Tuesday 5 April 2016

Unable to add user to CRM 2016

Recently I encountered an issue where I couldn't add a user as CRM determined that the user ID already existed in the organisation, however I could see no evidence of this.

After a quick search I found this article

https://blogs.msdn.microsoft.com/ukdynsupport/2009/07/16/authentication-when-you-are-adding-a-new-user-to-crm-or-a-user-to-a-new-organization-in-crm/

So the key was the user record was in the MSCRM_CONFIG database still, as we had done a restore and org import on an earlier backup.

To identify this was actually the cause I had to find the SID for the user, without access to the AD tools, I found an article on using powershell, the following commands got me the SID

PS> $objUser = New-Object System.Security.Principal.NTAccount("{domain name}")
PS> $strSID = $objUser.Translate([System.Security.Principal.SecurityIdentifier])
PS> $strSID.Value
S-1-5-21-1004336348-1715567821-725345543-40705
With the returned SID I could identify the record
 SELECT * FROM SystemUserAuthentication WHERE AuthInfo LIKE '%S-1-5-21-1004336348-1715567821-725345543-40705'
I decided to update the record SID to one that will never exist rather than delete, as there could be a spider web of relationships that get really stuffed up.
 
UPDATE SystemUserAuthentication
SET AuthInfo = 'W:S-1-5-21-1004336348-1715567822-725345543-40705'
WHERE Id = 'CF775160-6BE6-E511-80CF-005056BD0631'
After this update I was able to create the user record.

No comments:

Post a Comment