State of knowledge

February 2021
MetaDirector version 5.0.14

From version 5.0.14 of MetaDirectory, the replicator for Microsoft Dynamics 365 is available.

This requires some preparatory steps within Microsoft Management Portals.

Video Tutorial

An overview of the basic functionality and commissioning is provided by the following video with a recording from our "Tech Essentials LIVE" webinar series from February 2022 (In German):


Preparation Azure AD

Grant service user permissions

Assign the required admin roles to the desired service user via the Microsoft 365 Admin Center ( under Assigned roles:

  • Application administrator

  • Dynamics 365 administrator

  • Power platform administrator

Example screenshot: User – Assigned roles – Administrative roles

Disable multi-factor authentication (MFA) at domain level

MFA can be activated for each individual user via

Example screenshot: Azure Active Directory properties – Manage security standards

Setup connection Dynamics 365 online – App registration

App registration

In Microsoft Azure Active Directory, add a new application under App registrations.

Example screenshot: Register application in Microsoft Azure Active Directory

Add API authorization

Add new permissions to the application.

Example screenshot: Request API permissions – Dynamics CRM

Request Microsoft Graph permissions

Example screenshot: Request API permissions Delegated permissions Microsoft Graph

The delegated permissions must then still be granted via "Administrator approval".
The default permission "User.Read" can theoretically be revoked because it is overwritten by the permission "User.Read.All".
What is required:

Dynamics CRM:

  • user_impersonation

Microsoft Graph

  • Contacts.Read
  • User.Read.All
Example screenshot: Configured permissions

Create new client secret

Add a new client secret under Certificates & secrets.

Example screenshot: Certificates & secrets – Add a client secret

Copy value immediately

Copy the value immediately after creation, otherwise, the password is no longer readable!
This data incl. "Value" is required when setting up the replicator in the MetaDirectory. 

Data required in the replicator

You need the data including the "Value" from the previous step in the replicator.

Example screenshot: Essentials

Create application user (App User)

The Application user must be created via the PowerApps admin portal in the Power Platform admin center.

Instructions from Microsoft

Below are the instructions from Microsoft Support:

Please find the below details to Create an application user:

Sign in to the Power Platform admin center as a System Administrator.
Select Environments, and then select an environment from the list.
Select Settings.
Select Users + permissions, and then select Application users.
Select + New app user to open the Create a new app user page
Select + add an app to choose the registered Azure AD application that was created for the selected user, and then select Add
The selected Azure AD app is displayed under App. You can select Edit to choose another Azure AD application. Under Business Unit, select a business unit from the dropdown list.
After choosing a business unit, you can select for Security roles to choose security roles for the chosen business unit to add to the new application user. After adding security roles, select Save.
Select Create.

Useful links:

Example screenshot: Microsoft 365 admin center – Dynamics 365 apps

Select environment and application user

Select via Settings Users and permissions Application users and add a new application user.

Example screenshot: Power Platform admin center – Environments – Settings – Application users

Example screenshot: Environments – Settings – New app user

App: Define security roles

Select the Business unit and assign a security role.

Example screenshot: App – Business unit and security roles

Grant permission in Dynamics for the user

To grant permission to the user, please use the appropriate documentation from Microsoft:

Logging in to the Microsoft Dynamics 365 web interface – Advanced settings

Log in to the Microsoft Dynamics 365 web interface with an administrative account and navigate to Settings – Advanced settings section. Here select the Security button.

Example screenshot Microsoft Dynamics 365 – Settings – Advanced settings

Example screenshot: Dynamics 365 – Settings – Security

Select user and assign role

In the Users section, select the appropriate user and assign the required roles to the user.

Example screenshot: Security – Select user

Example screenshot: Dynamics 365 – Settings – Security – Manage roles – User roles

Configure replicator in MetaDirectory

estos documentation

Basic information on replicators can be found in the estos documentation for MetaDirectory 5 Enterprise.

Open the administration interface via MetaDirectory Administrator and select the Database Replicators.

In Add – Import replicator, select Microsoft Dynamics 365.

Enter the appropriate values in the fields and follow the configuration wizard.

Example screenshot: MetaDirectory Administrator – Import replicator

Optional: Configuration of additional contact URLs

Additional Contact URL links

If you want to configure additional contact URL links, (, it is important to specify the URL with the appropriate <EntrID> variable and not to specify a URL with absolute referencing to a specific contact.
E.g: https://[organisation]<EntryID>