This is directly affects and hinders many customers that have third parties assisting with customization and deployment of CDS and C&E environments. I have tested this with a guest user that has a source of External Azure Active Directory and Microsoft Account. They both fail to work. Scenario: Customer A has their own Azure AD instance and CDS instance on CustomerTenant. They wish to bring in a partner or ISV to help customize and deploy their CDS/C&E instance. They utilize the Azure AD Guest user functionality to invite the Partner to join their Azure AD instance. The partner is a member in his own Azure AD instance for PartnerTenant. Azure AD Setup: The customer adds the partner to their Azure AD instance as a guest account. Once the partner accepts the invitation, the customer adds the Dynamics 365/CRM/PowerApps licenses, as well as the “Dynamics 365 administrator” administrative role. Dynamics 365 Setup: Once the license is activated and the user account is sync’d to D365, the customer grants the partner System Administrator role in the desired environment. The partner confirms that he can log into the system and access it successfully. The partner is now ready to start customizing the environment. This would include Forms, PowerApps, Flows, etc. The partner navigates to preview.admin.powerapps.com. They try to locate the environment they were given access to from the customer’s tenant, but it is not found. The partner context is still under PartnerTenant instance, so the only Environments, PowerApps and Flows the partner can see are those in PartnerTenant. They cannot see anything in CustomerTenant, even though they can access the environment and they have full admin permissions. The partner can still access customizations the old way through Advanced Settings in the web application. When they launch “Customize the System”, there is a banner than says “Try New Experience. There’s a better way to customize the system.” When they select the button to try the new experience, they are again placed in the context of PartnerTenant instead of CustomerTenant, and have no visibility into that environment from the new admin portal. I also tried this with an external Microsoft Account (user@outlook.com). When I try to access the PowerApps admin center, I receive the following error: “Pick an account. Selected user account does not exist in tenant “Microsoft Services” and cannot access the application ‘GUID’ in that tenant. The account needs to be added as an external user in the tenant first. Please use a different account.”

Category: Admin Center
Needs Votes