When an new Environment is created, it takes more than an hour or some times a day to sync users from Azure AD to CRM.
Through Power Shell cmdlets, we can sync user immediately.
Install Module Microsoft.PowerApps.Administration.PowerShell
Install-Module -Name Microsoft.PowerApps.Administration.PowerShell
Connect to Power Apps using any of these
- User Name and Password
Add-PowerAppsAccount -Endpoint "prod" -Username "" -Password ""
- Tenant Id, Client Id and Client Secret
Add-PowerAppsAccount -Endpoint "prod" -TenantID "" -ClientSecret "" `
-ApplicationId ""
- Tenant Id, Client ID and Certificate Thumbprint
Add-PowerAppsAccount -Endpoint "prod" -TenantID "" -CertificateThumbprint "" `
-ApplicationId ""
Get-AdminPowerAppEnvironment cmdlet gives list of environments available in Tenant, note down the environment name (guid) to which you want to sync the Users
Go to Azure Portal : https://portal.azure.com -> Azure AD -> Users -> note down the Object Id of the user you want to sync
Run the cmdlet in Power Shell
Add-AdminPowerAppsSyncUser -EnvironmentName <Guid> -PrincipalObjectId <Guid>
EnvironmentName – Guid of the environment
PrincipalObjectId – Object Id of the Azure AD User
Post executing this script, users get synced to CRM immediately
Hope its helpful…! 🙂
Reblogged this on Nishant Rana's Weblog and commented:
At times after assigning the appropriate license to the User / adding them to Azure AD Security Group associated with the environment, the users do not appear within CRM, or it takes long time for them to appear.
We can use the PowerShell cmdlet shared in the blog.
The same thing can be achieved using Force Sync User Action within Power Platform for Admins Connector (Preview)
https://docs.microsoft.com/en-us/connectors/powerplatformforadmins/#force-sync-user
We can make use of the template which uses the above action
https://us.flow.microsoft.com/en-us/galleries/public/templates/6e4162ca7afc48479e3ad1caadc6c1e6/force-sync-azure-active-directory-group-members-to-specified-cds-instance/
lastly from Admin Portal, we can also try removing Security Group from the environment, and adding it back, or adding removing the license from the user, which triggers the sync.
If nothing helps the last resort is to raise the Microsoft Support Ticket.
LikeLike
HI
Do we have a approach which can be triggered from code ike from plugin or azure functions ot flows etc.,,
as we have the case where we want to force sycn user to users when someone does some option from UI.
Please suggest , thanks in advance.
Thanks,
Manoj
LikeLike
Hi,
You can use “Force Sync User” action from “Power Platform for Admins” connector in Power Automate
Hope its helpful..! Let me know if it helped or not
LikeLike