In the “couloir” we already knew since a couple of years that Microsoft was investing in Playwright.
Customer, partners, peers,… looking at test automation for Power Platform or Dynamics 365 CE always wondered why EasyRepro is using Selenium and why there is no Playwright version of EaysRepro.
I suspect that in these odd cases it always boils down onto roadmap challenges. But no worries, the FastTrack team has you covered with a open-sourceproject to start your initial Dynamics 365 Customer Service testing.
AAD Kill chain (aadinternals.com) discusses the Azure AD (now Entra ID) and Microsoft 365 kill chain, a collection of reconnaissance techniques and hacking tools for Microsoft cloud services. Here are the key points:
Roles and Targets: The kill chain includes roles like outsider, guest, insider, admin, and on-prem admin, each aiming to escalate their access level.
Recon Techniques: Outsiders can extract information using public APIs and DNS queries, while guests and users can gather data using Microsoft APIs.
Admin Capabilities: Admins have unlimited access to tenant settings, and on-prem admins can exploit Azure AD Connect credentials to gain cloud admin rights.
Security Risks: The document highlights various methods attackers use to gain unauthorized access and the potential harm they can cause.
In summary, good reading for the people needing a security update on what is configurable on M365 level!
Continuing the Application Insights topic, on some engagements we propose to leverage Azure API Management in front of Dataverse Custom API’s or Azure Logic Apps or Azure Functions.
Setting up APIM is not that hard, but getting the next level insight on what’s happening via Application Insights can be a bit more tedious (if you don’t use Application Insights every day of the week which is the case for myself 😊).
So, I recently found this Azure API Management Hands on Lab including a chapter on how to setup and configure the Application Insights integration. Have fun with it!
Once you start pouring telemetry data from Dataverse into Application Insights, it’s time to review what’s happening. As we aren’t Application Insights experts, it’s always good to have some pre-defined examples. Well look no further!
This is one that I forget regulary, meaning I know that this has to be done to ensure my Service Connection in an Azure DevOps Pipeline (classic or yaml) can for example execute a Dataverse backup.
So, first create the App Registration on Azure Entra ID.
Add the App Registration as Application User onto the Dataverse environment
In PowerShell, register the Application user as a “Management Application”:
Once this is done, the SPN/Application User, Management Application, Application Registration (what’s in a name….) can execute these more administrative actions.