XrmToolBox is able to connect to any kind of environment from Microsoft Dynamics CRM 2011 to Microsoft Dynamics 365 for Customer Engagement and Power Apps Common Data Service, using one of the available connection methods.
A connection is generally required to use plugins Inside XrmToolBox. If you open a plugin and a connection is not yet available, XrmToolBox asks you to connect to an environment but you can decide to connect to an environment on demand (by clicking on the "Connect" button or using the bottom left connection control).
When creating an new connection, you can choose one of the following methods :
- Connection wizard : Used mainly to connect to Microsoft Dynamics CRM/365 for Customer Engagment OnPremise or IFD. It can also be used to connect to Microsoft Dynamics 365 or Power Apps Common Data Service but the authentication used (Office365) is deprecated and should be removed soon by Microsoft.
- Certificate : Used to connect to Microsoft Dynamics 365 or Power Apps Common Data Service using an application user that is configured to be authenticated with a certificate.
- OAuth/MFA : Used to connect to Microsoft Dynamics 365 or Power Apps Common Data Service. If Multi Factor Authentication is enabled for the user, this is the method to use.
- SDK Login Control : Used to connect to any environment. This is the connection control provided by Microsoft.
- Connection String : Used to connect to any environment by using a connection string
- Client Id/Secret : Used to connect to Microsoft Dynamics 365 or Power Apps Common Data Service using an application user mapped to an Azure AD Application with client secret
On the first page of the wizard, fill the Organization url with the address of your organization. You can simply copy/paste the url from your favorite browser address bar. If you are connecting to an OnPremise deployment, you can choose to connect using your current credentials.
If you receive TimeoutException error when using some plugins, do not forget to set the timeout to a larger value than the default. This is particularly true for plugins that execute long running operations such as solution import.
(Optional) If you defined an url with the format https://organization.domain.extension, the next wizard page ask you to confirm if the deployment is configured for Internet Facing Deployment. If you set the answer to yes, you can define an home realm url (if needed).
If you did not tick the checkbox to use your current credentials, the wizard page below appears next. It allows to define the credentials to use.
If you don't tick the checkbox "Save pasword as encrypted string in connection file", you will be prompted for the password each time you try to connect using this connection.
Passwords are encrypted in the connections files. The encryption keys are available to anyone thus it is not a perfect secured solution but at least, it avoids having clear text password in a file.
On next page, the wizard tries to connect to the organization
If the wizard cannot succeed to connect to your organization, there is no explicit error message. To get one, you need to review the connection logs. They are accessible through the link displayed in the wizard to open the logs folder.
When the connection succeeds, you have the possibility to define a name for this connection. If you do not define a name, the connection is still usable but is not saved for future usage.
To connect using a certificate, you first need to create an Azure AD application in your Azure portal and set the authentification using a certificate.
You also need to create an application user in your environment, mapped to this Azure AD application.
This certificate must also be added to your computer.
When creating the connection, first define the url of your D365/CDS environment.
Then select the certificate on your computer
Then define the Azure AD application.
To connect using Oauth protocol, you first need to create an Azure AD application in your Azure portal. Microsoft provide an Azure AD application for development/prototype purpose you can use. But you should consider creating your own in your Azure portal.
When creating the connection, first define the url of your D365/CDS environment.
Then provide your Azure AD application Id and reply url (or use Microsoft's one by clicking on button "Use development Azure AD app")
Then provide your user email address
Then a dialog should open to ask for your password (and eventually to provide another factor authentication code)
This authentication method does not allow to store your password. But a token is stored on your computer.
To connect using the SDK login control, you first need to create an Azure AD application in your Azure portal. Microsoft provide an Azure AD application for development/prototype purpose you can use. But you should consider creating your own in your Azure portal.
When creating the connection, provide your Azure AD application id and reply url or choose to use default, then click on "Open SDK login control".
Use the control.
Before being able to connect to an organization, you need to create a new connection. This is achieved by clicking on button "New connection" on the connection selection dialog.
A connection string is required to connect to a kind of deployment not handled by other connection methods.Proposing to connect with a connection string ensures that all scenarii of connection are handled.
To understand what connection string is and how to create one, please read the article Use connection strings in XRM tooling to connect to Dynamics 365 on MSDN.
Then type or paste your connection string in the textbox
To connect using a client id and client secret, you first need to create an Azure AD application in your Azure portal and set the authentification using a secret.
You also need to create an application user in your environment, mapped to this Azure AD application.
When creating the connection, first define the url of your D365/CDS environment.
Then define the client id (which is the Azure AD application id) and the client secret
