We’ve all seen this error at some point when trying to access the Microsoft Dynamics CRM Deployment Manager on the server:
Only the Deployment Administrators are able to use Deployment Manager. You are not a Deployment Administrator.
Most of the time this is not a problem at all – perhaps you’re logged in with the wrong account or you simply need to request that another administrator logs in and adds you to this list. Sometimes it can be trickier though – perhaps the only administrator is on holiday, has left (and had their account deleted rather than just disabled) or any other number of things that might just ruin your day. The only supported method at this point is a reinstall of CRM. Cripes…!
How about an unsupported method to get you by?
Try this little SQL script which should add you to the list of Deployment Administrators. It is ENTIRELY UNSUPPORTED and probably shouldn’t be used in a production environment etc etc. But needs must and this might just save your day (but don’t blame me if I make it worse, right?).
IMPORTANT NOTE: This script will get you into the Deployment Administrator, but if you were NOT already a CRM user, it won’t get you into the CRM front-end. Clearly something missing from my script at present – be very very careful if you use this in production…
USE MSCRM_CONFIG DECLARE @username AS VARCHAR(MAX) , @newuserguid AS uniqueidentifier , @userguid AS uniqueidentifier , @adminroleguid AS uniqueidentifier -- *** TODO: ADD THE USERNAME YOU WANT TO MAKE A DEPLOYMENT ADMINISTRATOR HERE SET @username = '<domain>\<username>' SET @newuserguid = NEWID() -- Get guid for the Deployment Admin role SELECT @adminroleguid = id FROM dbo.securityrole WHERE Name = 'Administrator' -- Add the user as a systemuser (unless they already exist...) IF NOT EXISTS (SELECT ID FROM SYSTEMUSER WHERE NAME = @username ) BEGIN INSERT INTO SYSTEMUSER VALUES ( '00000000-0000-0000-0000-000000000000', @newuserguid , @username , 0 ) END -- Get the user's guid SELECT @userguid = ID FROM SYSTEMUSER WHERE NAME = @username -- Add the user's guid and the admin role to the SystemUserRoles table INSERT INTO dbo.SystemUserRoles VALUES ( NEWID() , @adminroleguid, @userguid , NULL , 0 )
We also may need to add the record to the appropriate AD groups and CRM tables. I’m not going to show you how to add items to Active Directory Groups or which groups to use. Suffice to say, you would need to know the user’s Active Directory sid (Security ID). Try this command from the server prompt:
dsquery user -name Greg* | dsget user -sid
This should return a result similar to this:
You’re on your own from this point… 😉