18 Mar’19

Azure and Office 365Manage and secure Dynamics 365 for Customer Engagement documents in SharePoint Online


When you check your Dynamics 365 Customer Engagement Entity records, you might think where your documents related to specific entities will get stored.

Here, SharePoint comes into the picture. The built-in integration between Dynamics 365 and SharePoint is mainly focused on managing & storing documents in SharePoint and ultimately then surfacing these in the context of a CRM record.

Apart from storing the documents in SharePoint, you might also wonder that is your stuff secure on SharePoint Online.

In this article, we are going to see how you can store the documents on SharePoint Online and how we can secure those documents through SharePoint Online security features.

For using the document management functionality, you need to enable the server-based SharePoint integration on a Site Collection in SharePoint Online.

Note – Installing Microsoft Dynamics 365 List Component was used for SharePoint On-Premise earlier versions and is not required for SharePoint Online and later versions of SharePoint on-premises.

IT Considerations:

  1. No additional software is required to install on SharePoint
  2. You need to have System Administrator Security role in Microsoft Dynamics 365.
  3. Make sure that the Dynamics 365 Customer Engagement and SharePoint Online in under the same Office 365 tenant.

Steps for enabling server-based SharePoint Integration:

  • Login to Dynamics 365 Customer Engagement services > Settings > Document Management.
  • Under Document Management, go to Enable Server-Based SharePoint Integration.

  • Check out the changes (in the below image) which you will notice if you have used the previous SharePoint integration and click on

  • Select between Online & On-Premises depending upon the SharePoint infrastructure you have and click NEXT (check below image).

  • Now you must enter the URL of your SharePoint site where you want your Dynamics 365 entity records documents to be stored.
    Here, I have entered the URL of my root site collection ‘https://o365talks.sharepoint.com’, you may want to have a different Site Collection for your D365 documents as per Organisation requirements.
    For that, you can create a new Site Collection, such as https://o365talks.sharepoint.com/sites/Dynamics365You can create Site Collection from the SharePoint Online admin center.

  • Here it will show the site URL validation status. Click on NEXT after the validation succeeds. So we are done with the SharePoint integration. Now we need to enable document management for specific Dynamics 365 Customer Engagement Entities.

Enable SharePoint document management for specific Dynamics 365 for Customer Engagement apps entity records.


  • Go to Settings > Document Management Settings.

  • Select the entities (for eg, Accounts, Lead, Opportunities, Projects) for which you wanted to store the documents in SharePoint Online and click on NEXT.

  • Check Based on Entity and select Account or Contact to create a folder structure based on a specific entity (Account or Contact), or else you click on NEXT without checking if you don’t want your folders to be automatically created based on the Account or Contact entity.

  • Now you can see the SharePoint Online Document Library has been created as the status is Succeeded. Click FINISH.

  • You can see in the below image Document Libraries has been created for the entities under the SharePoint site (https://o365talks.sharepoint.com). You can access the same by going to Site Contents.

Keep your D365 Customer Engagement documents safe

While having the integration done for document management in SharePoint Online, it is also important to secure these documents. For that, there are several features which you can use to keep your SharePoint Online documents secure.

  • Using Permission Level: – Microsoft already provides a set of default permission levels which is very useful, but you can also create new permission levels in SharePoint Online. You can then create Groups for that Site Collection for e.g. https://o365talks.sharepoint.com, associated with the permission level. For e.g., you can create a permission level called Contribute (Not delete) which means the users associated with this permission level will not be able to delete anything.

Note – Never modify or delete a default permission level.

    • Retention policy from Office 365 Security & Compliance center: – Create a Retention Policy for all or chosen SharePoint Online sites, so that if accidentally or by purpose if the documents are deleted from SharePoint Online it can be recovered.

    • Restricting access for certain records: – You might not want that all the users should have access to all D365 for Customer Engagement records. You can basically customize permission for that SharePoint Document library to achieve the same. By default, all sites, list, libraries within a site collection inherit permissions from the parent site break the inheritance from library settings and then add only those users whom you want to provide access.

    • Alerts: – Alerts can be set in two ways for SharePoint Online.
      a. Setting up alerts from SharePoint Online – You can set alerts for a specific document library within SharePoint Online, so if there is any modification or deletion you can get email or SMS alert.b.  Alerts from the Security & Compliance center in Office 365: – Here we can set alerts whenever there is any activity in SharePoint Online defined by you. We can only get Email notifications in this case and not an SMS, unlike SharePoint Alerts.

    • Audit in Office 365 Security & Compliance center: – With the help of Audit you can search for Users and Admin activities. Before you can start searching for the audit logs it needs to be turned ON. To turn it ON, just click Start recording user and admin activity on the Audit log search page in the Security & Compliance center.
      Here, we can get the audit logs for the activities defined by you.

    • Access Control in SharePoint Online admin center: – With the help of access control, you can restrict or allow all the users to access SharePoint Online contents on basis of network location, which can do in just a few clicks.
      This helps to prevent access from untrusted locations.

    • Conditional Access using Azure Active Directory: – You can either restrict access or enforce Multi-Factor Authentication for specific users or group of users whenever SharePoint Online is accessed from an untrusted location.
      Note: – This method requires Azure AD Premium license for users.
      If you want to simply restrict all the users from accessing SharePoint Online on the basis on a network location, you can simply use Access Control in SharePoint Online Admin Center.

    • Manage Sharing from SharePoint Online admin center: – External sharing is one of the key features to collaborate. However, this increases the possibility of data loss. According to the organization requirements, you can select from the given options for e.g. you may choose that only authenticated users who can sign in to Office 365 can access the content which is shared with them.



While I have explained this is in a detailed manner, there are lots of other ways where SharePoint and Dynamics 365 compliment each other. Security is just one aspect. I shall be listing other such features ahead in my blogs.

Hope the above information helps!













Written by

Abhishek Kumar

Office365 Administrator

Leave a Reply

Your email address will not be published. Required fields are marked *

Want to streamline your business processes?

  • This field is for validation purposes and should be left unchanged.

Recent Articles

  • Expenses in PSA for Fixed Bid and T&M contracts

    23 August’ 2019

    Problem Definition: One of my clients decided to use Expense module in PSA and to his surprise he could see the amount v...

    Read more
  • Setup Dockers

    23 August’ 2019

    Docker is an independent container platform that enables organizations to seamlessly build, share and run any applicatio...

    Read more
  • Qualify Lead in D365 CE: Select which entity records should be created

    20 August’ 2019

    Wave 2019 Updates brought some really sought-after features. Another one which I would like to bring up is the Lead Qual...

    Read more
  • Early Opt-in for October 2019 Wave 2 Updates

    20 August’ 2019

    August 2, 2019 was when the Wave 2 Updates were to be out. And here we are! By now, you should have gotten the option to...

    Read more
  • Setting Unified Interface App Icons

    20 August’ 2019

    Default App Icons for typical D365 environment look like these.But here’s what you can do to change these to put...

    Read more
  • We respect your privacy.
  • This field is for validation purposes and should be left unchanged.

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.