Data Encryption Errors After Restoring Microsoft Dynamics CRM Database
If you’re seeing an error similar to the one above, you’ve probably done a database backup and restore from a Dynamics CRM 2013 instance into a new Dynamics CRM 2013 or 2015 instance. This error will pop up when you try and modify a user’s email address, or open personal options from outlook, as well as when performing some other tasks around CRM that include sensitive data.
The Data Encryption error states: “There are encrypted fields in the organization database, but the data encryption feature isn’t activated. Contact your Microsoft Dynamics CRM system administrator to activate data encryption. To activate, go to System Settings > Data Management > Data Encryption…”
The reason this error occurs is because when we restore/import a database, data encryption is disabled by default, even if it was enabled in the system we took a backup from. This is because the encryption settings are stored in the config database, so the .bak file does not contain these settings.
According to the error, to enable encryption we need to go into Data Encryption under Data Management. However, we can only enable Data Encryption if Dynamics CRM is using the https protocol, and usually the reason we’ve done a backup/restore is because we’re setting up a Dev or UAT copy of Prod, which may not need to be https.
This error states that “The HTTPS protocol is required for this type of request. Enable the HTTPS protocol and try again.” However, enabling https may not be ideal, and we still need to be able use the system.
Fortunately, there is a SQL script we can run on the config database which will allow us to use data encryption without using the https protocol:
UPDATE [MSCRM_CONFIG].[dbo].[DeploymentProperties]
SET [BitColumn]=1
WHERE ColumnName='DisableSSLCheckForEncryption'
You shouldn’t do this on a production instance, but for Dev or UAT instances this is necessary.
Once that’s updated you need to do an IISRESET on the CRM server for the changes to take effect.
If we try opening that Data Encryption window again, we should see that encryption is disabled, and we can create a new key and activate it.
You should be able to get the encryption key from the original CRM system you backed up from. If not, then you can simply create a new encryption key.
When you activate, you might be faced with another error which states “Please select an account that is a member of the PrivUserGroup security group and try again”.
This is because although we might be a system admin in Dynamics CRM, we cannot update the encryption key unless we are a member of the PrivUserGroup in Active Directory. We can either log into Dynamics CRM as the user who installed Dynamics CRM, or we can get our user added to that security group.
Once that’s done we should now be able to activate the encryption key.
You should now be able to edit user email addresses, and perform any other operations that require data encryption without any errors.
NOTE: This encryption error only happens when we restore from a Dynamics CRM 2013 or 2015 backup. If we create a new org through Deployment Manager, or if we upgrade a Dynamics CRM 2011 database, encryption will still be enabled by default. We can see when creating a new org the wizard informs us that encryption will be enabled.
最新文章
- Python学习笔记(4):自定义时间类
- cocos进阶教程(1)Lua调用自定义C++类和函数的最佳实践
- jQuery 元素遍历
- 50元制作PS2键盘无线监控装置
- H5元素
- vimrc 配置支持backspace
- C# IL 指令集
- C#WebService 客户端通过Http调用请求(转)
- MySQL协议分析2
- 购买的wemall 6.0商城系统源码分享
- 如何解决JavaScript中0.1+0.2不等于0.3
- window7环境下ZooKeeper的安装及运行
- ACM 第十一届 河南省省赛A题 计划日
- ReentrantLock 详解
- [总结] 动态DP学习笔记
- Windows PowerShell 入門(3)-スクリプト編
- bootstrap modal垂直居中 (转)
- bat脚本基础教程
- Linux内核分析——第二周学习笔记20135308
- python-day14--带参数的装饰器+多个装饰器装饰同一个函数