Professional Documents
Culture Documents
Completed100 XP
7 minutes
FastTrack for Microsoft Dynamics 365 (such as Dynamics 365 Sales, Dynamics 365
Customer Service, or Unified Operations apps) is Microsoft's customer success
service. It's designed to help customers and partners achieve a successful deployment
of Microsoft Power Platform and Dynamics 365. To deliver this service, FastTrack
solution architects use Success by Design. FastTrack team engagement is available to
customer projects that meet the FastTrack eligibility requirements. Because not all
projects will qualify, Microsoft is making a tailored version of Success by Design
available for partners and customers to use on their own. The Use Success by Design
for Dynamics 365 apps solutions learning path examines this version and how
partners and customers can use Success by Design to achieve a successful
deployment of Microsoft Power Platform or Dynamics 365.
Success by Design is the prescriptive guidance (approaches and best practices) for
designing, building, and deploying a Dynamics 365 solution. Success by Design is
based on Microsoft's experience in providing engineering oversight across thousands
of deployments with hundreds of partners through the FastTrack program over the
years. Its fundamentals are good solution architecture and design, technical
capabilities of the Dynamics 365 product line, and proven approaches to design and
implementation challenges that arise during a business process transformation and
implementation.
Solution blueprint
Test strategy
Data model
BI and analytics design
Gap solution design
Data migration
Security
Integration design
Dual-write implementation
Solution performance
Cutover strategy
Post go-live strategy
This learning path outlines how you can use these techniques on your own project,
even if your project isn't actively being engaged with by the Microsoft FastTrack
team. This first module is Success by Design, which provides an overview of the
guidance. Other modules in the series will provide in-depth detail about individual
topics.
The purpose of this module and learning path is to provide an introduction on how
to use the Success by Design guidance. This path is intended for the person or
department that is responsible for the deployment of Dynamics 365, including
functional, technical, and business resources who are responsible for the deployment
and adoption of the system.
10 minutes
With Success by Design, the solution architect can engage with project teams
through strategic workshops that are aligned to key project stages with clear goals,
actions, and deliverables. Each workshop has been designed with specific goals and
maps to relevant success measures for the project. A workshop is essentially an
alignment exercise that allows the solution architect to assess if best practices are
being followed and identify and highlight issues or potential risks that can derail the
project. While Success by Design offers prescriptive guidance for success, be
prepared to make minor adjustments to the stages and details that are relevant to
your specific projects.
Essentially, Success by Design brings the learning and experiences from thousands of
customer cloud deployments to your project to help make the journey to the cloud
smoother, faster, and more successful.
Summary of workshops
As previously discussed, Success by Design has several workshops. Each workshop is
a module within this learning path. The following sections summarize some of those
key workshops. Templates are available for each workshop, and you can download
examples of the templates that you need.
The workshops are not in a prescribed order; you can return to a topic more than
once for any given project. For example, integrations should be designed, built,
tested, and supported. You might find overlap in topics, and even if no specific
overlap exists, a general awareness of the other aspects is a vital part of success. This
module will go into much greater detail of each workshop, but the following sections
provide a summary of what to expect for each. The subsequent sections list the
workshop topics in this learning path and in the order in which they can be
implemented in a typical project.
Solution blueprint
Identify risks and issues – By taking a broad but high-level look at the
solution, it is possible to identify issues and risks with the solution design
or implementation approach that will negatively impact the outcome.
Establish a baseline of subsequent reviews – Based on establishing a
general understanding of the solution, the FastTrack solution architect
who is involved can build a plan for follow-up workshop activities to
investigate aspects of the solution where additional guidance might
provide benefits.
Test strategy
An effective test strategy will allow for a holistic view of the proposed solutions.
Testing will happen in several different phases of development, but you should define
the strategy early. The purposes of the test strategy review are to:
Identify risks and issues – By taking a broad but high-level look at the
test strategy, it is possible to identify issues and risks with the approach
that would negatively impact the outcome.
Data model
The Data model workshop is dedicated to reviewing the envisioned data model for
the customer project. The data model usually reflects the functional scope of the
project. It also reveals its potential complexity if it contains numerous tables, complex
relationships, impact on security, or use or misuse of standard objects, large number
of custom tables, and so on.
The goal of the BI and analytics design workshop is to ensure that the BI and analytics
solution design is well understood, planned, and that it is appropriate for the solution
strategies and technologies that are used. You should be collecting insights on the
implementation activities, reviewing the current planned solution design, and raising
recommendations/risks/issues that are related to the plan and solution strategies.
Identify risks and issues – By taking a broad but high-level look at the
BI solution and strategy, it is possible to identify issues and risks with the
solution design or implementation approach that will negatively impact
the outcome.
The Gap solution design workshop is designed to ensure that the gap solution design
provides a good approach and plan to deliver a well-defined, well-tested, reliable,
and safe solution. You can complete this approach by collecting insights on the
implementation activities, reviewing the current gap solution blueprint, and raising
recommendations/risks/issues that are related to the planned customizations.
Data migration
The Data migration workshop offers advice and guidance when you are doing data
migration with Dynamics 365. The workshop provides best practices to help you
avoid data migration performance issues, gain a proper understanding of business
goals, and develop awareness on realistic throughput.
Security model
The Security model workshop delves into the customer-designed security model in
Dynamics 365 to help you understand the unique needs of organization security
requirements and review granularity of access control, administrative ease, and
impact on scalability. This workshop helps the solution architect collect the correct
information from customers by asking the right questions through assessing needs
and looking at different aspects of their designed security model.
Integration design
One strength of Dynamics 365 and Microsoft Power Platform is the offering of many
integration opportunities. For successful integration between systems, you need to
ensure that the design has purpose and review. The purposes of the integration
design review are to:
Drive communication and understanding – The review is designed to
drive a conversation about overall plan for integrations and design
aspects of specific interfaces by going through overall integration
strategy, integration patterns, and middleware selection (if a middleware
is used), and by thoroughly investigating specific business critical
integration scenarios, monitoring and alerting approach, and any
Microsoft 365 integrations.
Identify risks and issues – By taking a broad but high-level look at the
integration aspect of the solution, it is possible to identify issues and risks
with the integration design or implementation approach that will
negatively impact the outcome.
Dual-write implementation
Identify risks and issues– By taking a broad, but high-level look at the
solution, it is possible to identify issues and risks with the solution design
or implementation approach that will negatively impact the outcome.
Solution performance
The Solution performance workshop provides guidance and best practices for
solution design in respect to performance. The workshop will increase awareness of
the impact that certain types of configuration and/or customization have on the
overall performance and user experience. This workshop will also emphasize the
importance of having defined performance goals and having the right focus on
performance and performance testing during the entire project life cycle.
Define clear goals and objectives and use the appropriate tools and
processes for implementing performance testing.
Cutover strategy
The Cutover strategy workshop is designed to ensure that the cutover strategy
provides a good approach and plan to deliver a well-defined, well-tested, reliable,
and safe transition from current systems to the new production systems.
When your team decides to follow Success by Design, you are on a good path to a
successful implementation. The guidance relies on all participants to be actively
engaged and actively sharing information. The guidance works best when enough
information is shared to help ensure informed decision making.
Success by Design has been created to achieve five key goals on Dynamics 365
projects, as shown in the following diagram.
Product direction strategic alignment
Dynamics 365 and Microsoft Power Platform are rapidly evolving, and the way that
you customize or design solutions on the platform today is different from how they
were done a few years ago. A large part of a solution architect's role is making sure
that customer and partner teams are aware and aligned with the product direction.
Whether it's to do with using a Microsoft Power Automate flow instead of traditional
workflows, or embedding canvas apps instead of using dialogs, these inputs are
critical to a customer program and will help you save time and effort by avoiding
rework later. Success by Design workshops give the project team critical insights into
the customer program and an opportunity to provide timely recommendations to
ensure alignment with Microsoft product strategy and roadmap.
Innovation evangelism
Dynamics 365 and Microsoft Power Platform enable digital transformation within
customer organizations. The promise of a cloud-based digital transformation
platform should allow organizations to innovate at a faster pace and have a
competitive business advantage. One way to develop this competitive edge is
adoption of the latest production innovations. It's important for you to determine if
your customer's Dynamics Service Management system is using omnichannel
capabilities and if they're using customer insights for AI. Success by Design provides
you with an opportunity to influence the key project stakeholders through targeted
feature recommendations during the workshops and help customers define their
internal solution roadmap.
Execution excellence
As individual contributors, solution architects are responsible for the success of their
customers. Success by Design brings the necessary structure to drive greater
consistency in the way that they can engage with their customers and in the way that
they measure and report on their success. Success by Design also helps boost
productivity and effectiveness through the following features:
Escalation management
Solution architects and project teams are familiar with reactive situations that can
potentially derail a project and cause go-live delays. Implementation or performance
issues could come from a bad design, from not following best practices, or due to
product regression or bugs that are not fixed in time. While Success by Design should
help minimize implementation-related escalations through proactive workshops and
review checkpoints, you might still find yourself in escalation situations that will
involve leadership and executives. A large part of escalation management is
articulating the business impact and situation in the context of the customer. Success
by Design can help provide the necessary context and historical perspective in the
form of the workshop findings and recommendations, success measures, follow-up
actions, and so on.
Success by Design has been created so that a solution architect can engage with
customers regardless of their delivery methodology. With agile projects, the phases
and workshops will likely be repeated in some capacity throughout the life of the
project. This guidance will map the Dynamic 365 implementation life cycle into four
methodology-agnostic phases:
Initiate
Implement
Prepare
Operate
Initiate
In the initiate phase, the project team is in discovery mode, where they are gathering
and validating business requirements, finalizing the high-level solution approach,
making inroads to define all in-scope workstreams, and revising the project plan to
reflect these updates. When the project team has produced the high-level solution
design, and when the related project workstreams are mostly defined, Success by
Design begins with the Solution blueprint review.
The initiate phase is one of the most important parts of the project because many
decisions that are made in this phase will impact the success of the deployment.
Occasionally, it might be tempting to rush through this phase so that you can begin
building the system, but it's important to have a plan and design before you start
building.
Implement
In the implement phase, the project team is focused on building the solution
according to the agreed-upon solution design and scope. Implementation reviews
are introduced in this phase, having been informed by the findings and
recommendations of the Solution blueprint review. Implementation reviews are used
to thoroughly address questions that are related to the specific aspects of the
solution design (data model, security, integration) and implementation practices
(ALM and testing strategy). Implementation reviews fully address the risks that are
identified during or after the Solution blueprint review but before the solution build is
too far along in the process.
Prepare
By the prepare phase, the solution has been built and tested, and the project team is
preparing for the final round of user acceptance testing (UAT) and training.
Additionally, all necessary customer approvals have been granted, information
security reviews are completed, the cutover plan is defined (including go/no-go
criteria), mock go-live events are scheduled, the support model is ready, and the
deployment runbook is completed with tasks, owners, durations, and defined
dependencies. At this point, the project team will use the Success by Design go-live
readiness review to identify remaining gaps or issues.
Operate
You've now planned, developed, and deployed the application, but you're not
finished yet. The goal of this phase is to validate the success of the deployment,
review lessons learned from the project, and plan for the transition to the next phase
or provide transitional support to the maintenance team.
After the customer is live, the solution architect should perform a post
go-live review.
Discuss the transition plan and share the same with the maintenance
team.
15 minutes
This unit describes how the Success by Design process should be implemented, from
using the template to presenting the findings and recommendations. Success by
Design is designed to be flexible; you can adapt it to your delivery style. However, the
structure of your delivery should be clear enough for anyone to follow.
Align expectations
Success By Design is intended to help the solution architect be more proactive during
their engagement with the project teams, discover the customer's goals, understand
what was designed in terms of architecture, and identify and avoid areas where
project teams often run into issues during projects.
The solution architect should be considered a trusted advisor who uses the
knowledge and experience from working on other projects and shares that
experience and best practices to help avoid issues. Accordingly, the solution architect
can help ensure that the customer can go live confidently and successfully.
In the Solution blueprint workshop, you can expect to gain insights that you can use
in the project (plan, milestones, goals, scope, and so on.). This workshop is beneficial
for the project team during implementation because it helps them create a plan for
what will be built (integrations, interfaces, solutions, and so on.), determine at what
stage the project will be delivered, and ensure that the project plan is aligned with all
stakeholders and project scope.
In the Go-live readiness workshop, the goal is to understand and help shape the
customer's go-live strategy and compare this strategy with best practices. With this
approach, you can help avoid surprises during go live, the most critical phase of the
project.
Workshop outcome
After each workshop, the solution architect will prepare a list of findings and
recommendations based on what was learned during the workshop. A follow-up
meeting should be scheduled to discuss recommendations as needed.
While the solution architect will be thorough in the workshops, it's not expected that
every possible concern about the project will be raised and that all project issues will
be avoided. The solution architect will only be reviewing the information that is
shared by the customer and partner teams, and if any piece of information is not
shared (or not shared to a sufficient level of detail), that information won't be
included in the review.
The reviews are performed by comparing best practices and experiences from other
engagements with your project and business processes. Though you can’t assure
attendees that issues won’t arise during a project, you can emphasize the importance
of understanding the information that is and isn't assessed during the review.
Quality of the code that the developers have written isn't validated by
Success by Design. While ways of checking the code exist, those
validations won't confirm code logic.
Prepare
After the customer and partner teams understand why the workshops are needed,
you can send them the workshop templates, which are short and simple and provide
notes that explain the goals of the questions that are asked in each slide. The short
templates help minimize potential resistance that the customer and partner teams
might have in providing the information that you are requesting.
The solution architect should send the PowerPoint template to the customer and
partner teams at least one week before the workshop is scheduled, which will give
them time to receive it and add requested information. Adjust this time
recommendation depending on the complexity of the deployment or if new features
have been added that you want to investigate first.
When you receive the revised PowerPoint file from the customer, schedule time on
your calendar to review the information that they provided in the file and then start
preparing the delivery of the workshop.
Workshop preparation starts by knowing the audience. The solution architect should
work with the project teams to identify who should attend, which will vary by topic of
the workshop.
If the audience is large, and a mixture of many different roles and departments,
consider splitting the workshop into multiple sessions. The risk of overrun is high
when the audience is too large or diverse.
Prepare and send an agenda to the attendees in advance of the workshop. Include
session times and named resources in the agenda. This preparation will allow
attendees to provide feedback if they think that more time will be needed and help
keep to the agreed-to time for each topic during the workshop.
Deliver
During the workshop, content should be presented by the customer and/or partner
as appropriate. While the customer and/or partner deliver the content, you should
take notes. A good practice is not to interrupt the presentation and wait until the end
of each slide before asking questions or waiting for the presenter to pause.
The workshop delivery should sound like a conversation and not an inquiry. Keep the
questions short and relevant. The workshop delivery should always start with the
agenda and takeaways and then finish with the next steps. You need to help ensure
that everyone understands what will happen next.
After the workshop, review your notes and update them while the information is fresh
in your mind. Verify that your notes are complete because they will be the basis of
your findings and recommendations.
Each meeting might include people who were not in previous sessions, so
you should always start a workshop session by introducing yourself and
by being prepared to include your background and experience with
Dynamics 365 or Microsoft Power Platform.
Make sure that someone takes notes during every session. You might not
always be the note taker (especially during face-to-face meetings), but
always verify that someone is taking detailed notes, and then get a copy
of the notes following the session.
Be confident in your experience and knowledge and share that with the
team.
Read the audience to help understand their technical level. Keep to the
agreed technical level of the workshop. For example, a solution blueprint
review will be high level, and you should stop if it's too in-depth. It's
better to schedule a follow-up session than overrun or be tight on time in
the current session.
In technical sessions, don't forget the why, even if focus is on the how.
Capture all actions and open topics as you go through the session.
However, ensure that you have 5-10 minutes at the end of the workshop
to summarize the actions.
Follow-up
After workshop delivery, the solution architect should prepare findings and
recommendations. This preparation can be time-consuming, so be sure to give
yourself enough time when scheduling the follow-up discussion. Meeting notes and
agreed-on follow-up actions should be sent to participants and needed stakeholders
within 24 hours after the session. Follow-up actions should include the responsible
party and deadline. If no deadline has been agreed to, use TBD. In the meeting notes,
share issues and risks.
Workshop steps
The workshop involves three key steps:
Information capture
Run the workshop
Create recommendations and findings
The project solution architect, or someone who's not on the project daily, can
conduct the workshop. The benefit of having a non-project assigned solution
architect conduct the workshop is that it will be similar to how FastTrack projects run.
Often, this approach offers a project team additional insights that come from a
project outsider.
Information capture
While all projects do have some level of documentation, the level of documentation
and format can vary depending on the stakeholders, project scope, and project
methodology. The workshop template is designed to collect the information that is
relevant to the project's success measures and document them in a structured
fashion. Frequently, the project teams have this information handy and they can copy
from existing project documents. However, it's not uncommon for information to
exist in multiple places and be difficult to consume and share with the teams. As a
part of this step, the solution architect can share the workshop template with the
customer and ask them to fill out the information and return it at least five days
before the workshop is scheduled to happen. This step will allow sufficient time for
review.
Tip
Work with your stakeholders closely on information capture. Provide them with the
necessary help to fill out the template, and you can prefill the information that you
already know. In some cases, stakeholders might also share the complete document,
which might require additional time to review and filter out relevant information. The
quality of information that is exchanged will impact the quality of recommendation
and will set a precedence for other workshops.
The workshop can be conducted on site or by using an online meeting. Typically, the
decision to conduct the workshop on site or online will be based on the complexity of
the project, risks, and customer size. As part of this preparation, the solution architect
should review the completed templates and prepare additional questions and
comments for further clarity.
During the workshop, review each topic with the customer and share
your understanding.
Ask questions to gain further clarity as needed. Review the questions that
you captured for each topic while reviewing the workshop template for
each topic. The intent isn't to share these questions directly with a
customer but to use them during the workshop to drive the conversation
and assess the client's readiness on the related topic/success metric.
After the solution architect has gained an understanding of the client, project scope,
and solution, they should be able to highlight the good practices and deployment
patterns that should be followed. They should raise visibility for potential risks, such
as potential scalability or performance issues. You should document your findings
and categorize them as risks or recommendations.
The FastTrack team has tools that they use for tracking activities, progress, and plans
throughout an engagement. As you continue through your projects, it's a good idea
to have your own plans to do this as well.
Expand table
Status Meaning
Empty Waiting for assessment
Red Finding uncovered critical changes that need to be implemented in the project
Yellow Finding uncovered changes that should be implemented in the project
Green No relevant findings
You can use the Success by Design workshops to guide you toward each success
measure. The following table is an example of a matrix that tracks workshops and
their relevance to different aspects of a project. A solution architect can use a matrix
like this one to track progress with relevance. As you continue through the project,
make sure that you keep a list of relevance and an overall assessment and risk
analysis for each workshop by using the color coding that is mentioned in the
previous table. Consider sharing the status with all stakeholders as often as possible
to avoid surprises and potential delays.
Expand table
Category Group Category Solution Blueprint Cutover Solution performance
review readiness workshop
Architecture Application extension X X
Architecture Business intelligence X X
Architecture Data migration X X
Architecture Data model X X
Architecture Functional X X
Architecture Instance strategy X
Architecture Integration X X
Architecture ISV X X
Architecture Performance X X X
Architecture Security X X
Architecture User experience X X
Competency Customer X
Competency Partner X X X
Fit for purpose Presales X
Fit for purpose Product/solution fit X
Fit for purpose Under-licensed projects X
Implementation Application lifecycle X
management
Implementation Business continuance X X
planning
Implementation Change management X X
Implementation Continuous update X X
Implementation Cutover X X
Implementation Fit-gap analysis X
Implementation Rollout approach X X
Implementation Testing X X X
Other External factors X X
Product Feature deprecation X X
Product Feature gaps X X
Product Product bugs X
Product Product performance X X X
Product Product reliability X X X
Project General governance X
governance approach
Project Schedule X
governance
Support Support X X
When you start working on the project, and after you have conducted a workshop,
you should immediately update the relevant success measures, particularly if any
concerns arise. Also, make sure that you update and complete the appointment with
time/attendees/status and any other notes.
Data model
Success by Design includes several workshops, including Solution blueprint,
Data model, User experience, Data migration, Test strategy, Security, Solution
performance, and Go-live readiness. User training isn't a workshop that is
included in Success by Design.
Test strategy
Solution performance
User training
Success by Design includes several workshops, including Solution blueprint,
Data model, User experience, Data migration, Test strategy, Security, Solution
performance, and Go-live readiness. User training isn't a workshop that is
included in Success by Design.
2.
Success by Design has been created to achieve which of the following five key
goals on Dynamics 365 projects?
In which phase of a project framework are you preparing for UAT (user
acceptance testing)?
Initiate
In the prepare phase, most of the functionality has been built and you're
preparing for user acceptance testing and training.
Implement
Prepare
In the prepare phase, most of the functionality has been built and you're
preparing for user acceptance testing and training.
Operate
Summary
Completed100 XP
2 minutes
Success by Design can help guide the success for your solutions. By following the
prescribed guidance, your projects can have the same success as those projects that
are implemented by the FastTrack team, even if the specific project doesn't qualify for
FastTrack directly.
The Solution blueprint workshop is part of Success by Design. This module focuses
on creating the blueprint, and conducting the workshop to create it.
Learning objectives
In this module, you will:
Learn how to identify project goals
Learn about the project's tenant strategy
Consider any non-functional requirements
Learn how to prepare, and conduct the Solution blueprint workshop
Dodaj
Prerequisites
Familiarity with the Success by Design process
Previous experience as a Solution Architect on a project is helpful
Download an example of the template for this workshop from GitHub
location
Introduction
Completed100 pkt.
8 minutes
The Solution blueprint review also forms the basis of the solution architect’s
understanding of the planned solution, and it provides an overall context in which to
provide guidance. Without context, it is difficult to ensure that recommendations will
be effective for the overall architecture. For that reason, the Solution blueprint review
is the first major activity within the Success by Design framework following the
kickoff. The solution architect should not engage in other in-depth activities without
first understanding the broader solution blueprint.
The following questions and answers are typically discussed during the Solution
blueprint review workshop.
The following sections cover the top-level topics of the Solution blueprint review and
provide a sampling of the types of questions that are covered in each section.
Program strategy
Program strategy covers the process and structures that will guide the
implementation. It also reviews the approach that will be used to capture, validate,
and manage requirements, and the plan and schedule for creation and adoption of
the solution. This topic focuses on answering questions such as:
What are the goals of the implementation, and are they documented,
well understood, and can they be measured?
What is the methodology being used to guide the implementation, and is
it well understood by the entire implementation team?
What is the structure that is in place for the team that will conduct the
implementation?
Are roles and responsibilities of all project roles documented and
understood?
What is the process to manage scope and changes to scope, status, risks,
and issues?
What is the plan and timeline for the implementation?
What is the approach to managing work within the plan?
What are the external dependencies and how are they considered in the
project plan?
What are the timelines for planned rollout?
What is the approach to change management and adoption?
What is the process for gathering, validating, and approving
requirements?
How and where will requirements be tracked and managed?
What is the approach for traceability between requirements and other
aspects of the implementation (such as testing, training, and so on)?
What is the process for assessing fits and gaps?
Test strategy
Test strategy covers the various aspects of the implementation that deal with
validating that the implemented solution works as defined and will meet the business
need. This topic focuses on answering questions such as:
What are the phases of testing and how do they build on each other to
ensure validation of the solution?
Who is responsible for defining, building, implementing, and managing
testing?
What is the plan to test performance?
What is the plan to test security?
What is the plan to test the cutover process?
Has a regression testing approach been planned that will allow for
efficient uptake of updates?
What are the top processes that are in scope for the implementation?
What is currently known about the general fit for the processes within the
Dynamics 365 application set?
o How are processes being managed within the implementation
and how do they relate to subsequent areas of the solution
such as user stories, requirements, test cases, and training?
o Is the business process implementation schedule documented
and understood?
o Are requirements established for offline implementation of
business processes?
Based on the processes that are in scope, the solution architect who is conducting the
review might ask a series of feature-related questions to gauge complexity or
understand potential risks or opportunities to optimize the solution based on the
future product roadmap.
Application strategy
Application strategy considers the various apps, services, and platforms that will make
up the overall solution. This topic focuses on answering questions such as:
Which Dynamics 365 applications or services will be deployed as part of
the solution?
Which Microsoft Azure capabilities or services will be deployed as part of
the solution?
What if new external application components or services will be deployed
as part of the solution?
What if legacy application components or services will be deployed as
part of the solution?
What extensions to the Dynamics 365 applications and platform are
planned?
Data strategy
Data strategy considers the design of the data within the solution and the design for
how legacy data will be migrated to the solution. This topic focuses on answering
questions such as:
What are the plans for key data design issues like legal entity structure
and data localization?
What is the scope and planned flow of key master data entities?
What is the scope and planned flow of key transactional data entities?
What is the scope of data migration?
What is the overall data migration strategy and approach?
What are the overall volumes of data to be managed within the solution?
What are the steps that will be taken to optimize data migration
performance?
Integration strategy
Integration strategy considers the design of communication and connectivity
between the various components of the solution. This strategy includes the
application interfaces, middleware, and the processes that are required to manage
the operation of the integrations. This topic focuses on answering questions such as:
What are the processes within the solution that depend on reporting and
analytics capabilities?
What are the sources of data in the solution that will drive reporting and
analytics?
What are the capabilities and constraints of these data sources?
What are the requirements for data movement across solution
components to facilitate analytics and reporting?
What solution components have been identified to support reporting
and analytics requirements?
What are the requirements to combine enterprise data from multiple
systems/sources, and what does that strategy look like?
Security strategy
Security strategy considers the design of security within the Dynamics 365
components of the solution and the other Microsoft Azure and external solution
components. This topic focuses on answering questions such as:
Typically, the Solution blueprint review takes approximately two to eight hours to
conduct. The time might vary based on the level of detail that is available for review
and the breadth of the overall solution. The solution architect will work with the
implementation team leadership to plan the workshop based on the specifics of the
solution that is being reviewed.
Prior to the Solution Blueprint Review workshop, workshop participants should make
sure that they are as familiar as possible with the structure of the workshop and the
types of topics and prerequisites that will be covered. The solution architect will
provide an agenda with topics and prerequisites ahead of the workshop.
Uwaga
The solution architect will prepare in advance for the workshop by reviewing existing
project artifacts ahead of time. Helpful project artifacts include:
This list is not exhaustive of project deliverables, but it is a good starting point for the
Solution blueprint review. The formats, composition, and names of each deliverable
might vary from one project to the next. Format isn’t the most important component;
it is the information that is available and agreed on across the team that is essential.
When you are conducting a Solution blueprint review early in the project, many of
these documents will not be fully formed, which is acceptable in most cases. It’s more
important that scope has been determined and that a conceptual plan is in place to
determine how the solution will support that scope. If the plan is unsuccessful, these
items should be represented at some level in the statement of work that is provided
by the consulting partner who is assisting with the implementation. If the scope and
conceptual solution approach are in place, the Solution blueprint review can focus on
the conceptual approach, and the follow-up, in-depth workshops can focus on the
details at the point when they are available.
We recommend that you use diagrams and visual representations to provide high-
level summaries, where possible, in the implementation. These diagrams, charts, and
graphs provide a ready means of communication across the team and with executives
about plans and designs.
Uwaga
The Solution blueprint review is an excellent chance to establish a baseline for the
core project team on the overall solution. Having the broader team present in the
workshop can be a helpful way to provide context to the team. In some cases, due to
the size of the implementation team, it might be necessary to limit the participation
in the workshop to only core members of the implementation team. With that in
mind, you should consider the following guidelines:
The workshop should be attended by representatives from the customer
organization and the partner organization that is assisting with the
implementation. Part of the review’s value is providing common
information for the solution across all involved parties.
The workshop should include the project manager and solution architects
from the customer and the partner organization. If the customer doesn’t
have a solution architect role in their organization, then the responsible
technical stakeholder(s) should be involved. If the partner organization
doesn’t have a designated solution architect who is responsible for the
implementation, then the equivalent delivery lead, functional lead, or
technical architects should be involved.
In some cases, it might be necessary to bring specific resources for
specific topics, which can be accommodated based on the breakdown of
the solution in the workshop agenda.
Ukończono moduł:
The Solution blueprint review workshop will be facilitated by the solution architect,
but the expectation is that the implementation team will present the solution
blueprint information. Each section of the agenda should be assigned an owner
within the implementation team. At the beginning of each session, that owner should
present an overview or summary of the scope and plans, including designs that apply
to that aspect of the solution. The team should plan for that summary to take
between 25-50 percent of the allotted time but no more. The remainder of the time
should be reserved for questions and answers with the solution architect.
The implementation team leadership should work with the solution architect ahead of
the workshop to shape the agenda and timings for each session. Depending on the
state and complexity of the solution, different sections might require more or less
time. While the baseline plan is to conduct the workshop in eight hours, that time can
be flexible to a certain extent to accommodate the implementation.
Time management in the Solution blueprint review workshop is critical. The top
priority for the workshop to get through the overall solution, which should be
prioritized over going too in-depth in any one session. If the conversation is going
too detailed and you are running out of time to cover the breadth of the solution,
you should expect the solution architect to discontinue the detailed conversations for
follow-up in a more comprehensive workshop.
Uwaga
You should set an expectation that, during each session, discussion about the scope
and approach will occur. As part of that expectation, the architect might provide
some guidance directly within the meeting. However, these sessions are not intended
to be design sessions but rather review sessions. The provided feedback might alter
the current plan or design, but the detailed work in those areas will be carried out by
the implementation team after the workshop.
The findings document will be distributed to the customer and partner organizations,
and a review meeting will be held to assess the findings in detail. The document will
go to the implementation leadership and executive sponsors in both organizations.
The findings documents can, in some cases, be lengthy, in which case, an executive
summary that highlights key and critical findings is provided for better consumption
by executives.
Uwaga
The output of the Solution blueprint review workshop is not a solution blueprint. The
expectation is that the materials that the implementation team brings into the review
comprises the solution blueprint. The expectation is that the blueprint will continue to
evolve and expand as the implementation progresses.
After the Solution blueprint review workshop has been conducted and the findings
have been reviewed, those items that have been identified as risks and issues, and
their associated action items for mitigation and resolution, will be managed to
completion as part of the overall engagement.
Identified issues will often have an impact on the ability to successfully go live. These
issues will need to be resolved prior to the go-live readiness assessment and the
deployment of a production environment.
When the initial Solution blueprint review is complete, what topics should be
evaluated in subsequent solution blueprint conversations?
Summary
Completed100 pkt.
2 minutes
The Solution blueprint meeting is often the first meeting where you have enough
information to begin making informed decisions about a project's direction. It is also
a great chance to build rapport with stakeholders. You can use the information that
you learned in this module to help you look ahead to the rest of the project as you
begin to create the solution.
Testing strategy, identifying gaps in testing plans, and potential risks are discussed in
this module.
Learning objectives
In this module, you will:
Identify measurable and non-measurable testing goals and results.
Plan the entire testing strategy for an engagement.
Learn how to prepare and conduct the Test strategy review workshop.
Dodaj
Prerequisites
Extensive functional consultant and developer knowledge
Previous experience as a solution architect on a prior project is helpful
Download an example of the template for this workshop from GitHub
location
Introduction
Completed100 pkt.
8 minutes
The Test strategy review workshop is conducted after the Solution blueprint review so
that enough context is provided about the solution scope, solution design, and
overall project goals to ensure that the workshop can be productive. The Test
strategy workshop does not dictate a specific testing methodology; instead, it is
designed to work with and evaluate a variety of testing approaches. The main
objective of this workshop is to evaluate that the underlying principles of testing are
being addressed.
The Test strategy review also forms the basis of understanding for the planned test
phases and timing, which will provide you with an overall context in which to provide
guidance on testing. Typical questions that solution architects have regarding the
Test strategy review process and the answers to those questions are as follows:
Question - A generic test strategy document is provided in our
methodology. Is that enough to review?
Answer - A good, generic test strategy provides a framework. However,
unless it has been mapped to your specific project (scope, risks, timeline)
and the specific organization (requirements, constraints, and resources),
it is not possible to identify the project-specific risks and issues.
Question - We are busy with project tasks, especially design and build,
and our test strategy is being worked on. Can we postpone the workshop
until later when we have completed the test strategy and it has been
approved by all parties?
Answer - Postponing the review will also postpone early identification of
risks. Likely, if the project is already in implement phase, some form of
validation and testing is already being conducted or planned. Reviewing
the draft test strategy document will help ensure that it is completed with
review and recommendations for you to consider.
The Test strategy review workshop can be conducted in person for complex projects,
in which case, it is typically run as a single workshop that covers all required topics.
The workshop is most often conducted remotely.
The following sections cover the top-level aspects of the Test strategy review
workshop and provide a sampling of the types of questions that are covered in each
section.
This topic considers this question: How, and as part of which test phase or test type,
are the project functional scope areas due to be tested?
Business processes
Business requirements
Design requirements
Data (for functional use, migration, interfaces, reporting/BI, and so on)
Geography
Customized areas
Process changes
Security
Regulatory requirements
Project goals
Another question that this topic considers is: How, and as part of which test phase or
test type, are the project non-functional scope areas due to be tested?
Performance
Usability
Operability
Maintainability
Disaster recovery
Business continuity
Other areas, as relevant for this project
How does the high-level test plan integrate within the project plan?
Does the test planning reflect the test strategy?
Are all test types and phases reflected accurately in the test plan?
Does the test plan provide sufficient time and effort to conduct testing in
proportion to the size and complexity of the project?
Does the test plan show that the time and effort that are allocated to the
various areas of testing are in proportion to the risk that is represented to
the business?
The following tables show a view of the areas that each test type should have
defined.
Rozwiń tabelę
Test phase / Test Key Source documents Test coverage Entry criteria
type objectives
Enter the title of the Enter key List the document Determine which areas Define the entry
test phase (such as goals that are type/requirement area that is of project scope are criteria that must
Integration Testing or expected to used to define the content of expected to be validated met for this test ph
User Acceptance be achieved test cases and the acceptance by this phase, for to be considered
Testing) or enter the by each test criteria (in other words, what example: - End-to-end ready to start form
Test phase / Test Key Source documents Test coverage Entry criteria
type objectives
key test types (such as phase. is being used as the business process and implementation.
Performance Testing definition against which the related configuration -
or Mock Cutover). test result is validated). Specific functions -
Migrated data
Testing management
Rozwiń tabelę
Test phase / Test Test preparation Test implementation Test reporting Test administratio
type
Enter the title of the Brief description of Brief description of Define how the test Determine the tools
test phase (such as the test preparation how this test will be progress will be be used to store, rev
Integration Testing that is expected to implemented (which reported and how the manage the test fram
or User Acceptance meet the test entry roles will perform the results/quality will be test cases, and test r
Testing) or enter the criteria (for example, tests or what the life analyzed and reported, Also, consider what
key test types (such test script writing, cycle of a defect will such as: - Reporting be used to map test
as Performance data requirements, or be). for internal project use requirement/scope,
Testing or Mock environments). - Reporting to senior Azure DevOps, Kir
Cutover). business stakeholders Microsoft Excel.
Information from the preceding tables applies to all test types. Key test phases and
types that could be covered include:
Unit testing
Functional/Process testing
System integration testing
End-to-end testing
User acceptance testing (UAT)
Regression testing
Performance testing
Data validation
Security testing
This list is not comprehensive, and depending on the nature of the project, other
types of tests might be relevant, such as point of sale (POS) testing for retail stores or
scanning device testing for warehouse applications.
Additional questions that are especially relevant for a given test type/phase that
might not be adequately covered by the previous categories include:
Have functional test cases been defined from requirements and/or
business scenarios?
Does functional testing cover all functional modules?
Are the functional test scripts validated with business users?
Does the system integration testing strategy explain creating a
production-like test environment for conducting system integration
testing?
Has a method been defined to synchronize/resynchronize all
participating systems in system integration testing?
Have end-to-end test cases been validated with the owner of each
functional module?
Does the end-to-end testing strategy consider usability testing?
Have the key stakeholders for UAT been identified?
Does the UAT plan clearly document the role of each stakeholder in the
UAT phase?
Have you set up a clear communication plan during UAT to all required
stakeholders?
Has each main process been decomposed to include sub processes?
Have the test scenarios been prioritized in UAT?
Does the UAT test plan include appropriate UAT test environment
provisioning?
Do you have user training planned before UAT testing for the testers?
Has an adequate definition been established for the core set of tests that
would constitute a regression test suite?
Is a process in place to identify recent changes (at a high level) for
regression testing?
Does the test plan include automating regression testing?
Has a process been defined for data validation testing?
Have the correct business stakeholders been identified for conducting
data validation testing?
Is a plan in place for conducting end-to-end testing on migrated data?
Does data validation testing include data reconciliation reports and
plans?
Have key areas for security testing been identified?
Does the test plan require all necessary security roles and privileges to be
defined and populated before UAT or system integration testing?
Does the security testing strategy include your organization's security
requirements?
Tooling
Planning, preparation, conduct, and reporting of testing requires significant
management. For the simplest projects, this process might be managed through
spreadsheets, but that could become unwieldy and difficult to track for anything
more complex. Most projects will use some form of task management software. In
addition, many organizations use automation tools to plan, create tests, run tests, and
report the test results. This topic focuses on answering questions such as:
What test administration tools are being used, and in what manner, to
map testing to source requirements (traceability matrix)?
What test administration tools are being used to manage the
identification and storage of test cases?
What test administration tools are being used to manage the allocation
of resources and for tracking the full life cycle of a test from its creation,
running the test, collating the test results, defect logging, and then
resolution and retry?
What tooling is being used to automate the running of test types and
collecting the results?
Typically, the Test strategy review workshop takes two hours to conduct. The time will
vary based on the level of detail that is available for review and the breadth and
complexity of the solution. The solution architect will work with the implementation
team leadership to plan the workshop based on the specifics of the solution that is
being reviewed and the findings from the Solution blueprint review workshop.
Prior to the Test strategy review workshop, participants should make sure that they're
as familiar as possible with the structure of the workshop, the prerequisites, and the
types of topics that will be covered. The solution architect will provide an agenda with
topics and prerequisites ahead of the workshop.
Essentially, the Test strategy review workshop is a discussion; it’s not intended to be a
questionnaire that can be completed and reviewed in an offline mode. While the
prerequisites are defined and provided in advance, it isn't possible to encapsulate the
breadth of directions in which the conversation might lead.
The solution architect will prepare in advance for the workshop by reviewing existing
project artifacts. Helpful project artifacts include:
Solution blueprint - Helps provide the context of the project scope and
the high-level design that is expected to achieve that scope.
High-level project plan - Helps explain the context within which the
different types of testing will be conducted, the dependencies, and the
impact of testing outcomes on the project.
Test strategy document - Provides a description of the key areas to be
reviewed.
Test plans - Test plans that are created from the test strategy for specific
test types, for example, a separate test plan might exist for system
integration testing or UAT that provides more specific details on test
cases, resources, and reporting.
It also helps for the relevant members of the implementation team to have examined
recommended practices on test strategy, such as this Test Strategy for finance and
operations Implementations Tech Talk. It also helps discussion focus if the
implementation team sends a list of existing questions/concerns ahead of the
workshop.
The preceding list isn't comprehensive of the documents that help frame the
discussion. For example, it would also help to have the solution architecture diagram
(technical and business process) and the high-level business processes, if these
haven't been already shared and reviewed as part of the Solution blueprint review
workshop.
When you conduct a Test strategy review workshop early in the project, some
documents might not be fully completed or approved internally, which shouldn't be a
barrier to sharing the documents or to conducting the workshop. It’s more important
that project scope has been determined and that a conceptual plan has been
developed for how the solution will be validated.
If your project uses different ways to manage or track project information other than
the provided workshop templates, or if the project uses different documents or
terminology, then sharing the documents that fit the project’s approach and structure
is acceptable. Typically, the format isn’t critical if the information is readily available to
project members. If the previously listed information isn’t documented, or if it's
documented in a way that it isn't easily accessible, you should prioritize ensuring that
the relevant documents are produced.
We recommend that you use diagrams and visual representations to provide high-
level summaries, where possible. These diagrams, charts, and graphs provide a ready
means of communication across the team and with executives about plans and
designs.
Uwaga
The Test strategy review workshop is not intended to be an exhaustive review of all
detailed test cases and all testing that will be conducted as part of the project. The
assumption is that the implementation team will provide a relevant summary and
highlight key concerns and that solution architects will investigate potential problem
areas. The solution architect will suggest further in-depth workshops if additional
assessment is required.
The following sections explain the steps that are involved in conducting the workshop
and following up afterward.
The implementation team leadership should work with the solution architect ahead of
the workshop to shape the agenda and timings for the session. Depending on the
state and complexity of the strategy and readiness of the implementation team, the
review might require more or less time. While the baseline plan is to conduct the
workshop in two hours, that time can be adjusted to a certain extent to
accommodate the complexity and requirements of the project.
Time management in the workshop is important. Top priority for the workshop is to
get through the overall test strategy, which should be prioritized over going too in-
depth in any one area. If the conversation is becoming too extensive and you are
running out of time to cover the breadth of the test strategy, you should expect that
the solution architect will discontinue the detailed conversations for follow-up in a
further in-depth workshop.
Uwaga
During the workshop, you can expect that discussion will happen about the scope,
design, planning, and approach. As part of that expectation, the solution architect
might provide some guidance directly within the meeting. However, these sessions
are not intended to be for the solution architect to design the test strategy, but
rather, to review it. The provided feedback might alter the current plan or design, but
the detailed work in those areas will be carried out by the implementation team after
the workshop.
Challenges with the initial test strategy review – In rare cases, the Test
strategy review workshop is unable to cover all required information. The
reason could be major gaps or conflicts in the understanding of the
scope that need to be worked out by the implementation team, or it
could be a lack of a meaningful test strategy. In these cases, going
through the initial Test strategy review workshop early is valuable
because it highlights these issues so that they can be resolved, but it will
require the workshop to be repeated.
Significant scope change – Occasionally, an implementation is affected
by major changes in scope or approach. Following a significant change in
scope, it might make sense to reassess the test strategy.
Organizational changes – Periodically, organizations experience
significant change during the implementation. Events like mergers,
acquisitions, or divestitures can significantly impact the solution
architecture design and might necessitate reevaluation.
What is user acceptance testing used for when implementing a test strategy?
User acceptance testing is critical to ensure go-live sign-off and acceptance of the
new system post-go-live.
User acceptance testing is critical to ensure go-live sign-off and acceptance of
the new system post-go-live.
To make sure users can log on to the new system.
To have a signed contract that users will test the system.
To test if the system accepts existing users into the new system.
Summary
Completed100 pkt.
1 minute
Introduction
Completed100 pkt.
8 minutes
This module describes the data modeling strategy in Microsoft Dynamics 365 and
Microsoft Dataverse and then explains how the data model workshop will help verify
that a complete data model exists before configuration starts. The following sections
provide you with a basic overview of data modeling best practices and how they
relate to a Dynamics 365 project.
Data modeling has multiple types and standards, including Unified Modeling
Language (UML), IDEF1X, and others. Specific data model standards are beyond the
scope of this module, but data models for Dynamics 365 data structures generally fall
into two general categories: logical and physical.
Logical data models are high-level diagrams that show the way that data flows
through the system. These data models are frequently put together at the beginning
of the project during discovery and before all columns have been defined. Generally,
the logical data model diagram uses the business names of the tables, not the
schema/database name.
Physical data models
Physical data models are lower level than logical data models. They generally include
column-level detail and more precisely designed relationships. The physical data
model is created when the high-level logical design is translated to physical tables. A
common type of physical data model is an entity relationship diagram (ERD).
Data modeling best practices
Data modeling is a science, and data modeling professionals and established
standards exist for data modeling. To be effective with Dynamics 365 data modeling,
you don't have to be a professional data modeler or use special tools. Popular tools
like Microsoft Visio can be used to quickly create a basic ERD that visualizes the
relationships and flow of data between tables. This topic examines some general best
practices for data modeling for Dynamics 365 deployments.
Community tools that are available with the XrmToolBox help make it
easier for you to quickly generate ERDs of your Dynamics 365 and
Dataverse configuration. These tools include the UML Generator and
Entity Relationship Diagram (ERD) Generator. After you complete
configuration updates, generate an up-to-date ERD.
Don't include every table. Some core tables, such as activities, notes, and
users (record owners), are related to nearly every table in Dynamics 365.
If you include every relationship with these tables in your data model, the
result will be unreadable. A best practice is to only include the primary
tables that are used in the configuration in your data model diagram and
only include custom relationships with the user and activity tables to
maximize readability.
Start simple with the standard tables, and then add custom table
relationships to your data model.
User experience should influence your data model. Occasionally, it's easy
to over-normalize your data; however, in the process, you can make the
application more cumbersome to use.
Start with what you need now but design the data model in a way that
will support what you plan to do in the future. For example, if you know
that you'll eventually need to store more details about sales territories,
using a text field for territory now will make it more difficult to implement
than if you use the territory entity relationship. Plan ahead for what is
coming.
The next units will describe the recommended topics to be covered when you
conduct the data model workshop.
10 minutes
You can copy and paste the entity relationship diagram (ERD) in the entity
relationship diagram slide of the template. This presentation will provide the solution
architect with an overview of the customizations in the system and will help them
discover the design and implemented functionalities. Based on the information
provided, the solution architect will make a recommendation of identified areas of
risk or potential improvement.
Best practices that you should follow when using the entity relationship diagram are:
Where possible, avoid too many depth levels in a data model to avoid
complex queries.
Avoid data duplication; every piece of data should only have one
location. Rather than duplicating the same data between multiple tables,
functionality like quick view forms and displaying related table data in
views should be used.
15 minutes
This unit describes the standard, out-of-the-box tables that are used in the
configuration, along with custom tables and the purpose for which they are being
used. This information matters because Microsoft Dataverse has many common
tables and, as a general rule, a custom table should not be created if a standard table
already exists that addresses that purpose. The reason is because if you overload the
configuration with many redundant tables, you'll negatively impact the performance
of the system, ultimately making the system more difficult to use (many redundant-
sounding tables will confuse users in Advanced Find). Each custom table should
serve a specific purpose. This topic will also help you identify the most-used tables
and if you are at risk of overloading tables.
For industry-specific tables, consider using Common Data Model. In addition to the
metadata system, Common Data Model includes a set of standardized, extensible
data schemas that Microsoft and its partners have published. This collection of
predefined schemas includes tables, attributes, semantic metadata, and relationships.
Microsoft is working closely with representatives from various industries to make
Common Data Model more relevant to them by creating industry accelerators.
Automotive
Financial services (including banking and insurance)
Education (including higher education and K-12)
Nonprofit
Manufacturing
Media
Communications
When deploying Dynamics 365, you will frequently track multiple types of companies,
organizations, and contacts in the system. Some types represent customer/client
organizations, some might be support and advisory organizations, such as
accountants and legal firms, while others might be miscellaneous types of
organizations, such as trade associations.
To benefit from a standard integration with finance and operations apps by using
dual-write, your best option is to use the default tables and columns that are added
by the dual-write core solution to your Dataverse environment.
Another approach is to create custom tables for each type of company. One reason
that is commonly cited is that people might need to use accounts for another reason
in the future, so they don't want to customize the account table.
Before re-creating the account table as a custom company table, you should strongly
consider the options that you are giving up by creating a custom table, such as:
Multiple addresses - The account table has a unique address capability
that supports multiple addresses. The first two addresses are displayed
on the company form, but these address records live in the related
customer address table. While you can create a custom address table
that is tied to a custom company table, re-creating the unique logic
where the addresses are stored in the related table and are displayed on
the form means that table views would require development. If you need
multiple addresses, use the account table.
Marketing - Marketing lists can only work with contacts, accounts, and
leads, not custom tables. Microsoft Dynamics 365 Marketing can send to
accounts and contacts, but not custom company tables.
In almost every situation, the account table should be used for company records of all
types, with the following exceptions:
Minor types of companies that are not relational and have minimal
attributes. Think of a type of organization with no contacts and address
and that only exists for lookup purposes.
Unqualified or unverified companies that are imported from business
cards or web forms that you don't want to pollute the account table. For
these situations, you could use the lead table.
The following sections explain situations that you should consider before repurposing
system tables.
The future of Dynamics 365 is moving much faster than ever before, so using tables
in non-standard ways can cause problems if Microsoft changes the table that you are
using. Also, if you choose to repurpose a seldom-used system table, such as
contracts, you risk the chance that Microsoft will elect to deprecate that table in the
future. Custom tables aren't deprecated. Also, if you repurpose a system table, you
might have issues if you later need that table for its intended purposes. Scenarios
have occurred where customers have repurposed a case and, when they needed case
management at later time, had to address it with custom tables because the standard
case table was already used for dramatically different purposes.
Numerous system tables have certain columns that can't be removed from the forms.
For example, some columns on tables, such as opportunity, case, and campaign, can't
be removed from the form. While you can hide these columns, having several locked
columns on the form can add overhead to your environment configuration.
If your use case is less than 50 percent in line with the standard table functionality, a
custom table will typically give users a simpler user experience than scaling down a
more complex system table. It's also possible to add business process flows to any
table, including custom tables, which can make a custom table user experience as
good as, or better than, repurposing a system table.
Table configuration
Completed100 pkt.
15 minutes
The table configuration section of the template identifies details about design
decisions that influence the overall quality of the data model and helps to avoid
Common Data Model table configuration mistakes. You should provide answers for
the following questions in the template table configuration slides.
Rozwiń tabelę
Have you removed all unnecessary options All unnecessary options (such as notes and connections) should be cle
when creating a new table? creating a new table; otherwise, the options might create unnecessar
relationships that can impact the user experience. These options can b
Are you using out-of-the-box capabilities When you need columns such as Attendees, To, From, and Scheduled
instead of creating new columns (for example table should be used. Custom activity tables contain many default acti
“Sending email” or “Activity table” for party list From, and so on) that can be useful in specific scenarios. If you need t
support, and so on)? table record, enable it for emails so that an email address column is au
columns.
Do you use N:N relationships? Many-to-many (N:N) relationships are lightweight but limited in their
association between two records can be difficult to import.
Instead of N:N relationships, have you Instead of standard N:N relationships, an alternative is a bridge table,
considered bridge custom tables? table or a manual many-to-many relationship. Rather than using a sta
you can create a bridge table between the two related tables with a lo
references each side of the relationship. This approach enables the cre
the relationship that describe the relationship. Keep in mind that the u
complicated than a normal N:N relationship.
Do you take advantage of column mappings in When creating a relationship, you can specify column mappings to au
your table relationships? columns on the related table. This approach is useful in cases where y
values between parent and child records (such as automatically popul
contact when it's created from a parent account). However, this appro
create duplicate data for critical columns, and alternatives like quick v
considered for displaying read-only attributes from a parent on the re
record.
Do you use a single publisher for your Avoid having multiple publishers with the same technical name but w
customization and a custom prefix? the publisher of your project on a single environment and then deploy
environments with an unmanaged solution. If customizations come fro
with the same solution publisher (name and system name) then comp
columns, must also be truly unique (same GUID) to avoid deployment
schema name is used on the same column that was created separatel
solution import will fail when you import the column into the environ
Choice columns, custom tables, and localization
Choice columns are drop-down list columns that help standardize data capture in
Dynamics 365 and make searching for records much more convenient. If everything
used text columns, then you would eventually have dramatically different spelling and
abbreviations of the same values in multiple records, making reporting and usability
difficult. However, proper forethought is necessary to ensure that you are using
choice columns in an optimal manner. You should answer the following questions in
the choice columns, custom tables, and localization section of the template
document.
Rozwiń tabelę
Are you using custom tables to When defining a list of options from which a user can select, you have two options
replace choice columns? define a custom table to hold a list of records and replace the choice columns with
selecting between choice columns and lookup columns, consider the following fact
support translation for many different languages, allowing users to see values in th
(multi-select choice columns) can display multiple values in a single column or in a
columns can be deactivated, leaving the value on older records for historical purpo
can only be deleted. Custom table records that are used for lookup column options
and deleted by non-administrators. Choice column values need to be added or cha
and included in the application lifecycle management (ALM) practices in use. Choic
move with solutions, custom table records that are used in lookup columns must b
in each environment individually, or data migration processes must be established
in sync between environments. Custom tables are better suited for large option qu
provide more searchability than choice columns.
Do you use whole number Creating a whole number column with the language format option displays a list of
attributes of format language to provisioned for your organization. Using a language whole number column allows y
filter records based on the user’s on the current user’s language. The values are displayed as a drop-down list of lang
language? is stored as a number that uses LCID codes. Language codes are four-digit or five-di
ID values can be found on the Microsoft Locale ID Values page.
Security is covered in greater detail in the Review the security model for your
Dynamics 365 solutions module. For the purposes of this module, you will evaluate
the impact of data model design on the security model. You should provide answers
to the following questions in the Security, Relationships, and Performance section
of the data model workshop template.
Rozwiń tabelę
Question Why it matters
Have you considered using Generally, reference data does not require ownership if visibility for the record doesn'
user/team owned vs. specific users or groups. When in doubt, your best choice is to create the table with a
organization-owned tables? because you can always grant users organization-level access to these records. Choosi
the Organization ownership can't be changed, and as your company grows, you might
some records later. For this reason, the User or Team option should be selected becau
flexibility for future business changes.
Have you reviewed Relationship behaviors that impact security are: Assign (cascading – from parent to ch
relationships within your data from parent to children), Unshare (cascading – from parent to children), and Reparent
model and their impact on when child record is associated with parent, which is important for implicit sharing).
security?
Do you use field-level security? Field-level security is a good option for securing data in specific fields. However, overu
impact performance and add complexity to administration.
Have you considered moving Field-level security operates at a global level and is not sensitive to the User / Busines
sensitive data to a separate these columns are shared on a per-record basis), while using a custom-related table fo
table? additional flexibility to have different permission levels for sensitive data between bus
Do you track or have naming Columns that contain personal information must receive an extra level of attention to
conventions for sensitive data security regulations. One approach to managing personal information columns is
personal information columns? conventions for personal information columns, such as prepending “person” or “confi
schema name for personal information columns.
In this section, you can capture details about miscellaneous column types by
answering the following questions.
Rozwiń tabelę
Are you using alternate keys? Alternate keys allow the administrator to define composite keys, inc
from the table. Alternate keys enforce record uniqueness. Key value
increases search speed, and they make data import more efficient b
match for update based on the alternate key value. Be careful when
system that might break record creation logic that doesn't provide u
keys can be valuable for integration scenarios when you want to ben
capabilities: By providing the key, the system knows if it could create
existing one.
Are you using calculated columns? Excessive JavaScript, business rules, and plug-ins can degrade system
columns can calculate real time when data is viewed and can be mo
is only updated on retrieval, make sure that you don’t need real-tim
source values change.
Question Why it matters
Are you using rollup columns? When rolling up values from child records to parent, many custome
ins. This approach has an added overhead on performance when ov
rollup columns, you can avoid unnecessary plug-ins, simplify future
system performance. Keep in mind that rollup columns only calculat
default, so if you have rapidly changing data, standard rollup column
to-date information, so plug-ins should be used. However, by using
changing data, you will improve performance.
Have you verified that the min/max length or If the customer will be migrating or integrating Dynamics 365 data w
values of each of your columns was consistent need to verify that configured column lengths are consistent with d
with business requirements and with any data other systems.
integration or data mapping?
Have you considered using date only or time Default date column behavior is User Local. This option displays dat
zone-independent date columns? zone of the user who is viewing the record. This option is beneficial
specific time matters but it can cause issues for other types of dates
user local format. If the birthday is January 5 12:00 AM, a user in a ti
the record creator will see the date as the previous day at 11:00 PM
only the date value, and time zone-independent format stores the ti
correct date value.
Auditing
Rozwiń tabelę
Have you configured auditing? Many customers who assume that they have configured auditing don't truly have a com
Auditing is not enabled for tables by default. We recommend that you only enable audi
that you want to track. When tables are added, it might be easy to forget to turn on aud
data is deleted later, the administrator discovers that no audit logs exist, so it will be im
deleted the data.
Do you periodically delete Audit log data builds up to large volumes over time and should be periodically deleted t
audit logs? storage.
Do you have a process in Audit log data builds up to large volumes over time and should be periodically deleted t
place to periodically clean log storage.
data?
Do you have a process in Transactional data that is imported over many months can grow to large quantities, imp
place to periodically archive performance and increasing storage capacity costs. Data retention policies should be es
transactional data? actionable transactional data, and data outside of the retention period should be archiv
Question Why it matters
system. System bulk deletion jobs can be used to automatically delete records on a sche
Many Dynamics 365 deployments include integrations with other systems, which
extends the data model outside the walls of Dataverse. Many data migrations can be
replaced with more flexible options, which will reduce the size of the database and
improve system performance. Answer the following questions in this section of the
data model workshop template.
Rozwiń tabelę
Do you copy external data in Dynamics Data integration brings data into Dataverse and provides Dynamics 365 user
365 tables? system data. However, physical data integrations can have issues: Large data
integrations significantly increase the size and storage capacity cost for the s
migrations are time-consuming and can delay the deployment of the applica
migrations and integrations create duplicate copies of sensitive system data
compliance officers might disapprove of. Large and frequently running data
degrade system performance.
Have you considered using canvas apps Canvas apps from Power Apps can be embedded in Dynamics 365 model-dr
from Microsoft Power Apps to display 300 standard connectors and providing convenient wizards to simplify comm
external data? apps can also create records in other systems by using connectors, so they c
between applications without the need to physically copy data.
Have you considered using Power Apps Power Apps component framework controls allow administrators to replace
component framework to display custom controls and display external data.
external data?
Have you considered embedding By embedding Power BI tiles into your Dynamics 365 model-driven app form
Microsoft Power BI tiles to display ability to display data that is stored in other systems and filter it to be conte
external data? eliminating the need to copy data to Dynamics 365.
Do you use virtual tables? Virtual tables don't contain data; they connect to an external data source w
users as if it were in Dataverse. This data is available for views, subgrids, and
Currently, virtual tables only support reading data, and all virtual table data
users. If granular security is required, you should consider alternative option
Have you considered using Export to The Export to Data Lake service is a pipeline to continuously export data fro
Azure Data Lake or Data Export Services if Azure Data Lake Storage Gen2. The Export to Data Lake service is designed f
you need Dynamics data for external BI analytics by delivering scalable high availability with disaster recovery capab
purposes? Common Data Model format, which provides semantic consistency across a
Dynamics Export Service synchronizes Dynamics 365 data with an Azure SQL
for reporting on large datasets from Dynamics because limits are placed on
that can be reported by using direct query from Power BI when connecting
Question Why it matters
User experience
While the primary point of the data model is to understand how tables relate and
how data flows through the system, the data model needs to be influenced by good
user experience to achieve maximum user adoption of the system. The way data is
modeled in Dynamics 365 can deeply impact user experience and how hard or easy
the application is for users. Take the time to "clean" column and table data so that
users are not confused with the data to use. Answer the following questions in the
User Experience section of the Data Model Workshop.
Rozwiń tabelę
Have you excluded unused columns and Setting columns to be non-searchable will exclude these columns and r
relationships from search? the Advanced Find filter designer and help make finding information ea
quick search “Find” columns to only the most important columns will h
faster.
Have you prefixed unused columns (for Making columns non-searchable does not exclude them from view layo
example “ZZ column“) to make sure that they to simplify building views is to prefix the column display names with “Z
appear at the end of list? notation so that they fall last alphabetically and are unlikely to overwhe
Have you adopted a consistent naming When designing a data model, you should create consistent naming co
convention for metadata to simplify UX? consistent and understandable labels. This notion also applies to the co
are displayed for developers or users who are accessing data through A
Power BI).
Have you adopted a consistent procedure for When multiple teams or project streams work on a single implementati
managing metadata (such as adding new important that governance is in place to manage metadata to have a co
columns) to avoid conflicts and duplicates? avoid potential column duplicates.
At the end of the workshop, the solution architect should explain the next steps and
the actions that the customer and partner need to take. Explain that findings and
recommendations will be sent, and a follow-up meeting will be scheduled with the
customer to review status of follow-up items if needed.
Which two general categories do data models for Microsoft Power Platform and
Dynamics 365 data structures typically fall into?
Because account and contact system tables are easily re-created, is it a good
idea to re-create them across several custom tables to get exactly the system
that you need?
Which of the following questions is not a consideration when you are capturing
details about auditing settings in a customer’s environment?
Introduction
Completed100 pkt.
5 minutes
The Business intelligence and analytics design workshop allows you to spend time
reviewing the overall business intelligence and analytics planning, fit-gap analysis,
design blueprint to provide guidance on maximizing the use of standard features,
alignment to product roadmap, and general design guidance. This workshop isn't
intended as a fit-gap review. The expectation is that fit-gap analysis and initial
consideration of solutions for every scenario will be completed prior to the workshop.
Uwaga
Not every project will need the Business intelligence and analytics design review
workshop.
The goal of the Business intelligence and analytics design workshop is to ensure that
the Business intelligence and analytics solution design is well understood, planned,
and that appropriate solution strategies and technologies are used. You can complete
the design by collecting insights on the implementation activities, reviewing the
current planned solution design, and raising recommendations, risks, and issues that
are related to the plan and solution strategies.
The purpose of the Business intelligence and analytics design workshop is as follows:
The Business intelligence and analytics review is a workshop that can be conducted in
person or remotely. The following sections cover the two top-level topics for the
Business intelligence and analytics design workshop and provide a sampling of the
types of questions that are covered in each section.
Design blueprint
Work stream information
Project plan
Reporting fit-gap analysis
Each of the preceding areas will have questions that are related to these aspects of
the reporting solution, including:
Self-service reporting
Operational reporting
Data security
Strategic reporting
Regulatory and finance reporting
Printing strategy
Each of the preceding areas will have questions to help you review these aspects of
the reporting, including:
Additionally, the solution architect will prepare in advance for the workshop by
reviewing existing project artifacts. Helpful project artifacts for this workshop include:
The Business intelligence and analytics design workshop will be facilitated by the
solution architect, but the expectation is that the implementation team will present
the information. An owner within the implementation team should be assigned for
this workshop. At the beginning of the session, that owner should present an
overview of the scope and plans, including designs that apply to that aspect of the
solution. The team should plan for that summary to take between 25-50 percent of
the allotted time, but no more. The remainder of the time should be reserved for
questions and answers with the solution architect.
Porada
The implementation team leadership should work with the solution architect ahead of
the workshop to shape the agenda and timings for the session.
The findings document will be distributed to all stakeholders, and a meeting will be
held to review the findings in detail. The document will go to the implementation
leadership and executive sponsors in both organizations. Occasionally, these finding
documents can be lengthy, in which case, an executive summary that highlights key
and critical findings is provided for better consumption by executives
When the Business intelligence and analytics design workshop has been conducted
and the findings have been reviewed, those items that have been identified as risks
and issues, and their associated action items for mitigation and resolution, will be
managed to completion as part of the overall engagement.
Identified issues will often have an impact on the ability to successfully go live. These
issues will need to be resolved prior to the go-live readiness assessment and the
deployment of a production environment.
Which of the following options is not part of the solution strategy for business
intelligence and analytics?
Data security
This option is part of the solution strategy for business intelligence and
analytics.
Strategic reporting
Printing strategy
Success by Design planning review
This option is not part of the solution strategy for business intelligence and
analytics.
2.
Who should facilitate the Business intelligence and analytics design workshop?
Solution architect
The solution architect will facilitate the workshop.
Customer’s CIO
Functional consultant
Project manager
3.
In which phase of Success by Design should the Business intelligence and design
workshop be conducted?
Design
The Business intelligence and analytics design workshop should be conducted as
close to the beginning of the design phase because you have already collected
the requirements and started planning solution strategies.
Build
Initiate
Deploy
Introduction
Completed100 pkt.
3 minutes
The purpose of this module is to spend time reviewing the top gap solutions for
high-impact, high-risk extensions to provide:
This workshop isn't intended as a fit-gap analysis. The expectation is that the initial
approach to a solution for every scenario is completed before the workshop.
The workshop is designed to ensure the gap solution design provides a good
approach and plan to deliver a well-defined, well-tested, reliable, and safer solution.
You can prepare for the workshop by:
The following sections cover the top-level aspects of the gap solution design and
provide a sampling of the types of questions that are covered in each section.
Top gaps
The Top gaps section is intended to provide an overview for the primary critical gaps
that the team has identified and get an understanding of the proposed solutions to
fill those gaps, including the related business processes that those solutions will be
supporting.
What are the business requirements that need to be met with the gap
solution?
What's the business process or processes that the solution will support?
What's the approach to fill this gap? What are the solution details?
Do certain risks need to be considered with this approach?
Do dependencies exist on other solution components?
Do performance impacts need to be considered?
Do storage impacts need to be considered?
Does the solution add complexity to the business process?
What other solutions have been considered, if any?
You'll go through these questions for each gap that the team has identified for
review. This process will help ease the conversations that are necessary to assess each
gap solution and determine the best approach.
Typically, the Gap solution design workshop takes approximately one to three hours
to conduct. The time might vary based on the level of detail that is available for
review. The solution architect will work with the implementation team leadership to
plan the workshop based on the specifics of the solutions that are being reviewed.
Essentially, the Gap solution design workshop is a discussion. It's not intended to be a
questionnaire that can be completed and reviewed in an offline mode. While the
prerequisites are defined and provided in advance, it's not possible to encapsulate
the breadth of directions in which the conversation might lead.
The solution architect will prepare in advance for the workshop by reviewing existing
project artifacts ahead of time. Helpful project artifacts include:
This list isn't exhaustive of project deliverables, but it's a good starting point for the
gap solution design. The formats, composition, and names of each deliverable might
vary from one project to the next. Format isn't the most important concept; it's the
information that is available and agreed upon across the team that is essential.
It's acceptable if your project uses different ways to manage or track project
information other than what is previously listed. Typically, the format isn't critical if
the information is readily available to project members. If the information from the
preceding list isn't documented on your project, or if it's documented in a way that
isn't easily accessible, you should prioritize getting the relevant artifacts produced.
Porada
We recommend that you use diagrams and visual representations to provide high-
level summaries, where possible, in the implementation. These diagrams, charts, and
graphs provide a ready means of communication across the team and with executives
about plans and designs.
The solution architect facilitates the Gap solution design workshop, but the
expectation is that the implementation team presents the gap solution information.
Each gap solution should be assigned to an owner within the implementation team.
At the beginning of the workshop, someone from the implementation team should
present the overview or summary of the top gaps, including the solutions that have
been proposed for each gap. This overview shouldn't take more than 10-15 percent
of the overall time for the workshop. It should only be presented at a high level
because each gap solution will be discussed in detail in the later topic areas.
Following the overview of the top gaps, the implementation team should present
each solution gap separately and allow time for discussion among the group. After
participants have discussed all gap solutions, the rest of time should be reserved for
questions and answers with the architect.
An expectation should be set that, during each session, discussion about the scope
and approach will occur. As part of that expectation, the solution architect might
provide some guidance directly within the meeting. However, these sessions aren't
intended to be design sessions but rather review sessions.
The provided feedback might alter the current plan or design, but the
implementation team will carry out the detailed work in those areas after the
workshop.
The findings document will be distributed to the customer and partner organizations,
and a review meeting will be held to assess the findings in detail. The document will
go to the implementation leadership and executive sponsors in both organizations.
Occasionally, these finding documents can be lengthy, in which case, an executive
summary that highlights key and critical findings is provided for better consumption
by executives.
After you conduct the Gap solution design workshop and review the findings, identify
items as risks and issues, and their associated action items for mitigation and
resolution, manage them to completion as part of the overall engagement.
Issues that are identified often affect the ability to successfully go live. Resolve these
issues before the go-live readiness assessment and the deployment of a production
environment.
You can manage risks and their associated recommended mitigation according to the
overall strategy of the project. But they'll be monitored throughout the project. Risks
that aren't mitigated might be realized later as issues that could also affect the go
live.
The purpose is to design solutions to fill the identified gaps in the current plan.
The solutions should have already been designed before the workshop.
The purpose is to review the top gap solutions for high-impact, high-risk extensions
to provide guidance.
The workshop is designed to allow time to review plans that have already been
made.
The purpose is to identify gaps in the solution.
The purpose is a detailed planning of the architecture of the proposed gap solutions.
2.
Which of the following options isn't considered a typical participant in the Gap
solution workshop?
Technical architect
The technical architect is an important participant in the workshop.
Development lead
Solution architect
Business decision-maker
The business decision-maker isn't typically part of the Gap solution workshop.
3.
While you're evaluating the proposed solutions to fill gaps, which of the
following factors should you consider?
Introduction
Completed100 pkt.
2 minutes
This module explains the data migration strategy in Dynamics 365 and Microsoft
Dataverse. Additionally, it describes how this workshop will help validate a data
migration strategy.
The Data migration strategy workshop can help to ensure a successful migration to
Dynamics 365. You will start with a basic review of data migration and will then learn
about best practices and how data migration relates to a project.
Data volume
In the Data volume section, you should validate that the volume of data that is being
migrated has been assessed. For a successful data migration, it is crucial to have a
clear picture of the number of records that are being migrated from legacy systems
into the new environment. In scenarios where you are migrating high volumes of
data, knowing in advance the number of records that are involved, and
understanding how the tool works, will save you time.
Tooling
The Tooling section is about the tools in use and about understanding the plan for
using them. Different approaches and different stages are available to use, such as
copying/synchronizing data between legal entities and copying data between
environments. Make sure that you discuss how data will be extracted, transformed,
and loaded back into the system.
Performance
The Performance part of the data migration process is related to a better quality of
data, faster cycles, and eventual, achievable cutover timing. As such, it is important to
determine the best setup, technical and functional, for performance improvement
and to conduct multiple rounds of tests to validate that setup.
This topic focuses on answering questions, such as:
What are the characteristics of the environment that is planned for data
migration?
Does the data migration plan include non-functional requirements?
Has performance-related setup been considered and planned?
Data validation
Data validation is a mandatory step to ensure that migrated data is complete and
aligned to the business requirements. The data validation must be well documented,
with all necessary criteria defined.
This topic focuses on answering questions, such as: What is the plan to validate the
data after migration (data quality, data formatting, and so on)?
Testing
Testing the migrated data is essential to the entire data migration process. The aim is
to ensure that the testing is thoroughly documented, that unit tests exist, and that
the results are accounted for and transferred to the next data migration cycles.
The Data migration strategy workshop typically takes approximately 1-3 hours to
conduct. The time might vary based on the complexity of the project, the scope of
the migration, and the challenges that are encountered throughout the
implementation.
Prior to the Data migration strategy workshop, participants should be as familiar as
possible with the structure of the workshop and the types of topics and prerequisites
that will be covered.
Uwaga
Having the following project artifacts ready would enrich the exchanges during the
workshop:
This list is not exhaustive of project deliverables, but it is advantageous to share these
or have them ready to show during the Data migration strategy workshop.
The Data migration strategy workshop will be facilitated by the solution architect who
will frame the discussions, but the expectation is that the implementation team will
present the data migration information.
Each section of the agenda should be assigned an owner within the implementation
team.
Preparing and completing the presentation template for the workshop will allow for
richer discussions that often result in clear adjustment actions to take. A main goal of
the Data migration strategy workshop is to reflect on the entire strategy and then
determine the necessary adjustments to make to avoid identified issues or risks. It is
important to arrive to the sessions with a growth mindset, which encourages candid,
constructive, and honest exchanges.
Throughout the sessions, we recommend that you note the identified actions by
using the dedicated PowerPoint presentation slide (for example). This approach will
allow the implementation team to follow up with the relevant attendee(s) and
respond in the most efficient manner, based on the related subject.
The final presentation, including the actions that are listed during the session, should
be distributed to all parties who participated in the workshop, including the
implementation leadership and the executive sponsors in both organizations. This
approach will ensure that everyone is in alignment on the items that were discussed
and on the following adjustment actions to take.
Data migration is a topic that will be discussed in several different phases of a project.
The plans will likely fluctuate as you learn more about the idiosyncrasies of the
different data for the project.
Ukończono moduł:
In which one of the following Success by Design phases should you review data
migration plans?
Implement
Data migration is a topic that will be discussed in several different phases of a
project.
Prepare
Initiate
All phases
Data migration is a topic that will be discussed in several different phases of a
project.
2.
Which one of the following performance metrics is not affected by your data
migration strategy?
Quality of data
If your data migration is prone to errors, your data quality will suffer.
Faster cycles
On-going, round-trip server return times
While you should be aware of all aspects of a user’s experience, this metric is
not one that is generally influenced by data migration.
An achievable cutover timing
3.
Which one of the following options is not a workshop topic that is discussed
during the Data migration strategy workshop?
Connectors
Connectors might be discussed as they pertain to the other topics, but they are
not a topic of discussion specifically.
Data volume
Testing
Performance
Introduction
Completed100 pkt.
30 minutes
To ensure that the customer's deployment of Microsoft Dynamics 365 is more secure,
the solution architect should plan and deliver a Security model workshop. The
workshop's goal is to evaluate the proposed security model and provide feedback
and recommendations that highlight the technical risks and issues and then identify
best practices.
The Security model workshop should be scheduled and completed during the
implementation phase of the project. It should provide a summary of all security-
related areas that were previously discussed during prior workshops.
You can download examples of templates for each module workshop and use them
when you conduct these workshops for solutions.
The correct security strategy balances legitimate security requirements with the need
for system access and cross-business collaboration. When implementing Dynamics
365, you need to balance two concerns: user access and system security.
From one viewpoint, the concern of data and system security is important. Your data
drives your business. Your customers, your orders, the contact information for key
business contacts are items that you don't want to fall into the hands of a competitor.
With regulations surrounding personal data, your company could be liable if a data
breach impacts personal data.
Alternatively, you have system usability and user adoption concerns. A main reason
for implementing Dynamics 365 is to increase visibility and sharing of business data
between groups, including elimination of data silos in your organization. By giving
visibility to contacts and accounts across your organization, teams can effectively
collaborate rather than compete, which helps ensure that you have one version of the
truth when it comes to master contact and account information. If you go too far in
either direction, you risk failure of your implementation.
If you're too lax with security, users can change data that they shouldn't be able to
change, thus polluting the single version of the truth and creating a perception that
the data in the system isn't reliable.
If too stringent in your security, and if you lock down everything so that users can
only see a small subset of the records in the system, you will diminish the value of
Dynamics 365 as a collaboration tool. Then, by design, you will revert to the old data
silos, only in a different location.
While everyone's security strategy will be slightly different, the following guidelines
might be helpful for your implementation.
To maintain good data quality, limiting who can edit or delete records is a good idea,
such as limiting edit or delete rights to only owners of the records. Frequently, it
makes more sense to be less restrictive about what records other users can read. This
approach preserves the usability of Dynamics 365 and allows users to maintain
context about how their records relate to other records, such as parent accounts.
However, the approach removes the risk that users might, by malice or mistake, edit
or delete records that they don't own.
Simplify
Many tools are included in the Dynamics 365 security toolbox; however, before you
decide to use all of them, consider how simple it might be to manage the security
model long term. If the administrator needs to remember to assign four different
roles to a new user, and then add them to multiple teams for the security model to
work, the customer is unlikely to be able to maintain the strategy long term. The
solution architect should consider the impact of the security design on user
experience. Additionally, they need to determine how complex the management of
the security strategy will be for system administrators. The best security strategies are
simple, well documented, and reproducible. For this reason, using features like Active
Directory security groups is a great idea for larger more complex deployments
because the role, team, and business unit assignment can be automated, and the
chance of human error is minimized.
Make sure to determine whether your decisions about security design are deriving
from a position of fear or from a legitimate business concern. If from fear, perhaps
the decision is being driven by a mistake that someone has made in the past. Fear is
never a good design motivation, especially fear of your employees. You trust your
employees to do their jobs, represent your company, and sell your products.
Occasionally, overly stringent security design indicates fundamental trust issues
between management and employees.
For example, when you have a smaller user base, a single business unit design can
work well. However, if your user base grows and encompasses multiple departments
with diverse requirements, you might need to add more units to scale your
deployment to a larger user base. No absolute rule has been established; the best
practice is to periodically review security strategy and design, evaluate its strengths
and weaknesses, and then identify areas for improvement. For this reason,
documenting the security model as part of the Success by Design framework is
important because it creates documentation that can be revisited intermittently by
the customer and consultant and then updated as security requirements change.
As the customer or partner designs their table structure, they need to keep their
security strategy in mind. Table configuration supports your security strategy. For
example, if tables are created with organization level ownership, the customer will be
unable to restrict table record access by ownership or business unit. Even if you don't
have plans to restrict access to the table, it's a best practice to always select user or
team ownership, unless the table will be used only for cross-company reference data,
such as feeding a lookup list. Also, keep in mind how security of one table should
affect related table security. If access to a parent record should cascade to the child
records, you will want to use parental or configurable cascading relationship types.
Security at the platform layer, not the app layer
Numerous ways to control reading and editing data are available. You can set fields
to read-only on your model-driven form, use JavaScript to mask fields from the user
experience, and hide fields from forms and views. None of these approaches are
considered security because, while these approaches guide user behavior, they don't
secure the data. Users can get to the data in other ways. For real security to occur,
you need to use security features like roles, teams, and business units.
Dynamics 365 provides several tools that you can use collectively to meet almost any
security requirement. This section briefly covers the primary tools that are available to
a solution architect to deliver a comprehensive security model.
Business units
The capability of business units comes from the hierarchical nature of the business
units. Users can be given access to records only in their business unit, or they can
have access to their business unit and the business units below their unit. For
example, the hierarchical nature of business units can allow you to limit access to
records at the site, district, region, and corporate levels.
Records are tied to only one business unit through their owning user or
team.
Business units can be moved in the hierarchy, but the root business unit
can't be reparented.
Security roles
Security roles determine the permission level that users have within the entities in the
organization. Security roles can be assigned to the users or teams. Security roles
determine which entities that the user can access, which records within the table they
can act on, and what permissions that they have with those records.
When assigned to a user or a team, the security role always applies within the scope
of the business unit of the user or team. Therefore, if a user inherits a security role
from a team, the privileges that are granted by that security role will apply in the
scope of the team's business unit, not the user's. This approach can be useful to
extend the access rights scope of a user to other business units. For example, using
the preceding business unit diagram, a user from the Chicago Office business unit
can be added to a team that is linked to the Atlanta Office business unit, and they can
be granted read rights to the business unit's records.
Teams
Teams is another way of grouping users and can play a role in your security strategy.
Multiple types of teams are available in Dynamics 365:
Owner teams can be assigned security roles and can be used as record
owners in Dynamics 365. When a user is added as a member of an owner
team, they inherit from the team's security role, but the role applies in
the context of the team's business unit. Owner teams can be useful when
you are linking a record to a specific business unit.
Microsoft Entra ID security group teams are similar to owner teams, but
they are linked with a Microsoft Entra ID security group. Users who are
added to the Microsoft Entra ID security group with a Dynamics 365
license are automatically enabled in the system, and they are added to
the linked Dynamics 365 team when they connect to the environment.
This feature is useful when you are managing user access rights outside
of Dynamics 365 because users can inherit the security roles that are
assigned to the Dynamics 365 teams.
Access teams are special types of teams that can't own records and can't
have security role association. However, like owner teams, access teams
can have shared records with them. When enabled at the table level,
access teams can grant specific record level permissions to the member
of the record's access team. This option is an alternative to manually
sharing the record with a user or a team. For entities that are configured
for access teams, creation of these teams is automated by using access
team templates.
When assigning a security role to an owner team (including Azure AD security group
teams or Microsoft Entra ID Office group teams), its member's privilege inheritance
setting should be checked to ensure that it's set properly. This setting can allow users
who are members of the team to inherit user-level privileges, as if the security role
had been directly assigned to them. This feature is useful when you are allowing users
to own records in their name, even though they don't have a security role directly
assigned to them. For example, with this setting, users can own personal views. With
owner teams, security roles don't need to be granted directly to individual users,
which helps reduce administration effort.
Hierarchy security
Hierarchy security can be used to grant visibility for user-owned records to that user's
management and higher levels of the hierarchy. For example, if a sales manager with
a team of five people needs to see records that are owned by someone on their
team, hierarchy security can provide that access. Hierarchy security supports two
different hierarchy models:
Field security
Field security allows you to secure data at the field level, such as when certain users
need to view or edit a record but shouldn't see specific details. This feature is
important in situations where data needs to be truly secure because it's secured at
the platform layer. Essentially, whether a user signs in to a model-driven app or a
canvas app, exports data to Microsoft Excel, or runs a report, field security profiles will
secure the data.
After a user has been granted access (for example, read) to a set of secured fields
through a field security profile, they're granted access to those fields on all records
that they have access to with their security configuration or through sharing.
Sharing
Sharing allows specific record-level access to be granted to specific users and teams.
Use of sharing should be limited to handling exceptions, when possible. Previously, it
was common to use and automate record sharing for complex record access
scenarios. Sharing can be a beneficial approach because it gives administrators and
users, who have the appropriate permissions, the ability to grant specific permissions
to specific records and it is useful for handling exceptions to the rule. For example, if
you need to have Salesperson A handle Salesperson B's accounts while they are out
for a month, sharing can help you accomplish that task. Sharing can also be
automated, meaning that if you need a specific condition to automatically share
records with a user or team, simple plug-ins, workflow assemblies, or ETL tools can be
used to do that. This feature has been the answer to many Dynamics 365 customers'
challenging security requirements in the past.
While sharing is a useful feature, it also creates multiple potential issues, including:
Can't make it right - After the customer uses the system for a year or
two, they might find that it has become inaccurate or out-of-date. They
might also decide to make a wholesale change to their sharing strategy;
accordingly, they want to run a batch job to set and update all records
with the appropriate sharing permission. No simple method exists for
completing this task with sharing.
Alternatives to sharing
Steps that you can take to avoid issues with sharing include:
Use team ownership - With team ownership, you can assign records to
teams of users in multiple business units.
Share with teams, not users - If you share a record with 10 users, 10
POA records will be created, times 10 POA records for each child
cascading shared record. If you share the record with a team that has 10
users, only one POA record is created (along with one POA record for
each cascading share). This approach will help reduce the size of your
POA table dramatically. If you want to remove a user's permissions, you
can remove them from the team.
Use access teams for controlled sharing - Use this approach if you
can't create owner teams but still want to be able to grant special access
to specific records to specific users. In this scenario, you want to give
certain users access to only read the record, while you want other users
to be able to read or write to the record. Access teams can handle that
situation, and you can have multiple access team templates, one for read
and one for read/write. Access teams are designed with performance in
mind, so they don't actually create the team and share the record until
you add the first member of the team. When a record is shared with an
access team, a record is also created in the POA table.
The following scenario explains how these tools can be combined to provide a
comprehensive security model. In this example, Contoso LTD is a consumer products
company that wants to ensure that users have access to information that is necessary
for them to do their job while protecting sensitive data. By combining the security
tools in Dynamics 365, the company can address each of the following scenarios.
Bob
Field-level security prevents Bob from seeing sensitive information on a record, and
team or business unit security limits their view to only the company's issues.
Manufacturing engineer
Shouldn't be able to see the email and mobile phone of the client
Amy
Business unit security means that Amy can see records that are owned by someone
else in the division, but that Amy can't see or edit records in other divisions.
Should be able to see customer information and case history for clients
that use her division’s products
Roy
Hierarchical security enables Roy to see records that are owned by their direct or
indirect reports, but not other users.
Sales manger
Linda
Linda’s security role provides organization-wide visibility for data in Dynamics 365.
General manager
Needs visibility for all customer data and related issues
The security details from the Solution blueprint workshop template should be
referenced in preparation for the Security model workshop.
50 minutes
This unit focuses on the recommended topics that should be covered in the Security
model workshop.
Next, answer the question of how you are managing access to records. This
information is helpful to know if specific restrictions are in place on data (such as
salespeople only being allowed to view their own customer data) or if other special
data access information will impact the security model. In addition, this section can
include technical details, such as the requirement to have multifactor authentication
to access system data.
Basics
Two slides in the template cover basic information about the security model. The
following questions are included on these slides.
How many users do you have (target)? - The number of users has a
significant impact on the scalability of your security model. For example,
if the customer is relying on sharing records to provide access, they
should be aware of the potential performance impact when many records
are shared between many users. Some security models that are
acceptable for small user counts become unsuitable as user count grows.
For that reason, it's important to consider current and expected future
user growth.
Remind the customer that new permissions are frequently added to the
standard security roles by using regular application updates, and these
new permissions aren't automatically added to existing custom security
roles. If custom security roles are used, someone will need to remember
to identify the newly added permissions and update the custom security
roles following each update to ensure continuity of system access after
updates.
One popular strategy is to use a base role, which provides the baseline of
functionality that is needed to sign in to the application and all tables
that are available to all users. Next, supplement that role with extra roles
with the role-specific features that are needed by that role.
For example, if all users need to read accounts, but only the sales
managers should be able to create new ones, your base role would
contain organization level account read permission, and the sales
manager role would only include account create permission. Then, if a
new feature was added that all users need, it can be added to the base
role only.
Creating roles at the root business unit level makes the role available to
all business units, while child-level business unit roles are only available
at a single business unit level. If you have a business unit-specific role,
when you move a user to another business unit, that role won't be
available. Otherwise, you'll have different versions of the same role at a
different business unit, making the system difficult to administer.
What's your strategy to update the security roles as you roll out new
tables and functionality? - In a rapidly changing environment with
continuous development, it can be easy to forget to update roles, or only
test with system administrator access, and miss updating security roles to
include the new functionality. The customer's strategy should include a
process for updating security roles and testing with each persona's role
mix whenever a new configuration release is rolled out.
The reasons why you should ask for the preceding information from your attendees is
because:
It's rare that one security pattern suits all user needs and roles. You need
to understand how many different patterns you will need to implement in
the project.
Business units
In this section, you will provide a description of the hierarchical structure of the
customer's internal organization and the business unit structure in Dynamics 365.
Some relationship should exist between the business unit structure and the
organization structure, but the business unit structure shouldn't be as granular as the
organization structure. Though two groups are in different divisions of the company
doesn't mean that you'll need to restrict visibility of records between the two groups.
Frequently, multiple departments can share the same business unit.
Use a tool like Microsoft Visio, or some other visual diagram/charting application, to
create a visual representation of the structure. If you already have a document that
visualizes the organizational hierarchy of the company, you can paste a screenshot of
that diagram in the document.
Be aware of two potential issues: too many business units or not enough business
units.
When you move a user from Business Unit One to Business Unit Two, the business
unit association of every record that the user owns will change. This factor can cause
some surprises to other users who are members of the user's original business unit, if
they have business unit level read permission. The records that are owned by the
moved user will no longer be available to them, but if they own child records of those
records, like activities, it could cause odd scenarios to occur. Also, if the user owns
many records, moving users between business units can be time-consuming.
Another potential impact from large quantities of business units is extremely slow
security role updates. Each role isn't only one record. A copy of each role is added to
each business unit. Therefore, if you create thousands of business units, making a
small change to a security role could take hours.
A good practice is to keep your business units to a minimum. Use only the minimal
number to facilitate true business unit security requirements. For more granular user
segmentation, consider the use of teams. Teams are more flexible, they can be used
to control security access to records, and users can be members of multiple teams.
If you're implementing for a single group, it's common to only want to use the root
business unit for all users.
While the "keep it simple" approach is great, a strong possibility exists that the
customer might, at some point, have some pieces of data that they want to keep
secret from a subset of users.
The CEO decides to track emails and doesn't want everyone to read
them.
The VP of sales discovers several contacts in their address book that need
to be in Dynamics 365 but are better kept private from the rest of the
company.
Moving people between business units is difficult, and it's a process that you'll want
to do only when necessary. If the customer starts with all users in the base business
unit, if a change develops that requires a subset of data to be separate, the customer
will have to relocate many or all existing users because the root business unit can't be
reparented.
To guard against this eventuality, it might be a good idea to initially create one child
business unit and then put all users in that business unit. If your business changes to
require further segmentation of data, this approach will help simplify those changes
because the business unit with the bulk of users can be reparented, or selected users,
like the CEO, can be moved to the base business unit. A full-scale business unit move
of all users can be avoided.
Teams
The Teams section of the Security model template captures details regarding the
planned use of team records for security in Dynamics 365.
Some downsides and risks are associated with team ownership of records
that you should be aware of. Generally, it requires automation to be
consistent and user-friendly. Some features, such as goals and
forecasting, rely on user ownership of records. Also, the ability to
reassign a user's records in bulk (for example when a new salesperson
replaces a retiring salesperson and inherits their customer portfolio) isn't
available for owner teams.
In this case, the access team should be used because the mix of
individual people is different on each record and security access is
needed for the members of the team. You can automate access team
membership by using approaches like integration, actions, or plug-ins.
One challenge is that access team template records aren't solution aware,
meaning that they can't be added to solutions. When customizations are
moved between environments, the access team template will need to be
moved or manually recreated in the target environment. If you're
automating an access team membership, the templates must have
identical GUIDs across environments, as they're referenced in your logic.
Multiple approaches are available for you to use to migrate access team
templates, including the configuration data migration utility, ETL tools
like Scribe or SSIS, or utilities in the XrmToolBox.
Do you have requirements that didn't fit into the standard model? -
Identify non-standard security requirements. In the findings and
recommendations section, recommend approaches to standardize non-
standard requirements.
While it's easy to adjust a user's business unit, teams, and roles, it can be
complex to do a data migration on custom sharing rules after a
reorganization.
User interface
Many components of Dynamics 365 are security role enabled, meaning that access to
that item can be limited to one or more security roles. This feature is important
because different users require different experiences while using common tables, and
by limiting access to app components that aren't needed by users, you will provide a
simpler, more tailored experience for the user.
Model-driven apps
Dashboards
Forms
Document templates
In this section of the template, you will identify if roles are being used to simplify
access to these areas.
Security roles and table privileges can be used to tailor and trim the
experience for your users.
The fewer elements that users see, the easier the experience will be.
Have you considered the impact of your data and security models on
the POA table? - Excessive sharing leads to a large POA table and can
degrade system performance.
While a user might have access to all records from a security standpoint,
you should customize system views that will filter the number of records
to only present what is relevant to their work.
Security testing
The security model is composed of multiple parts working together, and it has
multiple areas where it could fail. In this section of the template, you will review the
approach that will be used for testing security, identify the ongoing plan to monitor
access to Dynamics 365, and ensure that the design of security roles is well
documented and will be simple to maintain long term.
In the security testing section of the Security model template, answer the following
questions.
Do you have the security matrix Excel sheet with access levels and
privileges defined by your business or customer? It's important to have
some documentation of security design outside of the Dynamics 365
security role in case someone changes the security role in Dynamics 365
and you want to remember how it was designed. This document can be
an Excel spreadsheet that indicates the appropriate permission level by
table.
Do you have test cases around the security matrix for all security
roles? - The customer's security requirements likely came from the
requirements that were gathered during the previous workshops in the
project, and these requirements create the basis of security test cases.
Each security restriction should have a test case and be tested thoroughly
before go live. Then, the restrictions should be tested in the context of
each impacted security role or persona.
It's important to be aware and cautious that, though the Export to Excel
privilege might prevent some users from easily downloading data off
Dynamics 365 with the Export to Excel button, whoever has a read
access to a record can access that data through APIs and ultimately
export it.
If your users inherit their security roles exclusively from teams, have you
considered using the Inheritance to direct user setting on security
roles? When you are assigning a security role to an owner team
(including Microsoft Entra ID security group teams or Azure AD Office
group teams), its member's Privilege inheritance setting should be
checked to ensure that it's set properly. This setting can allow users who
are members of the team inherit user-level (and not business unit-level
or higher) privileges as if the security role had been directly assigned to
them.
This feature is useful in allowing users to own records in their name, even
though they don't have a security role directly assigned to them. For
example, with this setting, users can own personal views. With owner
teams, security roles don't need to be granted directly to individual users,
which helps reduce administration effort.
Security monitoring
In this section of the template, you will review the customer's strategy for monitoring
appropriate access rights and will identify misuse of the application. If activity audits
are enabled in Dynamics 365, many user activities are logged in the Microsoft 365
admin center. By using these logs, you can identify unusual or potentially malicious
activity in the system, including common actions such as:
Standard audit logs monitor when users access the system. Tools like Microsoft
Power Automate can alert you when certain activities happen, and Microsoft Entra ID
can alert you when people outside of the usual geographies attempt to access the
system.
In this section of the Security model workshop template, you will summarize the
strategy for monitoring and alerting abnormal behavior and plans to regularly verify
user permissions in Dynamics 365.
Do you integrate with Microsoft Power BI? If yes, how are you
addressing security in Power BI versus security in Dynamics 365? -
When Power BI is reporting directly from Dataverse by using the
standard Microsoft Dataverse connector, it reflects only the data that the
user has access to in the system. However, if that Power BI report is
shared, other users with whom the report is shared will see the data from
the report owner.
Ukończono moduł:
During what phase of Success by Design should the Security model workshop
be scheduled and completed?
Initiate
The Security model workshop should be scheduled and completed during the
implementation phase of the project. It should consist of a summary of all of
the security-related areas that were discussed during prior workshops.
Implement
The Security model workshop should be scheduled and completed during the
implementation phase of the project. It should consist of a summary of all of
the security-related areas that were discussed during prior workshops.
Prepare
Operate
2.
Does security only need to be reviewed at the user level because team and
business unit security is set automatically and shouldn't be updated?
Dashboards
Items in Dynamics 365 that can be role-enabled include model-driven apps,
dashboards, forms, business process flows, site map subareas, command bar
buttons, and document templates.
Business process flows
Site map subareas
Command bar buttons
All of the above
Items in Dynamics 365 that can be role-enabled include model-driven apps,
dashboards, forms, business process flows, site map subareas, command bar
buttons, and document templates.
Introduction
Completed100 pkt.
2 minutes
finance and operations apps has an array of security and configuration options to
help keep your sensitive data safe, users focused on their roles, and the system as
streamlined as possible.
Knowing how to implement different security options will help companies cover their
security requirements. When you understand the security architecture of finance and
operations apps, you can more easily customize security to fit the requirements of
your business.
When you understand the security architecture of finance and operations apps, you
can more easily customize security to fit the requirements of your business.
In this lesson you will learn about:
Security architecture
Role-based security
Duties
Privileges
Permissions
Authentication
Authorization
Auditing
The system architecture of finance and operations apps uses the stack of features
within Microsoft Azure. This allows finance and operations apps to operate and
communicate with a variety of web enabled devices.
The security model is hierarchical, and each element in the hierarchy represents a
different level of detail. Consider the following facts regarding security:
In role-based security, access is not granted to individual users, only to security roles.
Users are assigned to roles. A user who is assigned to a security role has access to the
set of privileges that is associated with that role. A user who is not assigned to any
role has no privileges.
All users must be assigned to at least one security role to have access to finance and
operations apps. The security roles that are assigned to a user determine the duties
that the user can perform and the parts of the user interface that the user can view.
Users are assigned to roles via System administration > Security > Assign users to
roles.
Because rules can be set up for automatic role assignment, the administrator does
not have to be involved every time that a user's responsibilities change. After security
roles and rules have been set up, business managers can control day-to-day user
access based on business data.
By default, sample security roles are provided. All functionality in finance and
operations apps is associated with at least one of the sample security roles. The
administrator can assign users to the sample security roles, modify the sample
security roles to fit the needs of the business, or create new security roles. By default,
the sample roles are not arranged in a hierarchy.
Duties
Duties correspond to parts of a business process. The administrator assigns duties to
security roles. A duty can be assigned to more than one role. In finance and
operations apps, duties contain privileges. For example, the Maintain bank
transactions duty contains the generate deposit slips and cancel
payments privileges. Both duties and privileges can be assigned to security roles.
However, we recommend that you use duties to grant access to finance and
operations apps.
Privileges
Privileges can be assigned directly to roles. However, for easier maintenance, we
recommend that you assign only duties to roles. A privilege specifies the level of
access that is required to perform a job, solve a problem, or complete an assignment.
It also contains permissions to individual application objects, such as user interface
elements and tables.
For example, the Cancel payments privilege contains permissions to the menu items,
fields, and tables that are required to cancel payments.
By default, privileges are provided for all features in finance and operations apps. The
administrator can modify the permissions that are associated with a privilege or
create new privileges.
Permissions
Permissions represent access to individual securable objects, such as menu items and
tables. Privileges are composed of permissions and represent access to tasks, such as
posting a journal and processing credits and collections. Duties are composed of
privileges and represent parts of a business process, such as maintaining cash and
bank transactions. Both duties and privileges can be assigned to roles to grant access
to finance and operations apps.
Each function in finance and operations apps, such as a form or a service, is accessed
through an entry point. Menu items, web content items, and service operations are
referred to collectively as entry points.
Authentication
Only authenticated users who have user rights in finance and operations apps can
establish a connection. finance and operations apps uses Microsoft Entra ID as a
primary identity provider. To access the system, users must be provisioned into a
finance and operations apps instance and should have a valid Microsoft Entra ID
account in an authorized tenant.
Authorization
Authorization is the control of access to the finance and operations apps program.
Security permissions are used to control access to individual elements of the
program: menus, menu items, action and command buttons, reports, service
operations, web URL menu items, web controls, and fields in the finance and
operations apps client.
In finance and operations apps, individual security permissions are combined into
privileges, and privileges are combined into duties. The administrator grants security
roles access to the program by assigning duties and privileges to those roles.
Auditing
Auditing of user sign in and sign-out is now enabled in finance and operations apps.
The system logs when a user signs in or out of the application. A sign-out is logged
even if the user's session expires or ends.
A system administrator or security administrator can access the audit logs by going
to the User log page (System administration > Inquiries > User log).
Additional considerations:
All instances use Microsoft SQL Server Transparent Data Encryption (TDE) and Azure
Storage encryption to perform real-time encryption of data when written to the disk
at rest.
Finance and operations apps use server-side encryption using service-managed keys.
All key management aspects such as key issuance, rotation, and backup are handled
by Microsoft.
In addition to the default encryption at rest provided above, you can use the
encryption API available in the Global X++ class. The
methods Global::editEncryptedField() and Global::editEncryptedStringField() use
the environment-specific data encryption certificate to perform data encryption and
decryption. You can use these methods as an additional layer of protection beyond
the default encryption at rest technology used for data storage.
Encryption in transit
Connections established between customers and Microsoft datacenters are
encrypted, and all public endpoints are secured using industry-standard Transport
Layer Security (TLS) 1.2. TLS effectively establishes a security-enhanced browser-to-
server connection to help ensure data confidentiality and integrity between desktops
and datacenters.
See Encryption in finance and operations apps for information about encryption.
When a user is excluded from a role, the role assignment for that user is no longer
controlled automatically. Excluded users are listed in the role membership when the
rules for automatic role assignment are run, or when an Active Directory group is
assigned to a role. However, they are marked as excluded. The role's associated
access is not granted to the excluded users. Users who are excluded from the role
can't be assigned to the role again until the administrator removes the exclusion.
Here is an overview of creating new users, assigning security roles and linking
records.
Create new users- Before you can access finance and operations apps,
you must first be added to the Users page in System administration >
Users. Users include internal employees of your organization, or external
customers and vendors. Users can be imported or added manually. All
users must be correctly licensed for compliant use.
Add an external user in Microsoft Entra ID and assign a license -
External users must be represented in your tenant- directory (Microsoft
Entra ID) so that they can be assigned licenses. Those external users
should be added to the tenant in Microsoft Entra ID as guest users and
then assigned the appropriate licenses. A requirement for finance and
operations apps is that the guest user's company must use Microsoft
Entra ID.
Manage users and security roles - To use anything other than common
capabilities in finance and operations apps, users must be assigned to
security roles. You can assign users to roles automatically, based on rules
and business data, exclude users from automatic role assignment, or add
users to roles manually.
Automatically assign users to roles - Based on business data, system
administrators can automatically assign users to roles.
Exclude users from automatic role assignment - When you remove an
exclusion by resetting the user's status, the user's role is assigned
automatically. However, the user is not immediately assigned to the role
or excluded from the role when you reset the status. Instead, the user is
either assigned to the role or removed from the role the next time that
the rules for automatic role assignment are run.
Manually assign users to roles - Users who are manually assigned to
security roles must also be manually removed by the administrator. These
users aren't removed from roles by rules for automatic role assignment.
Manually remove users from roles - Users who are manually assigned
to security roles must also be manually removed by the administrator.
These users aren't removed from roles by rules for automatic role
assignment.
To be able to manage batch jobs, you should assign the user to the batch job
manager security role, and not to the system admin or IT admin security.
Security or policies may require that specific tasks be performed by different users.
You can set up rules to separate tasks that must be performed by different users. This
concept is named segregation of duties. This helps reduce the risk of fraud, and helps
you detect errors or irregularities.
For example, you might not want the same person both to acknowledge the receipt
of goods and to process payment to the vendor. Segregation of duties helps you
reduce the risk of fraud, and it also helps you detect errors or irregularities. You can
also use segregation of duties to enforce internal control policies.
Default duties are provided. The administrator can modify the privileges that are
associated with a duty or create new duties.
After you select OK, to run the process, a notification displays the results of the
validation. If there is a conflict, you can open the Users page and change the user’s
role assignments.
Conflicts are also logged on the Segregation of duties conflicts page. To run the
verification process as a batch job, select Batch processing, and then set the other
batch parameters. After the batch job runs, you can review the conflicts in
the Segregation of duties conflicts page.
Finance and operations apps provides a set of rich security reports to help you
understand the set of security roles running in your environment and the set of users
assigned to each role.
Security reports can be found under System administration > Inquiries > Security.
Let’s get to know some of these security reports.
On the User role assignments parameters pane, go to Records to include > Filter.
From here you can add or remove filters to the list of users the report will be
generated for. For each user in the report a list of roles is provided, along with any
restrictions at the legal entity or organization level.
Role to user assignments report
The Role to user assignment report provides an aggregation of role assignments.
Expanding a role in the report shows the list of users assigned to the role, and
expanding the user name shows any restrictions the role has applied. The same
method for filtering the set of users can be applied to this report as described for
the User role assignments report.
Security role effective access report
The Security role effective access report provides a view of the effective permissions
for each security role. This report provides a flattened list of permissions grouped by
type across all sub-roles, duties, and privileges contained in the role.
This report may take some time to run. If it is the first time the report has run, or
there could be changes to the role definitions, the Rebuild collection option should
be set to Yes. You can optionally limit the roles to be included in the report by
adding a filter under Records to include.
Expanding a role shows the category of objects the role has access to. Expanding one
of the object types will show a detailed list of each object of that type included in the
role.
Expanding a role in the Security duty assignments report will show each duty
assigned to the role, along with details of the duty.
Stay compliant with user licensing
requirements
Completed100 pkt.
12 minutes
The licensing requirements for users are determined by the security roles that are
assigned to those users. Security roles are based on a hierarchy of sub-roles, duties,
privileges, and directly referenced securable objects.
The licensing requirements for users are determined at the organization or tenant
level. When using multiple environments and applications, you must analyze
requirements across all environments.
The Operations licensing requirement indicates that a full user license is required.
Some privileges are unique to a specific full user license and require a base or attach
license before a full user license is assigned to a user.
The User license counts report also provides details about each user and the
licensing requirements for each assigned role. Users are listed under the highest
license type. If the license requirement is identified as Operations, you must use the
User license estimator report to figure out the specific full user licensing
requirements.
User license estimator report
If no privileges that require a specific full user license have been assigned to a user,
that user is shown but no specific full user licenses are marked in this report. The user
is compliant with any full user license that is assigned.
If privileges assigned to a user require one or more specific full user licenses, those
licenses are shown in this report. In this case, the user must have a base license for
example for Supply Chain Management and an attach license for all other full user
licenses that are needed (for example, for Finance).
Licensing glossary
Application subscriptions are named user subscriptions that license a user for core
business applications. You can assign different licenses to one user-named
subscription.
Most Dynamics 365 Full user licensing follows the base plus attach model which
provides a cost-effective way for a single user to be licensed for multiple applications.
To license a core business Dynamics 365 application, customers may purchase either
a base or, in many cases, an attach license.
For more information about Dynamics 365 licensing and the Microsoft Dynamics 365
Licensing Guide, see Stay compliant with user licensing requirements
This unit provides information about how to analyze and manage security permission
requirements based on a task recording. Before you complete the steps in this article,
you must have a task recording of the business process that you want to analyze. To
record a business process, see Task recorder resources.
Uwaga
The Action and Output menu items are not included in the list.
4. In the User ID field, select a user. If the user does not have permissions
for some menu items, the Missing permissions field will update to Yes.
5. Select Add Reference to see a list of the security objects, including roles,
duties, and privileges that grant the missing permission.
6. Select a security object from the list:
Completed
100 pkt.
13 minutes
This unit provides an overview of Extensible Data Security (XDS) policies in finance and operations
apps. XDS allows developers to supplement role-based security by restricting access to table records
based on security policies. The query in the policy applies a filter, and only records that satisfy the
conditions of the filter will be accessible from the restricted tables.
Constrained tables- The table or tables from which data is filtered or secured. For example, in a policy
that secures access to transactions based on customer, the CustTrans would be an example of a
constrained table.
Primary table - Used to secure the content of the related constrained table. In the example below, the
CustTable table would be the primary table. The primary table must have an explicit relationship to
the constrained tables.
Policy query - Used to secure the constrained tables content using a range condition on the primary
table contents. Only records that are included in the range will be accessible. The range can, for
example, be based on a specific value for Customer.
Context – Controls the conditions under which a policy is applicable. Two main types of contexts that
are available are Role context and Application context:
Role context - Based on the roles that the user is assigned. There are two suboptions for role context:
RoleName – Indicates that the security policy is only applied to the application user assigned to the
role equal to the value of RoleName.
RoleProperty – This value is used in combination with the ContextString property to specify multiple
user roles context. It is applied when the Context String value defined in the Role Property field for
the policy is the same as the ContextString field value for the assigned user roles.
Application context - Applied if the context string set by the application using the XDS::SetContext API
is the same as the value defined in the Context String field for the policy. In the Application Object
Tree (AOT), policies and their components are displayed under Security > Policies.
Important considerations
The policy query is added to the WHERE clause, or ON clause, on SELECT, UPDATE, DELETE and INSERT
operations involving the specified constrained tables. Unless carefully designed and tested, policy
queries can have a significant performance impact. Therefore, make sure to follow simple but
important guidelines when developing an extensible data security policy. For more information, see
Developing Extensible Data Security Policies (White paper).
When two or more security policies apply, the intersection (not the union) of the records that are
included by each policy are the only records that can be accessed. This means that a record must
satisfy all the applicable security policies before access to the record is allowed.
For information about how to debug policies, create more advanced policies, including chaining of
restricted tables, table relations based on expressions, and much more please refer to these
resources:
Securing Data by Dimension Value by using Extensible Data Security (White paper)
You must import a new hired employee and assign the default the company
to USMF and associate the accounts receivable clerk role.
For this lab, you CANNOT sign in with your own credentials. Use the following steps
to sign in to your lab environment with the correct credentials.
4. Select Enter.
5. Microsoft Edge will open. Wait for it to navigate to the Sign in page for
finance and operations.
6. On the Microsoft Sign in page in finance and operations, place your
mouse cursor into the Username field.
7. On the Resources tab of the lab side bar, below the Azure
portal heading, select the T icon next to Username, then press Enter.
8. Your mouse cursor will now be in the Password page.
9. On the Resources tab of the lab side bar, below the Azure
portal heading, select the T icon next to select Password, then
press Enter.
10. Don't stay signed in or store the password on the virtual machine.
11. Select Accept in the Permissions requested page.
12. To see the lab instructions, select the Instructions tab on the lab side
bar.
You must create a new user ID for the new hired employee and assign the default the
company to USMF and associate the accounts payable clerk role.
1. Go to System administration > Users > Users.
2. Select New.
3. In the User ID field, enter a unique identifier for the user. A user ID is
required.
4. In the User name field, enter John.
5. In the Company field, select the drop-down button to open the lookup.
6. In the list, select USMF.
7. In the Email field, enter "john@contoso.com".
8. Select Assign roles in the User's roles section.
9. In the list, find and select Accounts payable clerk.
10. Select OK.
11. Select Save.
1. Switch to companyDAT.
2. Go to System administration > Security > Segregation of
duties > Segregation of duties rules.
3. Select New.
4. In the Name field, enter a name for the rule.
5. In the First duty field, select the drop-down button to open the lookup.
6. In the list, find and select the first duty that is controlled by the
rule, Access benefits workspace.
7. In the Second duty field, select the drop-down button to open the
lookup.
8. In the list, find and select the second duty that is controlled by the
rule, Approve production journal.
9. In the Severity field, select the severity of the risk that occurs when the
same user or role performs both duties.
10. In the Security risk field, enter a description of the security risk.
11. In the Security mitigation field, type a value.
12. Enter a description of the actions that you take to mitigate the security
risk.
13. For example, you can mitigate the risk by conducting more detailed
reviews of the process, by conducting a monthly managerial review, or by
sharing resources with other departments.
14. Select Save.
15. Close the page.
Which one of the following security pages in finance and operations apps is
used to manage privileges?
Which of the following security reports in finance and operations apps provides
a view of the effective permissions for each security role?
Segregation of duties
The Segregation of duties page helps finance and operations apps to comply
with regulatory requirements, such as those from Sarbanes-Oxley (SOX),
International Financial Reporting Standards (IFRS), and United States Food and
Drug Administration (FDA).
External roles
Assign users to role
Dormant user security accounts
Introduction
Completed100 pkt.
8 minutes
This module focuses on your integration strategy and how the Integration workshop
will help verify that the project's integration plans are comprehensive and will support
initial implementation and long-term needs. The workshop's goal is to evaluate the
proposed integration plan and provide feedback and recommendations that
highlight technical risks and issues and identify best practices.
Understanding the reasons for the integration and the problem that you're trying to
solve can help you establish the importance of the integration and the level of risk
associated with it. For each integration, make sure that you are clear about what you
expect to happen if an integration is unavailable and how you anticipate handling
failures.
Convenience integrations help make the process easier for users or help improve
their productivity. For example, a convenience integration might prevent a user from
having to go into a separate application, which allows them to run the integration
from within the Dynamics 365 application. While convenience integrations help save
time, they also provide an alternate path that users can take to complete the task if
the system is down. Mostly, your effort for the Integration workshop should focus on
the essential integrations that are critical to your project success.
Similar to all workshops in Success by Design, not every aspect of the Integration
workshop will apply to every project. However, it is vital to have a plan and process
for managing your idea to deployment process.
The Integration design review does not provide an overview of how to integrate with
Dynamics 365. For that purpose, several Tech Talks have been developed that discuss
and exemplify the usage of integration tools and patterns.
The Integration design review workshop should be conducted when the design is
near completion, or already completed, and when a solid understanding of how
various apps will be integrated while forming the full solution has been reached.
Ukończono moduł:
Integration strategy
Integration strategy considers the design of communication and connectivity
between the various components of the solution. This strategy includes the
application interfaces, the middleware, and the processes that are required to
manage the operation of the integrations. This topic will focus on answering
questions, such as:
Are plans for integrations with other Dynamics 365 applications in place?
If so, are they aligned with standard Microsoft integration patterns, such
as dual-write?
Who is responsible for delivering the integration scope?
Where and how is message-format transformation being handled?
Would the same message-format transformation approach apply to
existing and new systems?
Has the integration architecture been defined? If so, does it reflect the
planned solution landscape?
Integration patterns
Integration patterns consider the patterns that are used for inbound and outbound
communication and the interface models that are used for each. This assessment
includes standard interface choices, including real time (synchronous), batch data API
(asynchronous), and business events (event-based) interfaces. It also covers standard
integration options, including dual-write and bring-your-own-database integration.
This topic will focus on answering questions, such as:
Have you defined and mapped integration patterns for all scenarios? If
so, do they fall under standard patterns?
Is authentication done through a registered Microsoft Entra ID
application (SPN) or normal user account?
Do you have real-time integrations with external systems that could
result in UI thread blocking?
Is real-time integration used for high volumes? If so, can you share the
peak hourly volumes for top integrations?
Does the customer have high-volume integration scenarios that they
plan to use dual-write for?
When the endpoint goes down, how are retries handled?
Middleware
Middleware considers the aspects of middleware usage within the integration
landscape and how it will be used for transformation, communication, error handling,
retries, and monitoring and alerting. However, the workshop is not intended for
discussing or validating the internal design of the middleware of choice. This topic
focuses on answering questions, such as:
Are you planning to use middleware for integrations? If so, what's the
middleware scope for this project?
How are you planning to mitigate errors and provide logging?
Is transformation done in the middleware level? If so, to what extent?
Are you planning to use Azure services for integration? If so, have you
planned to host the Azure services in the same data center as your
Dynamics 365 environments?
Are you using Microsoft Power Platform connectors for your integrations,
or do you plan on using custom connectors?
Do integrations with on-premises or line-of-business applications exist?
Microsoft 365
Microsoft 365 covers integrations with other Microsoft products and cloud services.
This topic focuses on answering questions, such as:
Are you integrating with SharePoint on-premises? If so, how are you
planning to complete this task?
Are you planning to integrate with Exchange on-premises for server-side
sync? Have you considered the requirements and limitations for this
integration versus integration with Exchange Online?
Are you planning integration with Microsoft Teams? Are you aware of the
capabilities, limitations, and additional considerations?
Are you planning a collaboration structure before enabling the
collaboration between Dynamics 365 and Teams?
Ukończono moduł:
The Integration design review workshop typically takes approximately 1-2 hours to
conduct. The time might vary based on the level of detail that is available for review.
The solution architect will work with the implementation team leadership to plan the
workshop based on the specifics of the solution that are being reviewed.
Porada
We recommend that you use diagrams and visual representations to provide high-
level summaries in the implementation, wherever possible. These diagrams, charts,
and graphs provide a ready means of communication across the team and with
executives about plans and designs.
Ukończono moduł:
The Integration design review workshop will be facilitated by the solution architect,
but the expectation is that the implementation team will present the integration
design information. Each section of the agenda should be assigned an owner within
the implementation team. At the beginning of each section, that owner should
present an overview or summary of the scope and plans, including designs that apply
to that aspect of the integration design. When all topics in the planned agenda have
been discussed, the remainder of the time should be reserved for questions and
answers with the solution architect.
During each session, you can expect that discussion about the scope and approach
will occur. As part of that expectation, the solution architect might provide guidance
directly within the meeting. However, these sessions are not intended to be design
sessions but rather review sessions. The provided feedback might alter the current
plan or design, but the detailed work in those areas will be carried out by the
implementation team after the workshop.
The findings document will be distributed to the customer and partner organizations,
and a review meeting will be held to review the findings in detail. The document will
go to the implementation leadership and executive sponsors in both organizations. In
some cases, these findings documents can be lengthy, in which case, an executive
summary that highlights key and critical findings is provided for better consumption
by executives.
Ukończono moduł:
Integration design review workshop
follow-up
Completed100 pkt.
3 minutes
After the Integration design review workshop has been conducted and the findings
have been reviewed, those items that have been identified as risks and issues, and
their associated action items for mitigation and resolution, will be managed to
completion as part of the overall engagement.
Identified issues will often have an impact on the ability to successfully go live. These
issues will need to be resolved prior to the go-live readiness assessment and the
deployment of a production environment.
Ukończono moduł:
Odblokuj osiągnięcie
Initiate
The Integration workshop should be scheduled and completed during the
implementation phase of the project.
Implement
The Integration workshop should be scheduled and completed during the
implementation phase of the project.
Prepare
Operate
2.
Which of the following options isn't a type of integration that you can use on
projects?
Process integration
Different types of integrations that you can use on projects include process
integration, user interface integration, and data integration.
User interface integration
Model integration
Model integration isn't an integration type. Different types of integrations that
you can use on projects include process integration, user interface integration,
and data integration.
Data integration
Introduction
Completed100 pkt.
4 minutes
Application strategy
Application strategy considers the various apps, services, and platforms that will make
up the overall solution. This topic focuses on answering questions, such as:
Based on the processes that are in scope, the solution architect who is conducting the
review might ask a series of feature-related questions to gauge complexity or
understand potential risks or opportunities to optimize the solution based on the
future product roadmap.
Integration strategy
Integration strategy considers the design of communication and connectivity
between the various components of the solution. Within this topic, you will try to
answer questions, such as:
How many production environments will be deployed, and what are the
factors that went into that decision?
Are trial environments used during build?
Will the various apps be deployed under the same tenant?
Will the various apps be deployed in the same region?
What are the data sovereignty requirements?
Do you have alignment of your release process across the different apps?
What is the monitoring plan for dual-write integration status and errors?
What are the plans to monitor capacity requirements for data
redundancy across different data repositories?
Data strategy
Data strategy considers the design of the data within the solution and the design for
how legacy data will be migrated to the solution. Within this topic, you will try to
answer questions, such as:
Test strategy
Test strategy covers the various aspects of the implementation that deal with
validating that the implemented solution works as defined and will meet the business
need. Within this topic, you will try to answer questions, such as:
Does your test plan include testing dual-write synchronization across all
apps?
Does the test plan focus on performance for business processes (for
example, prospect to cash)?
Does the test plan include testing planned and unplanned
outages/maintenance of different apps?
What are the desired performance metrics for dual-write integration,
especially for key scenarios?
Who is responsible for reviewing metrics after each iteration and are
these metrics included in the design?
What are the expected service levels, such as the time that it takes for a
record to synchronize across apps?
Security strategy
Security strategy considers the design of security within the Dynamics 365
components of the solution and the other Microsoft Azure and external solution
components. Within this topic, you will try to answer questions, such as:
Ukończono moduł:
Typically, the Dual-write implementation workshop takes 1-2 hours to conduct. The
time might vary based on the level of detail that is available for review and the
breadth of the overall solution. The solution architect will work with the
implementation team leadership to plan the workshop based on the specifics of the
solution that is being reviewed.
Before you schedule the workshop, make sure that the implementation team has a
good understanding of dual-write and how it is planned to be used.
Uwaga
The findings document will be distributed to the customer and partner organizations,
and a meeting will be held to review the findings in detail. The document will go to
the implementation leadership and executive sponsors in both organizations. In some
cases, these findings documents can be lengthy, in which case, an executive summary
that highlights key and critical findings is provided for better consumption by
executives.
Workshop follow-up
After the Dual-write implementation workshop has been conducted and the findings
have been reviewed, those items that have been identified as risks and issues, and
their associated action items for mitigation and resolution, will be managed to
completion as part of the overall engagement.
Identified issues will often have an impact on the ability to successfully go live. These
issues will need to be resolved prior to the go-live readiness assessment and the
deployment of a production environment.
Solution architect
The Dual-write implementation workshop will be facilitated by the solution
architect.
Data analyst
Customer lead
Account representative
3.
Introduction
Completed100 pkt.
5 minutes
The Solution performance workshop will also emphasize the importance of having
performance goals defined and having the correct focus on performance and
performance testing during the entire project life cycle.
Ukończono moduł:
The following sections highlight the topics that the Solution performance workshop
covers, including a sampling of the types of questions that are covered in each.
Project plan
The project plan section covers the overall planning that is in place for activities to
address performance. This topic focuses on answering questions, such as:
What is the plan, and how often will the project implement performance
testing?
What is the plan for performance testing during different stages of the
project life cycle?
Are experienced resources available and tasked to support the
performance test implementation?
This topic explores the techniques and tools that the project team uses that might
impact performance, including:
Performance testing
Performance testing becomes a key component in collecting actionable insights into
identifying problematic areas and addressing them. Planning and implementing
performance testing are critical activities in ensuring that solution performance is
optimal.
Ukończono moduł:
Performance benchmarks confirm that the solution can process the targeted
transactions/user’s volume within an acceptable duration/response time with a
specific data starting point.
1. Narrow it down - This step is the first for each scenario. Find out where
you lose the most time and then focus your efforts on that point. For
example, validate whether few or many calls exist, validate whether
process is running or waiting, and so on.
2. Troubleshoot - Analyze why that part of the process is slow. It could be
configuration, looping, row-by-row operations, or resource contention,
such as locking or single threading.
3. Solution - create a fix - Consider lead time for Microsoft or
partner/provider hotfixes. You might be able to fix by extension.
4. Evaluate it – Validate that the performance goal has been met.
5. Test the new solution.
6. Repeat or deploy the solution.
RACI abbreviations:
R - Responsible
A - Accountable
C - Consulted
I - Informed
Rozwiń tabelę
ACTIVITY PARTNER (sample) C
Define the target/projected business goals I A
Define the detailed benchmark scenarios RIC A
Take task recordings and document the reproduction steps I A
Provide the environment artifacts (code build and database to use) I A
Build the benchmark environment R A
Create test scripts and data scripts R A
Run the performance benchmark R A
Deliver the performance benchmark report R A
If bugs occur in the standard solution, open a support request to Microsoft C A
Ukończono moduł:
The following questions and answers are typical regarding the Solution performance
review:
Answer: Most implementations begin with a planned timeline, or at least a target go-
live date, and a defined budget. These factors should be based, at a minimum, on a
conceptual solution and approach. Performance is impacted by more than code.
Having a scalable design is a key starting point. Environmental factors can also impact
performance. Defining your environment strategy is a first step that you should take
before you start to build. The Solution performance workshop can be an important
tool to help you make some of these key decisions early in the project.
Question: We haven’t made decisions on the ways to implement the solution. Would
it make more sense to wait until development is complete to conduct the Solution
performance workshop?
Answer: If needed, the Solution performance workshop can be implemented as an
iterative process. The benefit of starting this activity early is that the project team will
have awareness of best practices, techniques, and resources that they can use as they
design and develop the solution. Having knowledge and awareness early will help the
team build the solution with performance in mind instead of having to return to fix
issues after completion.
Ukończono moduł:
Uwaga
The solution architect will prepare in advance for the workshop by reviewing existing
project artifacts ahead of time. Helpful project artifacts include:
This list is not exhaustive of project deliverables, but it is a good starting point for the
solution performance review. The formats, composition, and names of each
deliverable might vary from one project to the next. Format isn’t the most important
element; rather, it’s the information that is available and agreed on across the team.
When you are conducting a solution performance review early in the project, many of
these documents will not be fully formed, which is acceptable in most cases. Most
important is that scope has been determined and that a conceptual plan is in place
for how the solution will support that scope. If the scope and conceptual solution
approach are in place, the solution performance review can focus on the conceptual
approach, and then the follow-up, in-depth workshops can focus on the details at the
point when they are available.
It’s acceptable if the project uses different ways to manage or track project
information other than what is shown in the preceding list. Typically, the format isn’t
critical if the information is readily available to project members. If the information
from the preceding list isn’t documented on the project, or if it’s documented in a
way that isn’t easily accessible, you should prioritize getting the relevant artifacts
produced.
Porada
We recommend that you use diagrams and visual representations to provide high-
level summaries in the implementation, wherever possible. These diagrams, charts,
and graphs provide a ready means of communication across the team and with
executives about plans and designs.
Ukończono moduł:
Representatives from the business who are subject matter experts and
can articulate key business processes and expectations on performance
and responsiveness of the system.
Representatives from the business and the technical team who can
articulate the non-functional requirements.
Implementation team members (customer and implementation partner)
with intimate knowledge of the design and implementation methods that
are used for configuration, customization, integration, and other aspects
of the solution that will be the focus of the Solution performance review.
The testing team that will conduct the performance tests.
IT administrators who can provide information on the
environment/tenant strategy and assist with setting up environments for
performance testing.
Even for technical discussions, it might still make sense to have business
representation so that participants are aware of the impact on their requirements for
performance. Scenarios might exist where non-functional requirements are difficult to
meet unless the business scope is changed. Because of these scenarios, it is important
for business representatives to understand the technical implications so that they can
make better decisions when analyzing the need and priority of requirements.
The implementation team leadership should work with the solution architect ahead of
the workshop to shape the agenda and timings for each session. Depending on the
state and complexity of the solution, different sections might require more or less
time. While the baseline plan is to conduct the workshop in 2 to 4 hours, that time
can be flexible (to a certain extent) to accommodate the implementation.
Time management in the Solution performance workshop is critical. The top priority
for the workshop is to get through all relevant content, which should be prioritized
over going too in depth in any one session. If the conversation becomes extensive,
and you are running out of time to cover the breadth of the subject, you should
expect that the solution architect will table the detailed conversations for follow up in
a more in-depth workshop.
During each session, participants should expect discussion about the scope and
approach. As part of that expectation, the solution architect might provide some
guidance directly within the meeting. However, these sessions are not intended to be
design sessions but rather review sessions. The provided feedback might alter the
current plan or design, but the detailed work in those areas will be carried out by the
implementation team after the workshop.
Solution performance workshop outputs
The output of the Solution performance workshop is a findings document. This
findings document is a response to information that has been provided as
preparation for the workshop or during the workshop. Generally, these findings will
be one of three types:
The findings document will be distributed to the customer and partner organizations,
and a meeting will be held to review the findings in detail. The document will go to
the implementation leadership and executive sponsors in both organizations. In some
cases, these findings documents can be lengthy, in which case, an executive summary
that highlights key and critical findings is provided for better consumption by
executives.
Addressing all risks and issues is not a guarantee that the solution won’t have
performance issues. This exercise is to mitigate risks and address issues of all factors
that are reviewed and true at the time of the review. However, with any project are
exceptions or new developments that will have an impact. For this reason, the
workshop is iterative so that, as new factors are introduced into the solution, the
workshop can be conducted again to address new needs.
Subsequent Solution performance workshops
Solution performance is an aspect that the implementation team needs to be aware
of throughout the project life cycle. The team will need to plan for solution
performance at the beginning of the project and as they go through development
and testing. Therefore, subsequent reviews might be required for the following
reasons:
Issues that are identified will often have an impact on the ability to successfully go
live. These issues will need to be resolved prior to the go-live readiness assessment
and the deployment of a production environment.
Ukończono moduł:
Initiate
This meeting should be scheduled to happen during the build or implement
phase.
Implement/Build
This meeting should be scheduled to happen during the build or implement
phase.
Prepare
Operate
2.
Solution Checker
Solution Checker can be used validate solution supportability, along with other
things.
Power Apps
Power Automate
Customization Support Validation
3.
Which of the following customization types should be reviewed and tested for
solution performance?
Developer logic
All of these items are things to look for when reviewing solution performance.
Functional configurations
Flows and workflows
All of the above
All of these items are things to look for when reviewing solution performance.
Ukończono moduł:
Introduction
Completed100 pkt.
5 minutes
In a Microsoft Dynamics 365 deployment, the process of transition from the old
system to the Dynamics 365 application is defined as the cutover. Occasionally,
cutover is described as the final transition at go-live, but that description
mischaracterizes the actual work for cutover that starts early in the project. During
this final transition, the old system is typically unavailable and so this part of the
transition period is kept to a minimum. Usually, this final transition is conducted over
a quiet period for the business, such as a weekend or holiday shutdown.
You will implement the final cutover later in the project life cycle during the Prepare
phase. Therefore, before go-live happens, you should begin defining the cutover
strategy early in the Initiate phase of the Success by Design framework. The early
conversations about the cutover strategy should include leadership level business
sponsors and the necessary business and technical project team members. This
approach will help ensure that all stakeholders are aligned from the beginning of the
project and are collaborating on defining the end goal in terms of moving from the
current systems to the new systems.
The overall cutover project plan provides the view of the milestones and key tasks
from the start of the project to the go-live event (including the post go-live cutover
tasks). However, the go-live cutover plan needs to be a detailed, task-oriented plan
because you have a limited period in which to perform and validate the final cutover
tasks and limited room for significant errors.
Purpose of the Cutover strategy
workshop
Completed100 pkt.
5 minutes
The Cutover strategy workshop is designed to ensure that the cutover strategy
provides a good approach and plan to deliver a well-defined, well-tested, reliable,
and safe transition from current systems to the new production systems.
The workshop is layered to help you gain an understanding of the cutover strategy
during the Initiate/Implement phase in terms of:
During the Implement phase, make sure that you confirm that the cutover-related
tasks (such as data migration for mock cutover testing) are proceeding as planned
and are making the necessary incremental progress. As you approach the Prepare
phase, you need to confirm that the go-live cutover planning and testing is
comprehensive, robust, and well-defined by reviewing the following elements:
The first review of the cutover strategy should be conducted as part of the Solution
blueprint review or soon afterward. It might be tempting to postpone the cutover
strategy review because it can be perceived as an activity that happens at go-live.
However, cutover includes the touchpoints from data migration and rollout planning,
and it's a process that starts at the early review of the vision, scope, and strategy. The
overall project plan for cutover helps the project to anticipate and manage risks.
The detailed cutover plan would not be ready in the early stages; therefore, you
should review it at a later stage so that you can identify risks in enough time to
remediate them. During the Implement phase, and for more complex cutovers, you
should plan a key milestone review, which involves reviewing the status and issues
that arise from a key mock cutover. Make sure that you conduct this milestone review
before user acceptance testing (UAT) environment and data preparations are
complete. This approach will help the project team identify risks and address them so
that the environment that is created for UAT is a close approximation of the process
by which the production system will be created after the final cutover.
As the project approaches go-live, make sure that you review the readiness for the
final go-live. This process involves reviewing the risks that are associated with the
following elements and then ensuring that they can be resolved:
Ukończono moduł:
Cutover strategy workshop overview
Completed
100 pkt.
10 minutes
The following sections focus on the high-level aspects of the cutover strategy, including a sampling of
the types of questions that are covered in each section.
The Cutover vision and strategy section includes review and discussion of the business goals, cutover
scope and overall strategy, and the cutover timeline. This section provides you with an opportunity to
identify those key stakeholders who support the cutover from all areas of the business. It also
provides details of the cutover strategy that helps establish the remaining topics in the workshop.
Who is the designated cutover leader and what is the scope of their responsibilities?
What are the responsibilities and ownership for the key cutover activities like data cleansing, data
migration, communication, and so on?
Has a calendar of key business activities that will take place leading up to and during cutover been
established?
The cutover project plan section assesses the more specific details of areas such as the cutover
project plan, data cutover strategy, and the system cutover and transition plans. This section will also
review the strategy for cutover testing, including mock-cutover tests, the timing, and performance
expectations for the cutover, change management processes including end-user communication, and
environment preparations to support the cutover activities.
This topic focuses on answering questions, such as:
Have a description and a copy of the cutover project plan been completed?
What are the data migration processes and milestones that are managed by, or integrated with, the
cutover management process?
How many data migration runs (as part of the mock cutover) have been completed and with what
level of success?
What is the detailed system cutover strategy, and the agreed-on legacy system shutdown process,
including dates/times?
What are the system cutover processes and milestones that are managed by, or integrated with, the
cutover management process?
How, when, and where are the mock cutovers conducted, and how are you validating the cutover
process and the resulting systems?
What day and time will the final cutover start, and when is the new system expected to be live?
What are the high-risk areas for performance during the cutover, and how are they being addressed?
How has change management been implemented and communicated with business users throughout
the project as it relates to the implications of the cutover strategy?
What is the environment strategy to support mock go-live activities?
For finance and operations customer cutover, which environment is currently used as the "golden"
environment, and what's the strategy to move from gold to production?
The go-live cutover plan considers areas like the organizational aspects of the cutover process,
including the key players who are involved in managing the cutover process and the final approval for
go-live. This section also closely examines the details for the final go-live cutover plan, go/no-go and
rollback plans, and considerations about implementing a remote go-live, including communication
planning.
Description of the organization structure that will manage, perform, validate, and approve the final
go-live cutover and the related communication plan.
Description of the key elements of the final go-live detailed cutover plan.
Definition of the go/no-go decision points and when they will be made.
Explanation of the criteria for invoking rollback and/or contingency and the plans for implementing
them.
Description of the cutover management strategy that is being designed to work effectively and
efficiently for a remote go-live.
Post go-live
The post go-live section reviews the processes that are defined for those activities that will take place
when the application is in production. This review includes considerations for cutover actions/steps
that need to happen after go-live, transitioning from project into a support model, and the exit
criteria that are defined to complete the cutover process.
Description of the process and planning for transition from project to support.
Explanation of post go-live cutover activities and how they will be managed.
Description of the exit criteria and strategy for the cutover process and cutover organization.
Typically, the Cutover strategy workshop takes approximately 1-3 hours to conduct.
The time might vary based on the level of detail that is available for review. The
solution architect will work with the implementation team leadership to plan the
workshop based on the specifics of the solution that is being reviewed.
Uwaga
The solution architect will prepare in advance for the workshop by reviewing existing
project artifacts ahead of time. Helpful project artifacts include:
This list is not exhaustive of project deliverables, but it is a good starting point for the
Cutover strategy workshop. The formats, composition, and names of each deliverable
might vary from one project to the next. It's not the format that's most important; it's
the information that is available and agreed on across the team.
Ukończono moduł:
The Cutover strategy workshop will be facilitated by the solution architect, but the
expectation is that the implementation team will present the cutover strategy
information. Each section of the agenda should be assigned an owner within the
implementation team. At the beginning of each section, that owner should present an
overview or summary of the scope and plans, including designs that apply to that
aspect of the cutover plan. When all topics in the planned agenda have been
discussed, the remainder of the time should be reserved for questions and answers
with the solution architect.
During each session, participants should expect discussion about the scope and
approach. As part of that expectation, the solution architect might provide some
guidance directly within the meeting. However, these sessions are not intended to be
design sessions but rather review sessions. The provided feedback might alter the
current plan or design, but the detailed work in those areas will be conducted by the
implementation team after the workshop.
Cutover strategy outputs
The output of the Cutover strategy workshop is a findings document. This findings
document is a response to information that has been provided as preparation for the
workshop or during the workshop.
The findings document will be distributed to the customer and partner organizations,
and a meeting will be held to review the findings in detail. The document will go to
the implementation leadership and executive sponsors in both organizations. In some
cases, these findings documents can be lengthy, in which case, an executive summary
that highlights key and critical findings is provided for better consumption by
executives.
Identified issues will often have an impact on the ability to successfully go-live. These
issues will need to be resolved prior to the go-live readiness assessment and the
deployment of a production environment.
Ukończono moduł:
During the Cutover vision and strategy review, which of the following factors
would be included?
Business goal
The Cutover vision and strategy section includes review and discussion of the
business goals, cutover scope and overall strategy, and the cutover timeline.
Cutover scope
Cutover timeline
All of these options
The Cutover vision and strategy section includes review and discussion of the
business goals, cutover scope and overall strategy, and the cutover timeline.
Introduction
Completed100 pkt.
3 minutes
The Post go-live workshop is the final workshop in the Success by design series, and
has the following goals:
Review of project goals and lessons learned - After the go-live event,
reviewing the project goals' achievements against success measures will
help determine if project adjustments are necessary. Reflecting on the
lessons learned will prevent past issues from reoccurring.
Insights on the next implementation phases - Sharing what's next for
the project/program after go-live will allow a global understanding of
where the digital transformation is heading.
Support overview - Having a clear escalation path with the correct
support plan for post go-live issues will allow an optimal time-to-
resolution for all future incidents.
Having the workshop immediately after go live wouldn't provide a high level of
confidence to measure the success of the implementation against the business goals.
Additionally, having the workshop during an escalation likely wouldn't allow the
project team to reflect transparently and constructively on the lessons learned.
For this reason, facilitators should leave sufficient time after go live to stabilize the
solution and to confirm that all business-as-usual operations perform as expected.
This theory is especially true for workloads that could happen at a later date, such as
month-end closing activities for finance.
The following question and answer are typical for the Post go-live workshop.
Question: The go live was relatively simple and limited in scope. Is it necessary to
conduct the Post go-live workshop?
Answer: While it might be tempting to skip the Post go-live workshop, it should be
done at every go live (minor or major) to give the implementation team the
opportunity to confirm that the solution delivered on the goals that were initially set.
Additionally, the team will have time to reflect on the past issues and to take the
correct actions to improve the live operations support and be better prepared for the
next phases.
Ukończono moduł:
Typically, the Post go-live workshop is conducted remotely. The following sections
cover the high-level aspects of the Post go-live workshop and provide a sampling of
the types of questions that are covered in each section.
Ultimately, this approach helps the customer realize the value of the investment that
they made.
Candid exchanges around the lessons learned will help prevent past issues from
reoccurring to improve the project delivery and collaboration cross-party and cross-
organization.
What were the top challenges that were faced during the
implementation, and how could these challenges have been prevented?
What are the top lessons learned from the implementation?
What were the top issues related to the Dynamics 365 solution?
What are the top lessons learned with the use of Dynamics 365?
How are the lessons learned going to be converted to action items to
assign and follow among the teams?
The customer and partner experience of implementing Dynamics 365 has abundant
lessons. Sharing these lessons in the form of open and constructive feedback
contributes to the continuous improvement of the Dynamics 365 implementation
experience.
The post go-live assessment also aims to confirm that a feedback loop is in place to
help the implementation team gather and act on end users' feedback (for example,
with the in-app survey). Then, users can share what they appreciate and what they
think could be improved to ensure a continuous improvement cycle.
Look forward
The looking forward section considers the next phases of the digital transformation
following the go-live event. This section focuses on answering questions, such as:
After the go-live event, all support requests or advisory requests that are opened with
Microsoft support are ruled by the support plan service level agreement (SLA), and
it's critical to understand what these SLAs are so that you select the correct support
plan. This section focuses on answering questions, such as:
What is the escalation path in case issues occur in the Dynamics 365
solution?
Are the teams that are involved in the escalation path trained enough to
handle the incidents after the hypercare period?
Which Microsoft Dynamics 365 support plan will be used, and is it
relevant with the solution coverage?
Is the team using the online content to stay up to date?
Ukończono moduł:
Typically, the Post go-live workshop takes approximately 1-2 hours to conduct. The
time might vary based on the complexity of the project, the scope of the go-live
event, and the challenges that are found throughout the implementation.
Before the Post go-live workshop, participants should be familiar with the structure of
the workshop and the types of topics and prerequisites that will be covered.
The central prerequisite for preparation is the Post go-live workshop template that
captures information about the presented sections (such as the project goals, lessons
learned, and so on). The implementation team needs to complete and share the
template with the solution architect at least two working days before the workshop.
Essentially, the Post go-live workshop is a discussion. It's not intended to be a
questionnaire that you can complete and review in an offline mode.
Additionally, having the following project artifacts ready would enrich the exchanges
during the workshop:
This list isn't exhaustive of project deliverables. But it's beneficial to share these
deliverables or have them ready to show during the Post go-live workshop.
Ukończono moduł:
The following sections describe how to implement the Post go-live workshop and
then conduct follow-up sessions for more in-depth information.
Each section of the agenda should be assigned an owner within the implementation
team.
Preparing and completing the presentation template for the workshop allows for
richer discussions that often result in clear adjustment actions to take (for example,
on the project goals, the lessons learned, or the post go-live assessment).
One main goal of the Post go-live workshop is to reflect on the implementation
journey and identify the adjustments to make in the future to improve on all possible
levels (project delivery, collaboration, communication, and so on). So it's critical for
everyone to come to the sessions with a growth mindset, which encourages candid
and constructive exchanges.
The intent of the Post go-live workshop isn't to review the status of support incidents
or to treat solution design questions at this late stage.
This approach allows the implementation team to follow up with the relevant party
and in the most efficient approach based on the related subject, such as:
project delivery
project risk or issue
licensing
transition to support
The final presentation, including the actions that are listed during the session, should
be distributed to all parties who participated, including the implementation
leadership and the executive sponsors in both organizations. This full distribution will
ensure an alignment on the items that are discussed and on the following adjustment
actions to take.
The learnings that are compiled throughout the engagement and Success by Design
workshops should be used even after the implementation.
For larger programs or projects, the implementation team should consider running
Success by Design reviews internally. You can use the Use Success by Design for
Dynamics 365 solutions self-service training material that is available online.
Ukończono moduł:
Which one of the following options are goals of the Post go-live workshop?