Summary Designed a two-page Power BI Income Pipeline Report for a Texas-based Cybersecurity & AI Business Solutions firm using Microsoft Dynamics 365 Project Operations. Unified visibility across Opportunity, Unbilled Income, Billed Income, and Paid Income in a single view. Introduced Average Turnaround to forecast realistic cash collection timelines based on actual payment behavior. Integrated Dynamics 365 Project Operations with QuickBooks to connect sales, delivery, invoicing, and cash collection. Enabled a 17-week rolling revenue forecast with week-by-week cash visibility. Provided dual invoice status for contractual vs realistic payment tracking. Table of Contents 1. Introduction 2. The Business Problem 3. Report Structure Overview 4. The Income Pipeline 5. Project Revenue Forecast 6. Design Principles 7. Business Impact 8. FAQs 9. Conclusion 1. Introduction Managing revenue across a professional services firm is rarely straightforward. When your business spans cybersecurity assessments, AI-driven solutions, and long-term managed services engagements, the gap between work being delivered and cash actually landing in the bank can be wide — and costly if left unmonitored. This is precisely the challenge we set out to solve for a U.S.-based Cybersecurity and AI Business Solutions firm running their operations on Microsoft Dynamics 365 Project Operations. The result was a two-page Power BI report — the Income Pipeline Report — that gives leadership a real-time, end-to-end view of every dollar moving through the business: from early-stage opportunity, through unbilled and billed income, all the way to cash collected. This post walks through how the report was built, how each data layer was modelled, and why the design decisions were made the way they were. 2. The Business Problem The firm needed clarity across four distinct but connected stages of their revenue lifecycle: Sales opportunities and pipeline value Delivered but unbilled work Outstanding invoices and expected payments Actual vs expected payment behavior This would answer as well as resolve the following questions – Where are active sales opportunities sitting, and how much pipeline value do they represent? Which project work has been delivered but not yet invoiced? Which invoices have been raised and sent to clients, and when are they realistically going to be paid? And finally, how does actual payment behaviour compare against what was expected? Each of these questions existed in isolation before. Project managers had partial visibility into their own contracts, and needed a comprehensive bird’s eye view of all of these together. Finance had QuickBooks data but lacked the context of the delivery pipeline. Leadership had no consolidated view. The Income Pipeline Report brought all of this together in a single, navigable Power BI experience. 3. Report Structure Overview The report consists of two pages: Income Pipeline Report — a high-level pipeline view across four stages: Opportunity, Unbilled Income, Billed Income, and Paid Income, each with summary cards and interactive donut charts. Project Revenue Forecast — a time-distributed breakdown of expected cash collection across a rolling 17-week horizon, organised by customer and contract. 4. The Income Pipeline The Four-Stage Pipeline Banner Across the top of the report, four chevron-style stage indicators guide the revenue journey: Opportunity → Unbilled Income → Billed Income → Paid Income Each stage includes a summary card showing record count and total value Provides immediate visibility into where revenue is sitting Highlights potential bottlenecks across the pipeline Stage 1 — Opportunity Data sourced from Dynamics 365 Sales using Business Process Flow (BPF) Uses active BPF stage (Develop, Propose, Close) instead of static fields Ensures accurate reflection of real sales progression Estimated revenue pulled directly from opportunity records Donut chart shows distribution across Develop, Propose, and Close stages Stage 2 — Unbilled Income Represents contracted or delivered work not yet invoiced Sourced from project contract lines in Dynamics 365 Project Operations Includes: Fixed Fee milestones (explicit values) Time & Material (T&M) estimates based on resource allocations T&M calculated as allocated hours × billing rate Clearly marked as estimated until billing run is executed Grouped into payment expectation buckets (30, 60, 90, 120, 180+ days) Uses Average Turnaround to forecast realistic payment timing Stage 3 — Billed Income (Confirmed Invoices) Combines Dynamics 365 Project Operations and QuickBooks data Tracks invoices that are confirmed and sent to clients Introduces Average Turnaround: Average days from invoice creation to payment Based on historical payment behaviour Each invoice has two statuses: Contractual (due date) Estimated (based on Average Turnaround) Provides realistic vs contractual payment visibility Includes: Due-date based categorisation Estimated overdue analysis Prevents misleading insights from strict payment terms alone Stage 4 — Paid Income Tracks fully collected invoices Uses QuickBooks for actual payment dates Groups payments by time bands (under 30, 60, 90 days, etc.) Enables comparison between actual vs estimated payment behaviour Continuously improves accuracy of Average Turnaround Tooltip Drill-Down Hover shows: Payment band Record count Total value Drill-through available for detailed record-level analysis 5. Project Revenue Forecast Overview Distributes expected cash collection across a rolling 17-week window Shifts view from pipeline stage to time-based forecasting Hierarchy and Structure Customer → Contract → Revenue Type Revenue types include: T&M run schedules Fixed Fee milestones Confirmed invoices Each row shows: Customer Contract Billing type Average Turnaround Value mapped to expected payment week Weeks range from Week 0 to Week 16 Top row aggregates total expected cash per week Colour Coding Amber — Unbilled income Green — Invoice within terms Red — Overdue (based on estimated payment date) Drill-Through to Detail Click any row to view detailed breakdown Includes: Billed invoices with due and estimated dates Unbilled milestones and run schedules Connects high-level forecast to transactional detail 6. Design Principles Average Turnaround over payment terms Reflects actual customer behaviour instead of contractual assumptions. Dual invoice status Provides both contractual and realistic payment visibility. Consistent time buckets Ensures comparability across Opportunity, Unbilled, Billed, and Paid stages. Weekly forecasting instead of monthly Supports short-term cash flow planning aligned with operational rhythm. 7. Business Impact Improved cash flow predictability Earlier visibility of at-risk invoices Unified cross-team visibility Improved T&M billing discipline Increased accountability 8. FAQs What is Average Turnaround and why does it … Continue reading How we designed & deployed an Income Pipeline Report for a Texas, U.S. based Cybersecurity & AI Business Solutions Firm, via MS D365 Project Operations and Power BI. →

Summary A Houston-based cybersecurity firm eliminated report failures (~65%) by replacing SSRS with an Azure Function App pipeline. Dynamics 365 bound action ensured authentication stayed internal, bypassing Defender-related token failures. Integrated Power Pages, Power Automate, Dynamics 365, and Azure Functions for real-time PDF generation. Report generation time reduced from 3–8 minutes to under 15 seconds with zero infrastructure overhead. Table of Contents 1. About the Customer 2. The Challenge 3. The Solution 4. Technical Implementation 5. Business Impact 6. FAQs 7. Conclusion 1. About the Customer The client is a technology consulting and cybersecurity services firm based in Houston, Texas. They manage multiple concurrent client engagements using Dynamics 365 Project Operations as their core platform. Project managers and clients access live project data through a customer-facing portal built on Microsoft Power Pages. 2. The Challenge The organization needed one-click downloadable Project Status Reports from their Power Pages portal covering risks, issues, logs, and timelines. Their SSRS-based solution failed frequently due to authentication breakdowns caused by Microsoft Defender for Cloud Apps across multiple service boundaries. Key pain points: Silent authentication failures with no clear errors Retry delays of 60–90 seconds per attempt Separate SSRS infrastructure dependency Slow report customization cycle Project managers avoided generating reports during live meetings due to reliability concerns. 3. The Solution At Cloudfronts, while working on this project, I replaced the SSRS pipeline entirely with a synchronous, serverless architecture that keeps the authentication context inside the Dynamics 365 service layer. Technologies Used: Dynamics 365 Project Operations Power Pages Power Automate Plugins Azure Function Apps The solution generates fully formatted PDFs in real time using structured JSON payloads. This eliminated authentication failures while significantly improving speed and reliability. 4. Technical Implementation 1] Power Pages Button triggers Flow A “Download Report” button captures the project GUID and triggers a Power Automate flow with real-time progress feedback. 2] Dynamics 365 Plugin prepares JSON payload A bound action plugin retrieves all project data and converts it into a clean JSON payload for PDF generation. 3] Azure Function generates PDF The Azure Function processes the JSON and generates a formatted PDF, returning it as a Base64 string. 4] SharePoint Integration The generated PDF is automatically stored in the associated SharePoint document location linked to the project. This ensures centralized document management, version control, and easy access for stakeholders directly within the project workspace. 5] Portal PDF Preview The Base64 PDF is rendered directly in the portal using an iframe, allowing instant preview and download. Video: End-to-end implementation of real-time PDF report generation. 5. Business Impact 100% success rate — zero failures post deployment Under 15 seconds report generation time No infrastructure — fully serverless Zero authentication failures Faster iteration for report updates Project managers can now confidently generate reports during live client meetings. 6. FAQs Why not fix the SSRS authentication issue instead of replacing SSRS entirely? The authentication failures were a structural consequence of traversing multiple service boundaries in an environment with strict Defender for Cloud Apps session policies. Fixing them would have required either relaxing those policies — which the client’s security posture did not permit — or re-architecting the data retrieval to stay inside the platform, which is exactly what the bound action approach achieves. Replacing SSRS also removed a separate infrastructure dependency and gave the client full control over report formatting in code. Can this pattern be reused for other document types in Dynamics 365? Yes. The Azure Function App’s renderer is data-driven — it consumes a JSON payload and builds tables from whatever keys are present. The Dynamics 365 plugin can be adapted to query any entity and produce an equivalent payload. CloudFronts has applied the same pattern to inspection records, summary reports, and client-facing status documents across Professional Services and Manufacturing implementations. Does this work for environments without Microsoft Defender for Cloud Apps? Yes. The architectural benefits — synchronous generation, serverless PDF rendering, no SSRS infrastructure, and in-browser preview — apply regardless of the security layer on the environment. 7. Conclusion Replacing SSRS with an Azure Function App-based PDF renderer resolved both the reliability and authentication problems in a single architectural shift, delivering instant, professional-quality Project Status Reports from a Microsoft Power Pages portal with no legacy reporting infrastructure to maintain. The key lesson from this project is that keeping authentication within the Dynamics 365 service layer — rather than bridging to external systems — eliminates an entire category of environment-specific failures that are otherwise very difficult to diagnose and fix. By keeping authentication within Dynamics 365 and leveraging serverless architecture, the solution delivers instant, high-quality reports without infrastructure overhead. This approach demonstrates how modern cloud-native patterns can eliminate entire classes of system failures while improving user experience dramatically. Ready to modernise document generation in your Dynamics 365 environment?CloudFronts builds scalable Power Platform and Dynamics 365 solutions that replace legacy reporting infrastructure and automate document workflows. Reach out at transform@cloudfronts.com. Shashank Keny Associate Consultant · CloudFronts Shashank Keny is an Associate Consultant at CloudFronts with 1.5+ years of experience in cloud, data, and business applications. He specializes in building scalable, API-driven architectures and integrating enterprise systems across the Microsoft ecosystem. He is a Certified Databricks Data Engineer with hands-on experience in Dynamics 365 Project Operations and Dynamics 365 Sales, along with delivering business intelligence solutions using Power BI. His expertise also extends to modern AI solutions, including building custom copilots and implementing intelligent applications using Azure AI Foundry. Passionate about solving real-world business challenges through data and AI, he focuses on delivering efficient, scalable, and production-ready solutions. Experience: 1.5+ years Certification: Databricks Certified Data Engineer Specialization: Dynamics 365 Project Operations, Power BI, Azure Integrations, AI Solutions View LinkedIn Profile

Summary A US-based oil & gas cybersecurity firm implemented a mobile-first Canvas App integrated with Dynamics 365 Project Operations to unify time, expense, and material submission, tracking, and approval. The solution enabled project-specific approval workflows where only assigned approvers could validate submitted records. CloudFronts introduced a dual-mode interface (Day Mode and Week Mode) to improve usability for both field engineers and managers. Submission and approval cycle time reduced from hours/days to near real-time visibility. Table of Contents 1. Customer Scenario 2. Solution Overview 3. Key UX Features 4. Functional Implementation 5. Solution Walkthrough 6. Architecture & Integration Approach 7. Business Impact 8. FAQs 9. Conclusion Customer Scenario A Texas-based cybersecurity firm specializing in operational technology (OT) security for oil rigs manages multiple concurrent field projects using Dynamics 365 Project Operations. Employees and resources were responsible for logging: Time entries Expense entries (travel, accommodation, airfare, etc.) Material usage logs (equipment, parts, consumables, etc.) However, the system was not designed for mobile-first usage, and processes were fragmented across multiple interfaces. Key Challenges Field engineers & other Resources could not efficiently submit entries from mobile devices Time, expense, and material tracking existed in separate workflows Approval processes had to be restricted to project-specific stakeholders Project managers lacked real-time visibility into resource usage • Delays in submission can cause downstream billing and reporting issues Project tracking accuracy can get compromised, and reporting delays directly affected client communication and billing cycles. Solution Overview CloudFronts designed and deployed a unified mobile application using Power Apps (Canvas Apps) integrated with Dynamics 365 Project Operations. Objective: One app → All submissions → Controlled approvals → Real-time visibility What the App Enables For Field Users: Submit time entries (daily or weekly) Create expense entries with receipt validation Log material consumption against projects Track submission status instantly For Project Approvers: View only entries related to assigned projects Approve or reject submissions directly from mobile Maintain audit-ready approval workflows Key UX Features The application is designed with a strong focus on usability for both resources and project approvers, ensuring a seamless mobile experience across submission and approval workflows. 1. Day Mode / Week Mode Toggle The app provides a flexible entry experience through a dual-mode interface: Day Mode: Enables detailed entry for a single day, ideal for precise logging and corrections. Week Mode: Allows bulk entry across multiple days, reducing effort for repetitive data entry. This flexibility significantly improves usability across different working styles and scenarios. 2. Calendar-Based Swipe Navigation The application introduces a Dynamics-style calendar navigation with swipe support, allowing users to: Traverse across multiple days or weeks effortlessly View and manage multiple submission records in sequence Navigate between historical and current entries with minimal effort This mobile-first interaction design reduces friction in high-frequency data entry scenarios. 3. Unified Submission & Approval Experience The UI/UX is intentionally designed to mirror the complete lifecycle of a record, ensuring consistency between submission and approval stages. Each record follows a structured lifecycle aligned with Dynamics 365 stages: Submitted Pending Approved Rejected Recall Requested Recall Request Approved Recall Request Rejected The interface dynamically adapts based on the current stage: Action buttons (Approve, Reject, Recall, etc.) are conditionally visible Status indicators are clearly displayed Users experience the same structured flow from creation to closure This ensures clarity, reduces errors, and improves user confidence in the system. 4. Dynamic Action-Based UI (Smart Button Behavior) The app intelligently modifies UI controls based on record state: Submit button appears only for draft entries Approve/Reject buttons are visible only to project approvers Recall option is available only after submission Post-approval states restrict further edits This enforces role-based and state-based control, preventing invalid actions and maintaining process integrity. 5. Conditional Receipt Upload for Expense Entries Expense submission logic is enhanced with category-driven validation: Mandatory: Airline tickets, OT hardware purchases Optional: Meals, local travel This balances compliance requirements with user convenience, avoiding unnecessary friction. 6. On-Demand Data Refresh Users can manually refresh data within the app to: Fetch the latest submission and approval statuses Sync newly created or updated records Ensure real-time visibility without relying solely on background refresh Especially useful in environments with intermittent connectivity. 7. Mobile-First Interaction Design Touch-friendly controls Swipe navigation Lightweight screens for faster performance Minimal navigation depth This ensures field engineers working in remote or on-site environments can operate efficiently. Functional Implementation This section outlines how the solution was implemented within Dynamics 365 Project Operations and the Power Platform to enable end-to-end submission and approval management. 1. Unified Data Model in Dataverse All three entry types — Time, Expense, and Material — are structured within Dataverse and linked to: Project Resource (User) Approval records Supporting documents (for expenses) Each submission creates a corresponding record with a defined lifecycle stage, ensuring consistency across all entry types. 2. Submission Logic from Canvas App Each submission type follows a structured flow: User selects project and entry type (Time / Expense / Material) Required fields are validated based on entry type Conditional logic enforces: Receipt requirement (for specific expense categories) Mandatory fields (based on business rules) Record is created in Dataverse Submission triggers backend approval workflow This ensures that all records entering the system are complete, validated, and ready for approval processing. 3. Approval Record Creation & Routing Upon submission: A corresponding approval record is automatically created The system identifies project-specific approvers Key behavior: Only assigned project approvers can view and act on records Approval actions update the main record status 4. Record Lifecycle Management (Status-Driven System) Lifecycle: Draft → Submitted → Pending → Approved / Rejected → Recall Flow Users submit records → moves to Submitted Approvers review → Approved or Rejected Users request recall → Recall Requested Approvers respond → Recall Approved or Rejected Controlled through: Power Apps UI logic MS Bound Actions for submission and approval handling Dataverse status fields 5. Expense Receipt Handling (Integrated from Previous Solution) Receipt upload enforced conditionally Files stored as Notes (Annotations) in Dataverse Linked to expense records This eliminates manual document handling and ensures compliance. Solution Walkthrough The following walkthrough … Continue reading How We Built & Deployed a Mobile-Based Canvas App for Unified Time, Expense (with Receipts) & Material Submission with Project-Based Approvals for a US Cybersecurity Firm →

Summary In most CRM implementations, data exposure should be encapsulated for both inside & outside the organization. Sales, Finance, Operations, HR, everyone works in the same system. Collaboration increases. Visibility increases. But so does risk. This is based on real-world project experience, for a practical example I had implemented for a technology consulting and cybersecurity services firm based in Houston, Texas, USA, specializing in modern digital transformation and enterprise security solutions. This blog explains: 1] Why Security Roles alone are not enough. 2] How users can still access data through Advanced Find, etc. 3] What Field-Level Security offers beyond entity-level restriction. 4] Step-by-step implementation. 5] Business advantages you gain. Table of Contents The Real Problem: Intra-Organizational Data Exposure Implementation of Field-Level Security Results Why Was a Solution Required? Business Impact The Real Problem: Intra-Organizational Data Exposure Let’s take a practical cross-department scenario. Both X Department and Y Department work in the same CRM system built on Microsoft Dynamics 365. Entities Involved 1] Entity 1 2] Entity 2 Working Model X Department Fully owns and manages Entity 1 Occasionally needs to refer to specific information in Entity 2 Y Department Fully owns and manages Entity 2 Occasionally needs to refer to specific information in Entity 1 This is collaborative work. You cannot isolate departments completely. But here’s the challenge: Each entity contains sensitive fields that should not be editable — or sometimes not even visible — to the other department. Security Roles in Microsoft Dynamics 365 operate at the entity (table) level, not at the field (column) level. Approach Result Remove Write access to Entity 2 for X Dept X Dept cannot update anything in Entity 2 — even non-sensitive fields Remove Read access to sensitive fields in Entity 2 Not possible at field level using Security Roles Restrict Entity 2 entirely from X Dept X Dept loses visibility — collaboration breaks Hide fields from the form only Data still accessible via Advanced Find or exports This is the core limitation. Security Roles answer: “Can the user access this record?” They do NOT answer: “Which specific data inside this record can the user access?” Implementation of Field-Level Security Step 1: Go to your Solution & Identify Sensitive Fields, usually Personal info, facts & figures, etc. e.g. cf_proficiencyrating. Step 2: Select the field and “Enable” it for Field Level Security (This is not possible for MS Out of the Box fields) Step 3: Go to Settings and then select “Security” Step 4: Go to Settings and then select “Security” -> “Field Security Profiles” Step 5: Either create or use existing Field Security Profile, as required Step 6: Within this one can see all the fields across Dataverse which are enabled for Field Security, Here the user should select their field and set create/read/update privileges (Yes/No). Step 7: Then select the system users, or the Team (having the stakeholder users), and save it. Results: Assume you are a user from X dept. who wants to access Entity 2 Record, and you need to see only the Proficiency Rating & Characteristic Name, but not Effective Date & Expiration Date; now since all fields have Field Level Security they would have a Key Icon on them, but the fields which do not have read/write access for you/your team, would have the Key Icon as well as a “—“. The same thing would happen in Views, subgrids, as well as if the user uses Advanced Find. Why this Solution was Required? The organization needed: 1] Cross-functional collaboration 2] Protection of confidential internal data 3] Clear separation of duties 4] No disruption to operational workflows They required a solution that: 1] Did not block entity access 2] Did not require custom development 3] Enforced true data-level protection Business Impact 1. Confidential Data Protection Sensitive internal data was secured without restricting overall entity access, enabling controlled collaboration. 2. Reduced Internal Data Exposure Risk Unauthorized users could no longer retrieve protected fields via Advanced Find, significantly lowering governance risk. 3. Clear Separation of Duties Departmental ownership of sensitive fields was enforced without disrupting cross-functional visibility. 4. Improved Audit Readiness Every modification to protected fields became traceable, strengthening accountability and compliance posture. 5. Reduced Operational Friction System-enforced field restrictions eliminated the need for entity blocking, duplicate records, and manual approval workarounds. 6. Efficiency Gains The solution was delivered through configuration — no custom code, no complex business rules, and minimal maintenance overhead. I Hope you found this blog useful, and if you would like to discuss anything, you can reach out to us at transform@cloudFronts.com.

In an ideal Dynamics 365 (Dataverse) project, plugin source code lives safely in a version-controlled repository, flows cleanly through Azure DevOps pipelines, and is always recoverable. In reality, many of us inherit environments where that discipline didn’t exist. I recently worked with a customer where: This created a common but uncomfortable challenge in the Dynamics 365 world:How do you maintain, debug, or enhance plugins when the source code is lost? Rewriting everything from scratch was risky and time-consuming. Guessing behavior based on runtime results wasn’t reliable. Fortunately, Dynamics 365 and the .NET ecosystem give us a practical and effective alternative. Using XrmToolBox and JetBrains dotPeek, it is possible to recover readable C# plugin code directly from the deployed assembly. (Though the C# Class code recovered won’t be 100% exact, as the variable names would be different and generic; it is only suitable for close logic, structure & functional recovery) The Practical Solution The approach consists of two main steps: This does not magically restore comments or original formatting, but it does give a working, understandable code that closely reflects the original plugin logic. Tools Used Step 1: Extract the Plugin Assembly from Dataverse 1. Connect to the Environment 2. Load the Assembly Recovery Tool 3. Download the DLL At this point, you have successfully recovered the compiled plugin assembly exactly as it exists in the environment. Step 2: Decompile the DLL Using JetBrains dotPeek 1. Open dotPeek 2. Explore the Decompiled Code dotPeek will: One can now browse through: This is usually more than enough to understand how the plugin works. 3. Export to a Visual Studio Project (Optional but Recommended) One of dotPeek’s most powerful features is Export to Project: This gives you a proper .csproj with class files that you can open, build, and extend. Possibilities with the Recovered Code Once you have the decompiled C# code, several options open up: 1. Rebuild the Plugin Assembly 2. Re-register the Plugin 3. Maintain or Enhance Functionality Important Considerations Key Takeaway Losing plugin source code does not mean losing control of your Dynamics 365 solution. With XrmToolBox’s Assembly Recovery Tool and JetBrains dotPeek, you can: There are chances while working in Dynamics 365 technologies, that a developer might face this situation. Knowing this technique can save days-or weeks-of effort and give your customer confidence that their system remains fully supportable. We hope you found this blog useful, and if you would like to discuss anything, you can reach out to us at transform@cloudfronts.com

Dynamics 365 model-driven apps are excellent at storing business data, but not every piece of information belongs in Dataverse. A common design folly is using Dataverse fields to store temporary UI state-things like selected views, filters, or user navigation preferences. While this works technically, it introduces unnecessary performance overhead and can create incorrect behavior in multi-user environments. In this blog, I’ll focus on browser-level retention of CRM UI data using “sessionStorage“, using subgrid view retention as a practical example for a technology consulting and cybersecurity services firm based in Houston, Texas, USA, specializing in modern digital transformation and enterprise security solutions. The Real Problem: UI State vs Business Data Let’s separate concerns clearly: Type Example Where it should live Business data Status, owner, amounts Dataverse UI state Selected view, filter, scroll position Browser Subgrid views fall squarely into the UI state category. Scenario: Subgrid View Resetting on Navigation Users reported the following behavior: This breaks user workflow, especially for records that users revisit frequently. Possible Solution: Persisting UI State in Dataverse (Original Approach) This would attempt to fix it by storing the selected subgrid view GUID in a Dataverse field on the parent record. How It Works Why this might look reasonable The Hidden Problems 1] Slower Form Execution 2] Data Model Pollution 3] Incorrect Multi-User Behavior 4] Scalability Issues In short, Dataverse was doing work it should never have been asked to do. Workaround to this Approach: Keep UI State in the Browser for that session, But practically: The selected subgrid view belongs to the user’s session, not the record. Once that boundary is respected, the solution becomes much cleaner. Practical Solution: Browser Session Storage (Improved Approach) Instead of persisting view selection in Dataverse, we store it locally in the browser using sessionStorage. sessionStorage is part of the Web Storage API, which provides a way to store key-value pairs in a web browser. Unlike localStorage, which persists data even after the browser is closed, sessionStorage is designed to store data only for the duration of a single session. This means that the data is available as long as the tab or window is open, and it is cleared when the tab or window is closed. Why Session Storage? How the Improved Solution Works 1. Store the View Locally on Subgrid Change 2. Restore the View on Form/Grid Load This ensures that when the user revisits the form, the subgrid opens exactly where they left off. Why This Approach Is Superior 1] Faster Execution 2] Correct User Experience 3] Clean Architecture 4] Zero Backend Impact When to Use Browser-Level Retention Use this pattern when: Examples: To conclude, not all data deserves to live in Dataverse. When you store UI state in the browser instead of the database, you gain: Subgrid view retention is just one example-but the principle applies broadly across Dynamics 365 customizations. We hope you found this blog useful, and if you would like to discuss anything, you can reach out to us at transform@cloudfronts.com

In complex business processes, like calculating commissions or validating data across multiple records, applying the same logic repeatedly in a Power Automate flow can quickly become inefficient and difficult to maintain. A more scalable approach is to encapsulate the logic in a Dataverse plugin, expose it as a bound action, and then call this action from a flow. This method centralizes business rules, reduces redundancy, and improves maintainability. In this post, we’ll walk through the steps to implement this approach and examine its advantages over applying the same logic directly within a flow for each individual record. We’ll illustrate this with a practical example from a Houston-based technology consulting and cybersecurity services firm that specializes in modern digital transformation and enterprise security solutions. Flow Diagram Step 1: Create the PluginThe first step is to write a plugin that contains the logic you want to apply to each record. Example: DuplicateCommissionsCounter Step 2: Expose the Plugin as a Bound ActionInstead of running plugin logic manually for each record, you can register it as a bound action in Dataverse. Procedure: E.g. 2. Attach your plugin to this action. Outcome: This exposes your plugin logic as a reusable, callable bound action. Any process or flow can now invoke it for a specific invoice record. Step 3: Use Power Automate to Call the Bound ActionOnce the plugin is exposed, you can loop through multiple records in a flow and call the action. Procedure in Power Automate: This approach ensures that all complex logic resides in the plugin, while the flow orchestrates which records need processing. Advantages Over Logic Directly in the Flow To conclude, exposing plugins as bound actions is a robust, maintainable way to apply complex logic across multiple records in Dataverse. It allows Power Automate flows to focus on orchestration rather than logic execution, leading to cleaner, faster, and easier-to-manage solutions. We hope you found this blog useful, and if you would like to discuss anything, you can reach out to us at transform@cloudfronts.com

Uploading and managing quotes efficiently is crucial for Dynamics 365 CRM users. However, sometimes you may want to restrict certain buttons, such as the ‘+New’ Quote button, to only users with specific roles, like the “System Administrator.” In this guide, I’ll walk you through how to achieve this by leveraging JavaScript and the Ribbon Workbench tool in Dynamics 365. This method allows administrators to control button visibility based on user roles, ensuring that only users with the correct permissions can access sensitive functionality. The Use-Case: Restricting Access to the ‘+New’ Quote Button for Non-Administrators. Imagine a scenario where your organization needs to ensure that only users with a “System Administrator” role can create new quotes in Dynamics 365. This is crucial for maintaining control over who can initiate important processes within your CRM system. Using JavaScript and Ribbon Workbench, you can easily customize the UI to hide the ‘+New’ Quote button for non-administrators. Here’s how this use case can be implemented: In this scenario, your team wants to ensure that only system administrators have access to the “+New” button for creating quotes in the system. For non-administrators, the button will be hidden from both the homepage subgrid and the main quote tab to prevent unauthorized users from creating quotes. By using the Ribbon Workbench tool, a custom JavaScript function is created to check if a user has the “System Administrator” role. If they do, the “+New” button remains visible, and they can create a new quote. For all other users, the button is hidden. Key Components of the Solution 1. Ribbon Workbench: The Ribbon Workbench tool allows you to customize the Dynamics 365 ribbon, enabling you to create custom buttons and define their visibility and actions. It is used to create the new custom “+New” Quote button, which replaces the default button while maintaining system integrity. 2. JavaScript Customization:  Custom JavaScript is used to manage role-based access for the “+New” Quote button. The script checks the user’s role within Dynamics 365 to ensure that only users with the “System Administrator” role can view and use the button. This helps enforce security and restricts unauthorized users from creating new quotes. 3. Enable Rule for Button Visibility:   An Enable Rule is set to control the visibility of the custom “+New” Quote button based on the user’s role. It ensures that only users with the “System Administrator” role can see and use the button, while hiding it for other users. 4. Custom Button Action (Command): The command linked to the custom “+New” button triggers a custom action (JavaScript function) to open the quote form. This ensures that the action associated with the button aligns with the business needs and provides a seamless user experience for administrators. Step-by-Step Process Sign in to Dynamics 365 using your URL, such as abc.dynamics.com, and enter your credentials or login to make.powerapps.com Create a solution and add the web resource. Once it’s done login to ribbon workbench from XRM toolbox and connect to your organization. After logging in, it is recommended to create a new solution for Ribbon Workbench in Dynamics 365. Ensure that no forms, views, charts, or other entities are included, as Ribbon Workbench may fail to upload the solution with excessive data. Only include the Quote entity with no additional dependencies. Ensure the existing +New Quote button is hidden, as modifying Microsoft-standard buttons is not recommended. Instead, create a new custom button and implement the functionality for creating a new quote Form using custom JavaScript. I have provided the code for this functionality as well. Ensure that the existing +New button for quote would be hidden from the homepage Subgrid and the quotes main tab. Next step would be to create a enable rule. Enable rule is used to control the visibility and availability of a button or command of the button. Name the id of your choice but make sure to add the suffix Enable Rule. Here, un-customised is set to False. By setting isCore (or Un customized) to false, you’re indicating that the button or element is a custom component, not part of the out-of-the-box (core) solution provided by Microsoft. This helps differentiate custom actions from the default ones in the system. Below is the code for the new quote form create and user role-based code. Make sure to select the Function name properly. After setting the enable rule, go to the Commands section in Ribbon Workbench and rename the command. A command defines the action triggered by a button click. Since this is a new button, you’ll need to add the custom form opening code. Below is the function for creating the form. Final Steps: Once the command is added, don’t forget to add the Enable rule that you have created above. Once the command is added, make sure to add all the rules we wrote into the custom button. The image also needs to be added so that the icon can be visible. My custom +New icon looks like this. Testing: Once everything is done, make sure Publish the changes. You can now try to log in from the user that has no System administrator role. Once logged in, you can see that button is not visible. Button will be only visible to user that have system Administrator role. User having no System Administrator role. You can see below that there’s no +New button displayed. To conclude, by following this guide, you can efficiently control the visibility of the ‘+New’ Quote button in Dynamics 365 CRM, making it accessible only to users with the “System Administrator” role. This ensures better control over who can create quotes in the system while maintaining the flexibility of user roles. We hope you found this blog useful, and if you would like to discuss anything, you can reach out to us at transform@cloudfonts.com.

Use case – Our requirement is to enable field description field on invoice line form on clicking of tab General. Let’s see how we can achieve this Solution – Step 1 – Create web resource with below function- var invoiceLineCustomization = {     unlockField : function(executionContext)     {         var formContext = executionContext.getFormContext();             formContext.getControl(“description”).setDisabled(false);     }, } Step 2: Add this web resource on tab property event TabStateChange and try. (path to go to event tab – Click on tab -> change properties -> event) Output – Hope this helps !

D365 gives us a functionality to assign a record to a group of users which can be archived by using a D365 Team these users then are know as members of that respective team, due to functionality restrictions we cannot send an email to a  D365 team, however there are a few workarounds by which we can achieve this functionality. Lets consider a case. Suppose we have a D365 team called as “Accounts Associates” we have added a set of users in this team. Now if an invoice milestone is in the ready state i.e. “Ready For Invoicing” we need to send a reminder email to this “Accounts Associates” team to take an action regarding the ready invoicing. Solution :- The following case can be achieved by using an Out of the box functionality i.e. By using a distribution list Note :- (we must have an Microsoft Exchange License). Lets Begin with the implementation. Step – 1 Creating a Distribution List Login to your admin center (Link –https://admin.microsoft.com/) In the Admin center  Section of the  Left navigation bar select “Exchange”. Under the “recipients” select “groups”. In the “+ New Microsoft 365 Group” pull down the dropdown and add the distribution list. Add the Display name and the “Alias” and save the Distribution list. Add same users which are present in the teams to this Distribution list. Step – 2 Creating a Queue in D365 Go to “Settings” -> “Service Management” ->” Queues” and click on “+NEW” -> give it a name -> “Save”  A mailbox would be created with the same name that of the queue.   Open the mailbox. The Email address field will be blank, add the Distribution List’s email address created in Step 1.    Step -3 Create a New Team or select an Existing Team. In the Default Queue lookup, select the Queue created in Step 2. Step – 4 Create a Flow which triggers on update of a project contract line milestone i.e. When status is ready for invoicing Flow triggers when Project Contract Line is Updated, Condition Invoice Milestone is Ready for invoicing for which click on the “…” select settings and add the following condition in the trigger sectio Get the Teams ID in this case I have hardcoded the ID as no record was associated with it to retrieve it Get the Teams Details. Get the Default Queue to which the email will be triggered . Send an Email to the Incoming Email of that Queue which is Email ID set on the Distribution list. Note : (We will have to Manually add or remove the users from both the Distribution list and the Teams. i.e. both the team and the distribution list must be sync, if a member is added or removed from the team the same should be done in the distribution list ) Output . Hope this helps.!