Tuesday, 1 April 2014

MS CRM 2011 Plugin Sandbox Mode

Sandbox Mode:
  1. It runs as a separate service, so it has got its own space to execute the process
  2. It has reduced functionality and a Partial Trust process
  3. On-premise CRM will allow you to run plugins in or out of sandbox mode (none), where as Online (Microsoft's hosted solution) will only run in sandbox mode
  4. Access to the file system, system event log, certain network protocols, registry, Active Directory are prevented in the sandbox. However, sandbox plug-ins do have access to external endpoints like the Windows Azure cloud
  5. Using any of the following cause a security exception (not an exhaustive list):
  • Attempting to use the AppDomain.CurrentDomain.AssemblyResolve event
  • System.IO.Path.GetTempPath() [System.Security.Permissions.EnvironmentPermissionException]
  • Any filesystem access code [System.Security.Permissions.FileIOPermissionException]
  • Attempting to use the EventLog [System.Diagnostics.EventLogPermissionException]
  • Attempting to use IsolatedStorage [System.Security.Permissions.IsolatedStoragePermissionException]
  • Any references to Thread.CurrentThread caused a security failure. 
Sandbox (recommended option)
Supported by all types of CRM deploymentYou haven’t got access to the file system, system event log, certain network protocols, registry
Supports run-time monitoring and statistics reporting
Secure approach
MS CRM monitors sandbox worker process and handles situations of CPU/memory/handle limits exceeding.

All power of .NET framework is in your handsNot supported by CRM online
Doesn’t support monitoring and statistic


No comments:

Post a Comment