Search data in PrincipalObjectAccess (POA), to see which entity records are shared with who, allowing what kind of access
Latest version release notes
1.2026.4.15:
Same feature set as 1.2026.4.14 (full notes below). This release adds two UI fixes:
== UI fixes == - Right column layout: the Reset button and the Details panel are no longer clipped when the XrmToolBox window is narrower than the plugin's design width. AutoScroll is now enabled on the plugin UserControl, so users on smaller monitors get scrollbars and can reach every control instead of a squeezed or chopped layout. - MCP log overlay positioning: the dark-console log overlay now anchors correctly to the bottom-right of the visible client area. Previously, after AutoScroll was enabled, the overlay could appear in the middle of the plugin area because the initial position was calculated from the UserControl's outer size instead of its client area. Position is now recalculated on every Show so it follows window resizes and scroll position correctly.
1.2026.4.14:
== MCP client identification == - MCP server now reads clientInfo from the initialize handshake and logs the client name and version on connect - Log line format: "claude-code 0.x.y connected — session abc12345" (one line per session open, replaces the generic "Session ready" line) - Makes cross-client activity visible at a glance in the log overlay — works with any MCP-compliant client (Claude Code, Codex, GitHub Copilot Chat, Cline, Continue.dev, etc.) - Falls back to "unknown unknown" if the client omits clientInfo (spec-optional)
1.2026.4.13:
== Download FetchXML (UI) == - Download FetchXML for the current Retrieve Shares query (entity search and per-principal-tab search), pretty-printed and saved as .xml - Per-tab query tracking in Search by Principal mode; XML button enables/disables based on whether a query has run
== MCP server (Model Context Protocol) == - Embedded MCP server inside the plugin — exposes POA query tools to AI agents (Claude Code, Claude Desktop, etc.) - Streamable HTTP protocol (MCP spec 2025-03-26), single /mcp endpoint, Mcp-Session-Id header for session management - Manual Start/Stop button with inline editable port (default 5580), readonly JSON config display, color status (gray=stopped, green=running), 4-digit port validation (1000-9999)
== MCP tools (9) == - poa_list_shareable_entities — list all entity types that support sharing - poa_record_shares — get all principals with access to a specific record + decoded access rights - poa_search_entity_shares — search all shared records of a given entity type, paged - poa_discover_principal_entities — discover entity types where a principal has shares (with counts) - poa_search_principal_shares — search records of a given entity type shared with a specific user or team, paged - poa_decode_access_mask — decode an access rights bitmask to its named flags - poa_list_entity_columns — list all columns of an entity (logical name, display name, type) - poa_resolve_columns — fuzzy match free-text column names to logical names (4-tier: exact/contains/word overlap) - poa_resolve_principal — resolve a user or team name (or email) to a Dataverse principal with GUID and type - All tools use poa_ prefix and include natural-language question hints in their descriptions for LLM routing
== Additional columns in MCP search == - poa_search_entity_shares and poa_search_principal_shares both accept a "columns" parameter (comma-separated logical names) to include extra columns in results - Resolve free-text column names via poa_resolve_columns first; LLM orchestrates the resolve → search pipeline
== Disambiguation behaviour for AI agents == - When poa_resolve_columns returns multiple candidates for an ambiguous free-text input, the agent is now instructed to present the candidates to the user and let the user pick — instead of silently picking the most likely match - The directive is enforced in three layers: server-level instructions (returned at MCP initialize), the poa_resolve_columns tool description, and the Hint field on the tool response - Works the same across all MCP-compliant clients (Claude Code, Codex VS Code extension, GitHub Copilot Chat agent mode) with no per-client configuration
== MCP log overlay == - Toggleable log overlay panel (dark console theme, Show/Hide button, Clear button) - Per-tool-call download buttons in a right-side strip — each button has the call timestamp, blue accent, download icon, and a tooltip; click saves the FetchXML used for that specific call (with paging attributes stripped) to disk - Enriched logging: arg/result summaries (entity, columns, record count, resolved/unresolved, decoded rights), tool list and protocol-level logging on server start
- More at https://ntit.ai/blog/search-shared-data-crm-entities - Feedback/comments: https://ameedsheikh.wordpress.com/2017/04/19/search-shared-data-across-crm-entities/ - Connect: https://www.linkedin.com/in/ameeds
Very promising - some cleanup is still needed (as of Jan'18) - but a very needed utility.
Related information
Author: Ameed Sheikh, NordTek IT ApSLatest version: 1.2026.4.15Released on: 04/14/2026Nuget package Id: Ameed.Xrm.SearchPOALandscapeOpen Source: falseGo to project web site Ratings (all versions)4Average rating2Number of ratings Downloads0Latest version217417All versions12789.24Average per version TagsSecurityTroubleshootingDataDevelopmentMigrationConfiguration
