Today we are going to talk about the error received by a user when logging into CRM and how to overcome this error.
User (tester two) tries to login to Microsoft Online Portal so he can access CRM online When he enters the credentials at https://portal.microsoftonline.com/
The following error is thrown:
The error thrown is “You have signed in with a user ID that cannot log into CRM. Contact your administrator to make sure that you have a valid CRM Online user account.”
This is because there is an instance security group for this instance and the user is not part of the security group An instance security group can be set up by the following steps Go to MOP – Service Settings – Dynamics CRM – Edit Settings – Instance Security Group – Click the search Icon next to this field and select the security group. Any security group available within the MOP can be used to control access to a CRM instance. If a security group is not associated with a CRM instance, all users with a CRM license will be created as users in the instance. If a security group is associated with an instance, only users with CRM licenses that are members of the security group will be created as users in the CRM instance. Purpose of this Instance Security group is to provision and manage multiple CRM instances when they have a single CRM subscription. This allows the flexibility to deploy segregated instances of CRM for testing, development and production.
So in this scenario we chose the security group as Login Group for the instance of CRM
The different security group option available for any instance is in the screen below:
If you login to CRM as the administrator and Navigate to the list of disabled users you can find this user
To overcome this error we need to add the user to the Instance Security Group.
Note: System security groups, distribution groups, and mail-enabled security groups cannot be edited. Once we add the user to this Instance security group Login Group he can login fine and access CRM
Hope this would resolve your issues