to do this, I’ll get the following error message:

Now, this is of course happening because I’m not the owner of the app, & the app hasn’t been shared with me at all. So really I was expecting this error to happen.

However, if I take a look at the menu options displayed for me, I can see that the ‘Share’ option isn’t greyed out. I wonder what happens if I click it…

Now this is EXCITING! When clicking the ‘Share’ option on the menu, I’m given the regular sharing screen, where I’m able to set app permissions. So it looks like I’m able to do something here. OK – let’s go ahead & try to share the app with my own user:

So I’ve looked up my own user, and then clicked ‘Share’. This is what happens next…

Exciting moment – will this work?

Waiting with bated breath, and then…

It’s worked! The app sharing has been successful with my user.

Note: The example that I’m using here is with my own user account. However it doesn’t need to be – I can select any user account or AAD Security Group, and share accordingly.

Going to my list of apps, I can now see that the app is showing up for me:

Clicking the app to launch it presents me with the permissions dialogue, and having confirmed permissions, then launches it properly:

So this is indeed a way in which it’s possible to share canvas apps with users and/or AAD security groups, even when a user isn’t the owner of the canvas app.

It is important to note that the user carrying this out does need to have one of the following permissions in the environment:

  • System Customiser
  • System Administrator

Without having one of these roles, it’s not going to be possible to carry out the above (mostly because it’s not possible to see solutions & dig down into them).

This is a handy little trick that hopefully will help clear up one of the headaches when trying to share canvas apps! Of course it’s possible to use the Microsoft CoE tool to set app permissions, but if a customer doesn’t have it installed, then this would be another way to approach things.

Have you ever had this issue? How did you go about solving it? I’d love to hear – please drop a comment below…

Omnichannel vs Customer Service Workspace

This is a question that I’m being asked on a semi-regular basis at the moment, so I thought it would be helpful to do a writeup around things. It’s definitely not clear from the outset based on existing documentation. However, being able to speak to wonderful people such as Tricia Sinclair has been amazing in being able to figure out the differences between the two applications.

So, where to start. Well, let’s first of all understand the similarities between the two applications.

Firstly, they are both multi-session apps. To put this in context (as mentioned elsewhere previously) – traditionally Dynamics 365 applications have been ‘single session’ applications. This means that users would navigate around, open/close records, create or edit as necessary. If users wanted to have multiple records open, they’d need to have multiple tabs open, or even multiple windows (yes, I still remember the days before browsers had tab functionality!).

What multi-session means in this context is that users are able to open up multiple records, and switch between them in the same tab. Open records pop into the left-hand navigation bar, and users can easily click between them. Not only that – users are also able to open further tabs within the same record pane, to access further information. These stay open whilst users switch to other records, which is really quite helpful!

So for example, a user could open a case record, then open the contact associated to the case, as well as the account related to the case. They could then further open the knowledge base to search for articles, and so on and so forth. All of these stay open.

Both apps are also web applications – they run in a browser, rather than needing to have a specific software application installed for them (unlike Unified Service Desk).

So, where do they actually differ? Well, this was a bit difficult for me to understand in the first instance, though that turned out to be because I had both Customer Service Workspace as well as Omnichannel configured within the same environment! Turns out that this wasn’t the best approach to take to compare the two, & understand their capabilities. Easily fixed though with quickly spinning up a new trial to install one in.

So with knowing how Omnichannel works (after all, I’ve written quite extensively around it), let’s take a look at the Customer Service Workspace app:

Customer Service workspace overview
  1. The session pane lists all the sessions that you are actively working on. Select the tabs to navigate among sessions.
  2. The Home session returns you to the Customer Service Agent Dashboard view.
  3. Each session has a tab in the session panel. Select a tab to navigate to the session you want to work on.
  4. Select a case to open a new session. A single click on a case replaces your view with the case form. Select the back arrow in the upper-left corner of the form to get back to your previous view.
  5. Select the tabs to navigate to your open activities, cases, forms and views.
  6. Select the + icon to expand the menu to view a list of forms, views, and activities. Select the one you want to open in a new tab.
  7. Select the drop-down selector to filter cases in queues you can choose to work on.
  8. Select Shift + mouse click to open a new session for an activity. A single click replaces your view with the activity form. Select the back arrow in the upper-left corner of the form to go back to your previous vie

Now, without Omnichannel installed in the same environment (& obviously licensed for users), it’s not possible to have native Dynamics 365 channels such as Chat, WhatsApp, etc. Conversations will not appear for customer service agents who are using the Customer Service Workspace.

Note: If you DO have Omnichannel installed in the same environment, and users are licensed to use it, then conversations will show up within the Customer Service Workspace app for them. They’ll have notifications pop up on the screen for incoming customer sessions.

That’s not to say that it’s not possible to have channels available within Customer Service Workspace. So how do they actually come in?

Well, as it turns out, channels within Customer Service Workspace need to be third party channels. There are a plethora of 3rd party add-ons for Dynamics 365, that offer different communication capabilities. Some of these do date back a while (to before any native Microsoft capabilities).

For example, there are ISV add-ons for Customer Service that can embed a call dialler into the experience, so that customer service agents can call directly from a record. Or alternatively an add-on such as a 3rd party web chat application, that can then surface these within the Customer Service Workspace. Each of these obviously would need to be purchased, licensed & integrated appropriately with your Dynamics 365 solution as necessary too.

Now both applications also have other similar functionality, such as the Productivity Pane, Agent Scripts, Smart Assist & Knowledge Search. However there can be differences between them. For more information, I’d suggest taking a look at Tricia’s blog article that goes into depth on this.

So to summarise, Omnichannel is for the native Microsoft channels, giving customer service agents the ability to service customers using them. Licensing (currently) is with Customer Service Enterprise, and then either the Digital Chat or Digital Messaging add-on SKU’s.

Customer Service Workspace, on the other hand, allows customer service agents to be able to have a multi-session application for their work, as well as allowing communications through third-party channels. Licensing is as per the different Customer Service SKU’s, with any 3rd party add-on being licensed appropriately.

Hopefully this helps clarify the different between these two, and make them less confusing. If you have any further questions around this, please drop a comment below, and I’ll do my best to respond!

Omnichannel – Wave 2 2021

So last week the Wave 2 2021 information dropped. It’s taken me a few days to get round to it (family stuff happening), but I’m finally able to do a quick recap of it. As most people know, Microsoft releases features in two waves – one in the spring (Wave 1), and one in the autumn (Wave 2). As usual, I’ve included the links for the full release notes across both Dynamics 365 & Power Platform below, though will be focusing on the product features for Omnichannel

The links are here:

As I’ve done before, I’m going to include the dates that are applicable (at this point in time) for each time.

Enhancements to existing capabilities

Agent workspace inbox view

GA – Oct 2021

10 Google Workspace tips to optimize your inbox - Google Workspace Learning  Center

As more and more organisations move in the direction of omnichannel system capabilities, there is a growing need for the actual agent experience to be better optimised. The inbox view that this functionality will deliver is aimed to address the needs to quickly triage requests, and allow agents to focus on customers & their issues. It will be integrated into the Customer Service workspace as well as the Omnichannel Engagement Hub, and will allow agents to effectively navigate their emails & conversions whilst handling customer interactions.

Usability improvements for agent workspaces

Early Access – Aug 2021. GA – Oct 2021

Web Usability Definition | Web Wise Wording

The Customer Service workspace and Omnichannel Engagement Hub are multi-session applications that allow users to be able to multi-task with customers to provide support on multiple cases simultaneously. This release provides usability improvements to help agents be more productive, including simplified navigation as well as the migration of productivity tools to the new extensible App side pane.

Increase agent productivity with contextual collaboration using embedded Microsoft Teams

GA – Nov 2021

How to Embed and Share Videos on Microsoft Teams | ClickView

Agents who use Dynamics 365 Customer Service can easily collaborate with anyone within their organization, such as agents from other departments, supervisors, customer service peers, or support experts, over Microsoft Teams to resolve customer issues, without leaving
the case or conversation. Chats over Teams will be linked directly to Customer Service records, enabling a contextual experience

Some of the key features coming in this release are:

  • Ability to chat with contacts from within Dynamics 365
  • Access to key Customer Service contacts, such as supervisors, queue members, and support experts.
  • Access to AI-driven suggestions of agents who resolved similar cases.
  • Access to recent Microsoft Teams chat lists.
  • Ability to link and unlink chats to case records.
  • Access to linked Microsoft Teams chats.
  • Message avatar and presence, where users can easily see profile pictures of a chat participant and their availability (presence)

Omnichannel Voice Channel

At Ignite in September 2020, Microsoft announced the new Voice channel for Dynamics 365 Customer Service. The aim of the solution is to provide simpler administration & management experiences within the platform itself, rather then needing traditional cloud component integration complexities.

With the release of this, voice, SMS, and digital messaging channels, and a PVA-powered intelligent interactive voice response (IVR), real-time voice intelligence, and insights across all channels, speech-based self-service, and intelligent skills-based routing are all brought together in a single package.

Voice channel powered by Azure Communication Services

GA – Nov 2021

NEW Voice Channel Capabilities Announced for Dynamics 365 Customer Service  | Preact

As mentioned in the Wave 1 2021 post, there’s a new voice channel that’s coming in. This new solution for Customer Service enables an all-in-one customer service solution without fragmentation or requirement of manual data integration. It will provide a single view of the customer that empowers agents to provide personalised service across all channels, and true omnichannel analytics and insights for agents and supervisors alike. Providing organizations with a choice of telephony delivered directly by Microsoft enables quick and easy deployment of a voice channel for their business.

  • This feature enables organizations to adopt Azure Communication Services as a voice provider natively in Omnichannel for Customer Service, and facilitates the following features:
  • Phone number procurement and management
  • Ability to handle and distribute incoming calls
  • Ability to make outbound calls
  • Ability to manage SMS (inbound and outbound)
  • Deep integration of voice into core Omnichannel for Customer Service functionality
  • Real-time sentiment analysis
  • Real-time transcription
  • Real-time translation
  • Real-time smart assist suggestions
  • Operations management through supervisor dashboards
  • Ability to record and manage phone call

Now there has been a slight delay in rolling this out. As a result, the GA dates for the below have been pushed back to Nov 2021:

  • Call intelligence
  • Call recording
  • Call transcription and real-time sentiment analysis
  • Consult and transfer
  • Direct outbound calling
  • Embedded analytics for voice channel
  • Intelligent voice bot via Power Virtual Agents and Microsoft Bot Framework
  • Modern administration experience for Omnichannel voice (number management)
  • Modern administration for Omnichannel SMS via Communication Services (number management)
  • Supervisor monitoring and barge
  • Topic clustering for voice

Unified routing

Traditionally, organizations use “queue-based routing,” where incoming service requests are routed to a relevant queue, and agents work on those service requests by picking them from the queue. Organizations can miss service-level agreements if agents pick the easier service requests and leave the higher-priority requests in the queue. To address this scenario, organizations either create custom workflows to periodically distribute service requests among their agents or have dedicated personnel to distribute the service requests equitably among agents while adhering to organizational and customer preferences. Both methods are inefficient and error prone and necessitate continuous queue supervision.
The intelligent routing service in Customer Service uses a combination of AI models and rules to assign incoming service requests from all channels (cases, entities, chat, digital messages, and voice) to the best-suited agents. The assignment rules take into account customer-specified criteria, such as priority and auto-skills matching. The new routing service uses AI to classify, route, and assign work items with full automation, eliminating the need for constant queue supervision and manual work distribution to offer operational efficiencies for organizations

Improved historical analytics for unified routing scenarios

GA – Oct 2021

historical analysis on real-time data with ActivePivot

Administrators use unified routing and routing rules across the classification and assignment stages to help ensure the work item is assigned to the best suited agent. Embedded historical analytics provides an overview of routing performance of each channel to help optimize the routing strategy and improve the routing and workforce efficiency. Providing organizations a view of the effectiveness of configurations allows them to improve routing configurations to help increase their customer satisfaction and agent satisfaction scores.

Routing diagnostics for supervisors

GA – Oct 2021

Computer diagnostics icon (PSD) psd free file | Download now!

Routing diagnostics helps an organization to better understand the path a work item takes after it comes into the routing system, through all the classification and assignment rules, to ultimately land in a queue or be assigned to an agent. Current routing diagnostics are available for administrators and are more focused on the workstream and queue routing. In this release, routing diagnostics are being introduced to supervisor experiences, and the quality of the diagnostics is being improved.

I’m really quite excited to see how the new Voice channel will be received, as I think it’s a great feature addition to the overall tools available. It will be interesting to see how clients may choose to use it over their existing voice channel setup.

I’ll be looking deeper into the different functionalities, and will share them here. If there’s anything you think would be helpful to focus on, drop a comment & let me know!