Access to Microsoft Dynamics CRM has not yet been fully configured for this user. The user needs at least one security role before you can continue.

I ran into an issue when I was importing a different version  of solution to the organization. The error was:

Access to Microsoft Dynamics CRM has not yet been fully configured for this user. The user needs at least one security role before you can continue.

I was not able to find anything on google/bing for the specific error, but one of the blog I found said the error can be from business rules or other type of processes.

After some research, I came to know that there were multiple Business Rules on the organization which were owned by users who were deactivated and no longer have anything to do with CRM Development.

To resolve this issue, you just  need to assign the Business Processes or other workflows to any active user.

Step 1: Use Advanced Find feature to find the processes and their respective owners.

Advanced Find - Business Rules
Advance Find Business Rules


Step 2: Select all results which shows owner who are already disabled.

Advanced Find Result

Advanced Find – Result

Step 3: Assign the Business Rules/Processes to your user account or another user who is in active state.


Assign processes

And you’re done!! Try to reimport the solution and the error will be gone forever…


C#: Security accessibility of the overriding method must match the security accessibility of the method being overriden

I was porting a .Net 2.0 assembly to .Net 4.0 plugin assembly and faced this particular challenge.

The project had a test app(A WinForm app) and it worked fine on the desktop but when I deployed the logic on server to run as a plugin it gave the following error

xyz..GetObjectData(System.Runtime.Serialization.SerializationInfo, System.Runtime.Serialization.StreamingContext) Security accessibility of the overriding method must match the security accessibility of the method being overriden.
Just notice, the spelling for “overridden” is also not correct. But this is what .Net framework threw.
After some research I found that this behavior is “By Design” i.e. as per security transparency model defined in .Net v4.0. It basically has two models:
1. Level1 (High Level) for v2.0
2. Level2 for v4.0
Here is a a list of critical operations:

1. Call native code

2. Contain unverifiable code

3. Call critical code

4. Perform security asserts

5. Satisfy link demands

6. Derive from non-transparent types

7. Override security critical virtuals

And only full trust code can be security critical.

Hence an overridden member should have the same security accessibility (Critical, Safe Critical or Transparent).
To resolve this error take the following step:
Go to the AssemblyInfo.cs class to your project and add following attributes to it. And this should resolve the exception.

[assembly: SecurityRules(SecurityRuleSet.Level1)] 
[assembly: AllowPartiallyTrustedCallers]

I believe it might be helpful to many as there are lot of Dynamics CRM implementations being upgraded.

Reference links to the differences between both and transparency rules:

AD Change Password C#: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))


I was trying to Reset/Change Password for Active Directory through C# code behind. And I encountered with the same error:Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))

Access Denied errors that are reported by scripts and applications that access WMI namespaces and data generally fall into three categories.

Possible Reasons are:
The user does not have remote access to the computer through DCOM. Typically, DCOM errors occur when connecting to a remote computer with a different operating system versions.

Give the user Remote Launch and Remote Activation permissions in dcomcnfg.

  • Right-click My Computer-> Properties Under COM Security, click “Edit Limits” for both sections.
  • Give the user you want remote access, remote launch, and remote activation.
  • Go to DCOM Config, find “Windows Management Instrumentation”, and give the user you want Remote Launch and Remote Activation.

For more information, see Connecting Between Different Operating Systems


SharePoint: An exception occurred when trying to issue security token. This is often caused by an incorrect address or SOAP action.

I experienced this error while integrating SharePoint with CRM 2011. Below is the error message:

An exception occurred when trying to issue security token: There was no endpoint listening at http://localhost:32843/SecurityTokenServiceApplication/securitytoken.svc/actas that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details.

This error can occur if you have not started SharePoint services.


Make sure you have started required SharePoint Server Services… Go to SharePoint Site and click on Manage Services on Server. You will be presented with a list of SharePoint services. Start the required services if any service is Stopped.

Sharepoint Manage Services on Server

SharePoint Manage Services on Server

CRM 2011: Early Binding C#- error while retrieve and save data

If you’re using Early Binding with CRM 2011 and facing one of the following issues… you’ve landed on the right page!!

While retrieving the data using LINQ:
Exception Type: ArgumentException
Message: Object of type ‘Microsoft.Xrm.Sdk.Entity’ cannot be converted to type ‘XXX’.


Updating the data using LINQ:
Exception Type: SaveChangesException
Message: An error occured while processing this request.
Inner Exception: {“Value cannot be null.rnParameter name: value”}

You probably forgot to add a behavior to the OrganizationServiceProxy object given as below.

serviceProxy.ServiceConfiguration.CurrentServiceEndpoint.Behaviors.Add(new ProxyTypesBehavior());

This statement is required to enable early-bound type support.


Solved: Sys.WebForms.PageRequestManagerTimeoutException – The server request timed out error

If you have got this error: “Sys.WebForms.PageRequestManagerTimeoutException The server request timed out” from the Ajax Extension framework. It is because you have not mentioned the timeout period for the script manager on your page. The default timeout period of script manager is 90 seconds, so if your process takes more than 90 seconds you will be presented this error.


Add a property AsyncPostBackTimeOut to your script manager as following:

<asp:ScriptManager ID=”ScriptManagerAjax” runat=”server” AsyncPostBackTimeout=”720″>

The timeout period is in seconds that is 12 minutes. You can specify it according to your need.

Hope this helps! Happy Programming!

CRM 2011 Error: "Key not valid for use in specified state." (System.Security.Cryptography.CryptographicException)

This happens very rarely. When connecting your application to CRM 2011 Online version, you get following error which fails at the DeviceIdManager.LoadOrRegisterDevice() method with the following exception:

“Key not valid for use in specified state.” (System.Security.Cryptography.CryptographicException)
   at System.Security.Cryptography.ProtectedData.Unprotect(Byte[] encryptedData, Byte[] optionalEntropy, DataProtectionScope scope)
    at Microsoft.Crm.Services.Utility.DeviceUserName.Decrypt(String value) in z:PracticeCrmXpress.WinForms.TestDeviceIdManager.cs:line 876
    at Microsoft.Crm.Services.Utility.DeviceUserName.UpdateCredentials(String encryptedValue, String decryptedValue) in z:PracticeCrmXpress.WinForms.TestDeviceIdManager.cs:line 849
    at Microsoft.Crm.Services.Utility.DeviceUserName.set_EncryptedPassword(String value) in z:PracticeCrmXpress.WinForms.TestDeviceIdManager.cs:line 142
    at Microsoft.Xml.Serialization.GeneratedAssembly.XmlSerializationReaderLiveDevice.Read2_DeviceUserName(Boolean isNullable, Boolean checkType)
    at Microsoft.Xml.Serialization.GeneratedAssembly.XmlSerializationReaderLiveDevice.Read3_LiveDevice(Boolean isNullable, Boolean checkType)
    at Microsoft.Xml.Serialization.GeneratedAssembly.XmlSerializationReaderLiveDevice.Read4_Data()

You have done nothing wrong!! Here are the steps to resolve it:

1. Go to path: C:\Users<current user>\LiveDeviceID\
2. Delete the LiveDevice.xml
3. Try to connect from the application.
4. If this doesn’t solve the error, follow steps 1 and 2, reboot and try connecting from the application.

See related article: CRM 2011 Error: There is an error in XML document (5, 5)

Stunnware tools for CRM 2011 not working? The Plug-In FetchXML Wizard threw an exception: Could not load file or assembly 'Microsoft.Crm.Sdk, Version=, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The located assembly's manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040)

Downloaded the Stunnware tools for CRM 2011 and experiencing error below?

The Plug-In FetchXML Wizard threw an exception: Could not load file or assembly ‘Microsoft.Crm.Sdk, Version=, Culture=neutral, PublicKeyToken=31bf3856ad364e35’ or one of its dependencies. The located assembly’s manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040)

Stunnware Tools - CRM 2011 error screen

CRM 2011 supports backward compatibility by exposing support for the old SDK, it supplies its own version of Microsoft.Crm.Sdk.dll. The difference is that it is strongly signed with an updated version number of

We can force the runtime to load our own supplied version of Microsoft.Crm.Sdk by overriding the publisher policy. This is done in App.config or Web.config for a web application (here SwTools.exe.config) using the following code:

        <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
                <assemblyIdentity name="Microsoft.Crm.Sdk" publicKeyToken="31bf3856ad364e35" culture="neutral" />
                <publisherPolicy apply="no" />

Go to edit your SwTools.exe.config file and add <runtime>…</runtime> section from above code to the end of the config file before </configuration> tag. and Done!!