On behalf of CRM Content Publishing, I am pleased to announce the release of white paper, Scalable Security Modeling with Microsoft Dynamics CRM 2011, which is available for download from the Microsoft Download Center.
Microsoft Dynamics CRM offers a wide range of security modeling features, and it is important to choose the most appropriate approach to implementing a particular solution. Each feature offers a combination of characteristics that provides a balance between granularity of access control, administrative ease, and impact on scalability. Having an understanding of the underlying mechanisms supporting each security modeling feature can be useful when selecting the best approach to solving a particular challenge, especially when planning to develop a large volume system.
Granting access for a user to the system involves two factors:
- Authentication, which determines who users are and confirms that they are who they say they are
- Authorization, which defines whether authenticated users are entitled to access the system and what within the system they are permitted to see or do
Authentication in Dynamics CRM is handled using platform features such as Integrated Windows Authentication or Claims Based Authentication with an identity provider such as Active Directory Federation Services. These determine the identity of the users requesting access to the system.
Note: Details of the deployment and scalability of the various technologies supporting authentication are beyond the scope of this document.
After users have been identified, information recorded within the Dynamics CRM system about the users, such as their security roles and team memberships, is used to determine whether they are allowed to use the system and what they are allowed to see and do within the system, or what they are authorized to do.
This paper describes how security modeling features related to authorization in Microsoft Dynamics CRM work at scale, implications associated with these features when functioning at high volumes, and guidance on common and recommended usage patterns for modeling Microsoft Dynamics CRM security at scale, incorporating teams as appropriate.
I’d especially like to recognize the efforts of author Roger Gilchrist as well as the broader Dynamics CRM community for contributing to and reviewing this paper to help ensure its completeness and technical accuracy.