Merge branch 'master' into task1668696-portals-tlssupport

Author: tapanm-MSFT

powerapps-docs/developer/common-data-service/TOC.yml

@@ -395,6 +395,8 @@
       href: authenticate-dot-net-framework.md
     - name: Use OAuth
       href: authenticate-oauth.md
+    - name: Office365 authentication with WS-Trust
+      href: authenticate-office365-deprecation.md
   - name: "Tutorial: Register an app with Azure Active Directory"
     href: walkthrough-register-app-azure-active-directory.md      
   - name: Build web applications using Server-to-Server (S2S) authentication
@@ -431,6 +433,8 @@
     items:
     - name: Download tools from NuGet 
       href: download-tools-nuget.md
+    - name: Install Power Apps CLI
+      href: powerapps-cli.md
   - name: Community Tools
     href: community-tools.md
   - name: Testing tools

powerapps-docs/developer/common-data-service/authenticate-office365-deprecation.md

@@ -0,0 +1,105 @@
+---
+title: "Use of Office365 authentication with the WS-Trust security protocol (Common Data Service) | Microsoft Docs" # Intent and product brand in a unique string of 43-59 chars including spaces
+description: "Describes deprecation of the WS-Trust security protocol and the authentication code changes required in applications."
+ms.custom: ""
+ms.date: 02/05/2020
+ms.reviewer: ""
+ms.service: powerapps
+ms.topic: "article"
+author: "phecke" # GitHub ID
+ms.author: "pehecke" # MSFT alias of Microsoft employees only
+manager: "kvivek" # MSFT alias of manager or PM counterpart
+search.audienceType: 
+  - developer
+search.app: 
+  - PowerApps
+  - D365CE
+---
+
+# Use of Office365 authentication with the WS-Trust security protocol
+
+Use of the WS-Trust authentication security protocol when connecting to Common
+Data Service is no longer recommended and has been
+deprecated; see the [announcement](/power-platform/important-changes-coming#deprecation-of-office365-authentication-type-and-organizationserviceproxy-class-for-connecting-to-common-data-service). 
+
+This change
+impacts custom client applications that use “Office365” authentication and the
+[Microsoft.Xrm.Sdk.Client.OrganizationServiceProxy](/dotnet/api/microsoft.xrm.sdk.client.organizationserviceproxy)
+or
+[Microsoft.Xrm.Tooling.Connector.CrmServiceClient](/dotnet/api/microsoft.xrm.tooling.connector.crmserviceclient)
+classes. If your applications use this type of authentication protocol and API,
+continue reading below to learn more about the recommended authentication
+changes to be made to your application’s code.
+
+## How do I know if my code or application is using WS-Trust?
+
+First and most importantly, this change **only** impacts client applications that
+connect to the Common Data Service. It does not impact custom plug-ins,
+workflow activities, or on-premises/IFD service connections.
+
+- If your code employs user account and password credentials for authentication with Common Data Service or an application, you are likely using the WS-Trust security protocol. Some examples are shown below, though this list is not fully inclusive.
+
+  - When using the [CrmServiceClient](/dotnet/api/microsoft.xrm.tooling.connector.crmserviceclient) class with a connection string:
+
+    `connectionString="AuthType=Office365; Username=jsmith\@contoso.onmicrosoft.com;Password=passcode;Url=https://contoso.crm.dynamics.com"`
+
+  - When using [OrganizationServiceProxy](/dotnet/api/microsoft.xrm.sdk.client.organizationserviceproxy) class constructors:
+
+
+```csharp
+using (OrganizationServiceProxy organizationServiceProxy =
+    new OrganizationServiceProxy(serviceManagement, clientCredentials)
+{ ... }
+```
+
+- If you are using the `OrganizationServiceProxy` class at all in your code, you are using WS-Trust.
+
+- If you are using [CrmServiceClient](/dotnet/api/microsoft.xrm.tooling.connector.crmserviceclient).`OrganizationServiceProxy` in your code, you are using WS-Trust.
+
+## What should I do to fix my application code if affected?
+
+There are very straight forward ways to modify your application’s code to use
+the recommended connection interface for authentication with Common Data
+Service.
+
+- If your code uses an [Microsoft.Xrm.Sdk.Client.OrganizationServiceProxy](/dotnet/api/microsoft.xrm.sdk.client.organizationserviceproxy) instance:
+
+  If you are passing the `OrganizationServiceProxy` instance around to various methods, or returning the instance from a function, replace all occurrences of the type `OrganizationServiceProxy` with the [IOrganizationService](/dotnet/api/microsoft.xrm.sdk.iorganizationservice?view=dynamics-general-ce-9) interface. This interface exposes all the core methods used to communicate with Common Data Service.
+
+  When invoking the constructor, it is recommend you add the NuGet package [Microsoft.CrmSdk.XrmTooling.CoreAssembly](https://www.nuget.org/packages/Microsoft.CrmSdk.XrmTooling.CoreAssembly/) to your project and replace all use of `OrganizationServiceProxy` class constructors with [CrmServiceClient](/dotnet/api/microsoft.xrm.tooling.connector.crmserviceclient) class constructors. You will need to alter your coding pattern here, however, for simplicity `CrmServiceClient` supports connection strings in addition to complex constructors and the ability to provide external authentication handlers. `CrmServiceClient` implements `IOrganizationService`, therefore your new authentication code will be portable to the rest of your application code. You can find examples on the use of `CrmServiceClient` in the [PowerApps-Samples](https://github.com/microsoft/PowerApps-Samples/tree/master/cds/orgsvc/C%23) repository.
+
+- If your code is using [CrmServiceClient](/dotnet/api/microsoft.xrm.tooling.connector.crmserviceclient) with the “Office365” authentication
+    type:
+
+    An example of this is a connections string that looks like this:
+
+    `connectionString = "AuthType=Office365;Username=jsmith@contoso.onmicrosoft.com;Password=passcode;Url=https://contoso.crm.dynamics.com"`
+
+    Similarly, you could also use a `CrmServiceClient` constructor and pass in `AuthType.Office365`.
+
+    You have two options for dealing with this.<p/>
+
+    - Switch over to using an OAuth based connection string. Such connection string looks like this:
+
+        `connectionString = "AuthType=OAuth;Username=jsmith@contoso.onmicrosoft.com;
+    Password=passcode;Url=https://contosotest.crm.dynamics.com;AppId=51f81489-12ee-4a9e-aaae-a2591f45987d;
+    RedirectUri=app://58145B91-0C36-4500-8554-080854F2AC97;LoginPrompt=Auto"`
+
+        This will be your fastest way to update the code. Note that LoginPrompt can be set to “never” to simulate the way that the Office 365 behavior worked.
+
+        The AppId and RedirectUri provided above are examples of working application registration values. These values work everywhere our online services are deployed. However, they are provided here as examples and you are encouraged to create your own application registration in Azure Active Directory (AAD) for applications running in your tenant.<p/>
+
+    - When we announce it, update to the latest [Microsoft.CrmSdk.XrmTooling.CoreAssembly](https://www.nuget.org/packages/Microsoft.CrmSdk.XrmTooling.CoreAssembly/) NuGet package that includes auto redirect support. This library will redirect an authentication type of Office365 to OAuth and use the example AppId and Redirect URI automatically. This capability is planned for the 9.2.x version of the Microsoft.CrmSdk.XrmTooling.CoreAssembly package.
+
+- If you are accessing the [CrmServiceClient](/dotnet/api/microsoft.xrm.tooling.connector.crmserviceclient).`OrganizationServiceProxy` property:
+
+     Remove all use of that property in your code. `CrmServiceClient` implements `IOrganizationService` and exposes everything that is settable for the organization service proxy.
+
+> [!IMPORTANT]
+> Regarding not being able to login using User ID/Password even if using OAuth: if your tenant and user is configured in Azure Active Directory for conditional access and/or Multi-Factor Authentication is required, you will not be able to use user ID/password flows in a non-interactive form at all. For those situations, you must use a Service Principal user to authenticate with Common Data Service.<p/>
+To do this, you must first register the application user (Service Principal) in Azure Active Directory. You can find out how to do this [here](https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal). During application registration you will need to create that user in Common Data Service and grant permissions. Those permissions can either be granted directly or indirectly by adding the application user to a team which has been granted permissions in Common Data Service. You can find more information on how to set up an application user to authenticate with Common Data Service [here](/powerapps/developer/common-data-service/use-single-tenant-server-server-authentication).
+
+## Need help?
+
+We will be monitoring the Power Apps ALM and ProDev community [forums](https://powerusers.microsoft.com/t5/Power-Apps-Component-Framework/bd-p/pa_component_framework). Please take a look there to get help on how to solve various issues or post a
+question.

powerapps-docs/developer/common-data-service/authentication.md

@@ -45,7 +45,7 @@ Office 365 authentication requires using the .NET Framework SDK assemblies with
 
 Using Office 365 authentication does not require that your register your applications as OAuth does. You must simply provide a User Principal Name (UPN) and password for a valid user.
 
-More information: [Authentication with .NET Framework applications](authenticate-dot-net-framework.md)
+More information: [Authentication with .NET Framework applications](authenticate-dot-net-framework.md), [Use of Office365 authentication with the WS-Trust security protocol](authenticate-office365-deprecation.md)
 
 ## All other software frameworks
 

powerapps-docs/developer/common-data-service/configure-entity-relationship-cascading-behavior.md

@@ -57,7 +57,12 @@ The `CascadeConfiguration` (<xref:Microsoft.Xrm.Sdk.Metadata.CascadeConfiguratio
 |Reparent|See [About the reparent action](#about-the-reparent-action) later.|Active<br />Cascade<br />NoCascade<br />UserOwned|  
 |Share|When the referenced entity record is shared with another user.|Active<br />Cascade<br />NoCascade<br />UserOwned|  
 |Unshare|When sharing is removed for the referenced entity record.|Active<br />Cascade<br />NoCascade<br />UserOwned|  
-  
+
+> [!NOTE]
+> When executing an assign, any workflows or business rules that are currently active on the records will automatically be 
+> deactivated when the reassignment occurs. The new owner of the record will need to reactivate the workflow or business rule 
+> if they want to continue using it.
+
 <a name="BKMK_ReparentAction"></a>   
 ### About the reparent action  
  The reparent action is very similar to the share action except that it deals with the inherited read access rights instead of explicit read access rights. The reparent action is when you change the value of the referencing attribute in a parental relationship. When a reparent action occurs, the desired scope of the inherited read access rights for related entities might change. The cascade actions related to the reparent action refer to changes to read access rights for the entity record and any entity records related to it.  

powerapps-docs/developer/common-data-service/org-service/metadata-option-sets.md

@@ -26,7 +26,9 @@ context of the publisher set for the solution that the option set is created in.
 This prefix helps reduce the chance of creating duplicate option sets for a managed solution, 
 and in any option sets that are defined in organizations where your managed solution is installed. For more information, 
 see [Merge option set options](../understand-managed-solutions-merged.md#merge-option-set-options).  
- 
+
+You can download the sample from [here](https://github.com/microsoft/PowerApps-Samples/tree/master/cds/orgsvc/C%23/WorkWithOptionSets).
+
 ## Messages Request Classes  
 
 Use the following message request classes to work with global option sets

powerapps-docs/developer/common-data-service/org-service/metadata-relationshipmetadata.md

@@ -2,7 +2,7 @@
 title: "Create and retrieve entity relationship (Common Data Service) | Microsoft Docs" # Intent and product brand in a unique string of 43-59 chars including spaces
 description: "Shows code samples to create and retrieve entity relationships." # 115-145 characters including spaces. This abstract displays in the search result.
 ms.custom: ""
-ms.date: 10/31/2018
+ms.date: 01/28/2020
 ms.reviewer: ""
 ms.service: powerapps
 ms.topic: "article"
@@ -17,12 +17,12 @@ search.app:
 ---
 # Create and retrieve entity relationships
 
-<!-- https://docs.microsoft.com/dynamics365/customer-engagement/developer/org-service/create-retrieve-entity-relationships -->
-
-This topic shows how to create and retrieve entity relationships.  
+This topic shows how to create and retrieve entity relationships. You can download the sample from [here](https://github.com/microsoft/PowerApps-Samples/tree/master/cds/orgsvc/C%23/CreateRetrieveEntityRelationships).
 
 <a name="BKMK_Create1NEntityRelationship"></a>   
+
 ## Create a 1:N entity relationship  
+
  The following sample uses the [EligibleCreateOneToManyRelationship](#eligiblecreateonetomanyrelationship) method to verify that the `Account` and `Campaign` entities can participate in a 1:N entity relationship and then creates the entity relationship by using <xref:Microsoft.Xrm.Sdk.Messages.CreateOneToManyRequest>.  
 
 ```csharp
@@ -68,7 +68,7 @@ if (eligibleCreateOneToManyRelationship)
 
 
     CreateOneToManyResponse createOneToManyRelationshipResponse =
-        (CreateOneToManyResponse)_serviceProxy.Execute(
+        (CreateOneToManyResponse)service.Execute(
         createOneToManyRelationshipRequest);
 
     _oneToManyRelationshipId =
@@ -106,7 +106,7 @@ public bool EligibleCreateOneToManyRelationship(string referencedEntity,
     };
 
     CanBeReferencedResponse canBeReferencedResponse =
-        (CanBeReferencedResponse)_serviceProxy.Execute(canBeReferencedRequest);
+        (CanBeReferencedResponse)service.Execute(canBeReferencedRequest);
 
     if (!canBeReferencedResponse.CanBeReferenced)
     {
@@ -123,7 +123,7 @@ public bool EligibleCreateOneToManyRelationship(string referencedEntity,
     };
 
     CanBeReferencingResponse canBeReferencingResponse =
-        (CanBeReferencingResponse)_serviceProxy.Execute(canBereferencingRequest);
+        (CanBeReferencingResponse)service.Execute(canBereferencingRequest);
 
     if (!canBeReferencingResponse.CanBeReferencing)
     {
@@ -189,7 +189,7 @@ if (accountEligibleParticipate && campaignEligibleParticipate)
     };
 
     CreateManyToManyResponse createManytoManyRelationshipResponse =
-        (CreateManyToManyResponse)_serviceProxy.Execute(
+        (CreateManyToManyResponse)service.Execute(
         createManyToManyRelationshipRequest);
 
 
@@ -224,7 +224,7 @@ public bool EligibleCreateManyToManyRelationship(string entity)
     };
 
     CanManyToManyResponse canManyToManyResponse =
-        (CanManyToManyResponse)_serviceProxy.Execute(canManyToManyRequest);
+        (CanManyToManyResponse)service.Execute(canManyToManyRequest);
 
     if (!canManyToManyResponse.CanManyToMany)
     {
@@ -248,15 +248,15 @@ public bool EligibleCreateManyToManyRelationship(string entity)
 RetrieveRelationshipRequest retrieveOneToManyRequest =
     new RetrieveRelationshipRequest { MetadataId = _oneToManyRelationshipId };
 RetrieveRelationshipResponse retrieveOneToManyResponse =
-    (RetrieveRelationshipResponse)_serviceProxy.Execute(retrieveOneToManyRequest);
+    (RetrieveRelationshipResponse)service.Execute(retrieveOneToManyRequest);
 
 Console.WriteLine("Retrieved {0} One-to-many relationship by id", retrieveOneToManyResponse.RelationshipMetadata.SchemaName);
 
 //Retrieve the Many-to-many relationship using the Name.
 RetrieveRelationshipRequest retrieveManyToManyRequest =
     new RetrieveRelationshipRequest { Name = _manyToManyRelationshipName};
 RetrieveRelationshipResponse retrieveManyToManyResponse =
-    (RetrieveRelationshipResponse)_serviceProxy.Execute(retrieveManyToManyRequest);
+    (RetrieveRelationshipResponse)service.Execute(retrieveManyToManyRequest);
 
 Console.WriteLine("Retrieved {0} Many-to-Many relationship by Name", retrieveManyToManyResponse.RelationshipMetadata.MetadataId);
 ```

powerapps-docs/developer/common-data-service/org-service/samples/create-retrieve-outlook-filters.md

@@ -36,9 +36,11 @@ Checks for the current version of the org.
 
 ### Demonstrate
 
-The `SavedQuery` method creates and retrieves the offline filter. In your Outlook client , this will appear in the System filters tab under **File** > **CRM** > **Synchronize** > **Outlook Filters**.
+1. The `fetchXml` method creates asn retrieves offline filter. In your Outlook client, this will appear in System Filters tab under **File -> CRM -> Synchronize -> Outlook Filters**.
+2. The `InstantiateFiltersRequest` method activates the selected offline templates for the current user.
+3. The `ResetUserFilterRequest` method resets the current user's offline templates to the defaults.
 
 ### Clean up
 
-No Clean up is required for this sample.
+Display an option to delete the sample data that is created in [Setup](#setup). The deletion is optional in case you want to examine the entities and data created by the sample. You can manually delete the records to achieve the same result.
 

powerapps-docs/developer/common-data-service/org-service/samples/download-report-definition.md

@@ -0,0 +1,47 @@
+---
+title: " Download report definition (Common Data Service) | Microsoft Docs" # Intent and product brand in a unique string of 43-59 chars including spaces
+description: "This sample showcases how to download report definition" # 115-145 characters including spaces. This abstract displays in the search result.
+ms.custom: ""
+ms.date: 12/20/2019
+ms.reviewer: ""
+ms.service: powerapps
+ms.topic: "samples"
+author: "JimDaly" # GitHub ID
+ms.author: "jdaly" # MSFT alias of Microsoft employees only
+manager: "ryjones" # MSFT alias of manager or PM counterpart
+search.audienceType: 
+  - developer
+search.app: 
+  - PowerApps
+  - D365CE
+---
+
+
+# Download report definition
+
+This sample shows how to download a report definition (.rdl) file by using the [DownloadReportDefinitionRequest](https://docs.microsoft.com/dotnet/api/microsoft.crm.sdk.messages.downloadreportdefinitionrequest?view=dynamics-general-ce-9) message. You can download the sample from [here](https://github.com/microsoft/PowerApps-Samples/tree/master/cds/orgsvc/C%23/DownloadReportDefinition).
+
+## How to run this sample
+
+[!include[cc-how-to-run-samples](../../includes/cc-how-to-run-samples.md)]
+
+## What this sample does
+
+The `DownloadReportDefinitionRequest` message is intended to be used in a scenario where it contains the data that is needed to download a report definition.
+
+## How this sample works
+
+In order to simulate the scenario described in [What this sample does](#what-this-sample-does), the sample will do the following:
+
+### Setup
+
+Checks for the current version of the org.
+
+### Demonstrate
+
+1. The `QueryByAttribute` method  queries for an existing report.
+2. The `DownloadReportDefinitionRequest` method downloads  the report definition.
+
+### Clean up
+
+Display an option to delete the sample data that is created in [Setup](#setup). The deletion is optional in case you want to examine the entities and data created by the sample. You can manually delete the records to achieve the same result.