WorQFlow Community,

We’re truly grateful for the trust you’ve shown in us again this year. Despite various hurdles, we’ve ended the year on a stronger note. Our commitment to improving our services for our esteemed clients has further refined our sense of self and our vision for the kind of organization we aim to be. Every project or initiative in 2023 was aimed at enhancing our strategic pillars, living out our mission, and moving us closer to the vision of where we want to be as a company. We are honored to serve you and are looking forward to a fantastic 2024.

2023 Achievements


Cultural & Operational Improvements

Improvements to our Brand

Goals & Vision for 2024

The upcoming year is all about “Achieving More Together” and enhancing both personal and professional growth for everyone in our orbit.

Goals for 2024:

Who are we?

A consultancy composed of elite Microsoft sales professionals that partner with customers to provide the information and people needed for customers to take more control over their success. We empower customers to harness the full potential of Microsoft technologies by building Dynamic Teams and implementing successful D365 projects.

Why Work with WorQFlow?

WorQFlow isn’t just a company; it’s a community where growth, learning, and enjoyment are not just goals, but realities we live every day. As we step into 2024, we do so with enthusiasm, hope, and a commitment to “Achieving More Together.” Join us on this exciting journey.


The WorQFlow Team


For many candidates, interviewing on-site can be intimidating and overwhelming, while others can effortlessly handle them with ease. Regardless of which camp you fall into, there are a few basic things to consider when showing up for an on-site interview.

Come Prepared

It’s no surprise that you should always come prepared for any interview. For a preliminary phone screen, you may have done some quick research on the company’s website and glanced at the hiring manager’s LinkedIn profile. However, once you’re invited on-site, it’s important to take the time to prepare so you’re well-versed in the requirements for the role and how you can deliver. Make sure you:

Do Your Research

Doing a bit of research beforehand will help you feel and sound more confident in conversation and will demonstrate your level of interest in the opportunity. While no one expects you to know everything about the company or products, it’s important to have a general understanding so you can explain how you can help the company succeed. Here are a few things I ask my candidates to dig into before interviewing onsite:

Talk positively and confidently about yourself

Many people have trouble talking themselves up, but remember, this is your time to shine! Consider what impression you want to leave upon each person, and make sure you talk about yourself in that way. Are they looking for a team player? An independent thinker? Is someone highly creative or analytical? Make sure you give specific examples to demonstrate how you align with their needs and why they’d want to work with you.

I’m also amazed at how one of the most basic questions can stump so many people: Tell me about yourself.

Please remember this is not the time to go deep into your personal history—this question is related to your career. It’s always a great idea to have a three-minute elevator pitch to showcase your career path—something you prepare in advance that can be used for almost any interview you go on. You can even tailor it based on where you are interviewing or a particular requirement for the position. Make sure you remain clear and confident, as stumbling here can give an unhealthy impression of who you are to the employer. 

Here are a few points you want to ensure you hit on:

Dress The Part

Before you show up on-site, do some research on the company culture (Glassdoor can be helpful here). On interview day, be sure to dress one step up from the rest of the company. So for example, if you know the company dresses fairly casually in jeans and t-shirts, you’ll feel like a fish out of water wearing a suit—consider nice pants (not jeans) and a collared shirt instead. The goal is to look polished and professional, and that you understand the value of making a good first impression. And remember, chewing gum and clothing with holes are never appropriate. 

Stay Positive

The next pitfall for many candidates relates to their previous employer(s). I can’t stress enough how important it is to remain positive. Even if your last employer was a nightmare, make sure you put a positive spin on the situation, emphasizing what you learned that you can apply toward future growth. You can keep it short and simple and then move on. 

Remember, you are being noticed from the moment you enter the building. Smile! Be pleasant with everyone you pass by. You are being evaluated by your level of professionalism, your body language, and your attitude, so make sure you remain approachable and positive throughout the process. And at the end of the day, remind yourself that you are selling yourself on the role as much as they are selling you on the company.


In the 10.0.30 release of D365FO, which became generally available on Oct 21st, 2022, Microsoft added the ability for customers to report on the telemetry data of their end users. I wanted to take a quick overview of this feature and look at opportunities to use this data.


The telemetry data from Microsoft is stored in Azure Application Insights, so we must create a resource for us to store this data. Once created please note the Instrumentation Key as we will need that in subsequent steps.

View fullsize

D365 App Insights

How to Enable Telemetry

The telemetry feature is labeled as a ‘preview feature’ so it is not enabled by default. That means we need to enable the feature by navigating to System Administration -> Workspaces -> Feature.

Management and search for ‘monitoring and telemetry’. You can see the Status below is marked as the yellow triangle with an exclamation point, indicating it is not enabled.

View fullsize

Feature Management 1

After enabling the feature, you can see the Status change to the green check mark.

View fullsize

Confirmed Feature Management

Now we can navigate to System Administration -> Setup -> Monitoring and Telemetry Parameters.

View fullsize

We can now configure which events we want to enable in the Configure tab, specifically for our case we want to enable the Form Runs, User Sessions, and X++ exceptions:

View fullsize

In the Environments tab, the LCS Environment variable is the Instrumentation Key from your Application Insights resource from the previous step. The Environment Mode should be set to whatever environment you want you are connecting to.

View fullsize

In the Application Insights Registry tab, we again will input our Environment Mode and Instrumentation key values.

View fullsize

Once these values are set, the configuration portion for telemetry data is complete.

Reporting on Telemetry Data

In the Application Insights resource, we created initially within Azure, we can navigate to the Monitoring -> Logs area and see the tables available for us to query. The data in Application Insights can be queried using the Kusto Query Language (KQL). For example, in the screenshot below we can see we can query the ‘pageviews’ table to see all page views from users within the last 90 days.

View fullsize

If we take a deeper dive into the data itself we can see we are able to obtain the following from the user interaction:

Note: Some fields do not appear to be populating at this time (duration, client_IP, etc)

View fullsize

Using the KQL language we can perform business logic on the data, for example, you could use the following query to show the last time a user interacted with D365FO:

View fullsize

Another example would be wanting to see how many menu items a user navigated to over a period of time:

View fullsize

Reporting From Power BI

This data can also be exported to Power BI for additional analysis and visualizations. Within Application Insights we can select Export -> Export to Power BI:

View fullsize

Exporting to Power BI

If we choose that option it exports a text file with the following instructions commented out at the top.

View fullsize

Text on how to update Power BI formatting

Follow the steps and copy the entire contents into an ‘Advanced Editor’ in PowerBI.

View fullsize

Query 1 with KQL code

After authenticating, the PageViews table data is successfully pulled into PowerBI.

View fullsize

And we can create different PowerBI visualizations using this data.

For example, we can create a Treemap of the data which will show the number of times each menu item was visited by each user and will show a colorized weighted view of this data. If we set it up with the following parameters:

View fullsize

Visualizations 1

It will generate this visualization output:

View fullsize

Heat Map Visual

We could also use a Funnel visualization with the following parameters, which would show the number of times each menu item was visited:

View fullsize

Visualization Options 2

And it would generate this visualization output:

View fullsize

Bar Table

And finally, we could utilize a Heatmap visualization to show the same data in a slightly different way. The Heatmap visualization is not enabled by default, so you must click on the 3 dots at the bottom of the Visualization area and go to ‘Get more visuals’

View fullsize

Visualizations Card for Power BI

Then search for ‘heatmap’, and select the visualization from Microsoft:

View fullsize

Heat map visual menu

Once downloaded, you can set up the heatmap visualization with the following parameters:

View fullsize

Visualization for Power BI Menu

And it will generate the following visualization:

View fullsize

Sum of Items graph visual


Hopefully, this overview helps to explain how to set up telemetry data from your D365FO instance in Azure AppInsights, how you can query that data, and how to create visualizations from that data for easier consumption and better understanding in Power BI.


Overview of Telemetry Data


Sciens Building Solutions is a trusted provider committed to delivering complete fire detection, fire protection, security, and electrical solutions that not only protect lives but ensure the business continuity of their customers.

Sciens is currently working diligently toward a new Dynamics 365 (D365) Finance & Operations, Customer Engagement, and Field Service implementation, replacing the existing legacy ERP system. WorQFlow and Sciens have partnered to support the project and to help build out Sciens’ internal D365 team.

What are the biggest challenges you are facing when trying to attract and secure talent in the Dynamics AX/D365 market?

“The Dynamics AX/365 job market in the Bay area has always been competitive, particularly over the past few years, and the Dynamics talent out there has had the power to choose just about any opportunity they like. Prior to engaging WorQFlow, Sciens spent countless hours browsing job sites, selecting potential candidates, and conducting phone screenings and face-to-face interviews, yet our efforts were still fortuitous. The process could easily take 4-6 weeks.”

How did WorQFlow stand out from other agencies you have worked with in the past?

“WorQFlow truly understands the request and provides what’s needed in record speed, which makes them stand out from other recruiting firms. There are recruiters that still do not know the differences between Dynamics 365 Customer Engagement and Dynamics 365 for Finance and Operations solutions. WorQFlow hand-selects the best-fitting candidates from the start with no nonsense. By partnering with WorQFlow, the hiring process can be as quick as two weeks with candidates who are the best fit. The process doesn’t end after candidates are onboarded either; WorQFlow has a mandatory follow-up process with both the hiring manager and the candidate to continue to ensure it is the best fit.”

How has this relationship with WorQFlow benefited you with the D365 project?

“A transparent partnership is key to the success of any Dynamics 365 implementation project, whether working with Microsoft implementation partners or Dynamics recruiting firms. WorQFlow has the resources to provide marketing data, hiring trends, and candidate expectations. WorQFlow leverages its expertise to set expectations between the hiring manager and candidates, in order to shorten the hiring life cycle and ensure a smooth, easy process for both sides.”


User licensing in Dynamics 365 for Finance & Operations is a uniquely complex topic that can be daunting and confusing to most people when they first encounter it. The idea of this blog post is to hopefully clarify how user licensing works and what tools and resources are available to help in your licensing journey!

Why is Licensing so Complex?

Licensing is complex within D365FO because it is tied not to what actions a user performs in the system but to what objects that user is assigned in the system. This is somewhat unique in the ERP world as most systems base licensing on what actions a user actually performs (ex: a user with a business license can perform 100 journal entries whereas a professional license lets you perform 1000).

This can lead to scenarios where a user is over-provisioned from a licensing standpoint as a user may be assigned more access than they need to perform their day-to-day operations in the system which causes their licensing requirements to be overinflated.

What User Licenses Exist Within D365FO?

There are 3 different levels of licenses within D365FO, structured in a hierarchical fashion:

In October 2019, Microsoft made a change to split licensing at the Operations level into the different modules within D365FO. The new licensing SKUs hierarchy looks like this:

How is it Determined?

Microsoft uses a combination of two different methodologies when determining user licensing. The first is ‘entry point-based licensing’, which looks at the access a user has to entry points (ex: menu items) to determine the license requirements for that user. Each entry point has two different parameters associated with it:

Each of these parameters has a license associated with it. If a user has Read access to the entry point, the license type in the license in the ‘ViewUserLicense’ parameter is required. If the user has Update, Create, or Delete permission to the entry point then the license in the ‘MaintainUserLicense’ parameter is required.

In the example below, a user with Read access to this entry point would need a ‘Team Members’ license (listed as Universal in the AOT). But a user with Update, Create, or Delete access would need an Operations level license (listed as Enterprise in the AOT).

The second licensing methodology used is based on the privileges assigned to a user. This ‘privilege based licensing’ is how Microsoft splits the ‘Operations’ license from the ‘entry point based licensing’ into the different license SKUs.

The privilege to license associations are stored in a database table named ‘LicensingServicePlansPrivilege’:

How Do These Different Licensing Methodologies Work Together?

To determine user licensing requirements, we have to combine both the ‘entry point-based licensing’ and the ‘privilege-based licensing’ ideas from above. This is done by first applying ‘entry point based licensing’ to determine if a user requires an Operations, Activity, or Team Members license. 

If a user only requires an Activity or Team Members license, that is the license required by the user. 

If the user requires an Operations license based on the ‘entry point based licensing’ methodology, then we apply the ‘privilege based licensing’ methodology and look at the privileges the user is assigned to see if there is an entry in the LicensingServicePlansPrivilege to determine the license requirements.

I’ve built a Visio diagram to show the decision tree of user licensing:

What if a User Needs Multiple Licenses?

Now that we’ve determined how licenses are determined, what happens if a user needs multiple license SKUs based on their privilege based licensing? Microsoft offers the idea of a ‘base’ and an ‘attach’ license, where a user would assign the first license as a ‘base’ and then would be able to ‘attach’ additional licenses to this.

In the Microsoft Dynamics 365 licensing guide, there is a table that shows the valid base/attach combinations:

What reports exist natively in D365FO to help?

There are a few reports available natively within D365FO to help with determining the licensing requirements of its users.

The first is the User License Counts report which is available at System Administration -> Inquiries -> License -> User License Counts. This report shows each user in the system and the ‘entry point-based license’ requirements for each user based on their role assignments.

The second report is the ‘User License Estimator’ report, which shows the ‘privilege based license’ requirements for the user. This report is available at System Administration -> Inquiries -> License Reports -> User License Estimator.

How Can We Effectively Reduce Licensing Costs?

The best way to reduce your license requirements is to apply ‘Least Privilege Security’, which is the process of ensuring that users are not provisioned with too much access within D365FO as well as performing periodic license reviews.

What Does the Future Hold for User License?

With the move to consolidate Dynamics 365 offerings under one solution (as we looked at in our previous blog post), how could this potentially impact licensing? That remains to be seen as we are very early in the process of combining platforms, but I do think that it will impact the licensing methodology used.

Are there resources to help?

Yes! Then list all of the blogs, whitepapers, YouTube videos I’ve created over the years about licensing.

Current State of D365FO User Licensing

We are thrilled to announce that WorQFlow Solutions has secured a spot on Inc. Magazine’s highly coveted list of the Pacific Region’s Fastest-Growing Private Companies for 2023, ranking #49 out of 185 companies! With a two-year revenue growth rate of 397%, we are proud to have solidified our position as one of the leading service providers in the region.

The Inc. 5000 Regionals: Pacific list celebrates the growth and success of companies in the region, with an average growth rate of 559% among the listed companies. We are thrilled to have achieved a remarkable two-year revenue growth of 397%, which exceeded the median growth rate of 178% for companies on the list. This recognition highlights our dedication to growth and progress, and we are honored to be among the fastest-growing companies in the Pacific region.

This achievement would not have been possible without the unwavering support of our customers, candidates, and team members. What makes our achievement even more exceptional is that we ranked third among all companies in the business services industry. We collaborate with our clients through our knowledge and expertise within the market and pride ourselves on being true consultants who can provide value to the Microsoft community. Being recognized as one of the fastest-growing companies in the Pacific region is a source of pride for us. We are unwavering in our commitment to maintaining our core values of trust, transparency, collaboration, and delivery.

For more information on the Inc. 5000 Regionals: Pacific list, including company profiles and an interactive database, please visit the Inc. Magazine website. We are grateful for this recognition and look forward to continuing our growth and delivering exceptional services to our customers and candidates.


In this article, we show how XDS will react in certain scenarios and how you could approach more complex business use cases for XDS.

Testing Setup

For each scenario below, the setup required for each instance will be listed. For all tests, I did a full compile as well as a database sync of my test project, I then logged out and logged back into D365FO as my test user.

Scenario #1 – How to Apply Multiple XDS Policies to the Same Role

For my test scenario, I want a role to only be able to interact with Customers and Vendors that have a group (CustGroup/VendGroup) equal to 10. The first thing I did was to create a role that allows full control of both customers and vendors. Here is what the test user sees when assigned this role:

Applying XDS Policies

To implement the XDS policies, I first created the Customer and Vendor queries:

Vendor Group Query for XDS policies

I then create the security policies for these queries. A couple things to note here:

Securities Overview for XDS

I then created a role (FpGroupXDSRole) that I assigned the appropriate duties too, notice here that I set the Context String to the same string as my security policies (GroupXDSPolicy). This will apply both XDS policies to this role.

Once this role is assigned to the user, we can see that both policies are applied successfully.

In my test from above, I created the role via the AOT. I also wanted to ensure that a role created from the user interface also works as expected. So I created a role in the Security Configuration area of D365FO and made sure to set the Security Policy Context String to the same string as before (GroupXDSPolicy).

Scenario #2 – What is the outcome if multiple roles with the same access are applied to a user, one having an XDS policy and one that does not?

We will have two roles: FPCustomersRole and FPXdsCustomersRole, both of which will be assigned the CustCustomersMaintain duty which give access to maintain customer records.

With the FPCustomersRole assigned to our test user, the user can see all customer records:

The FPXdsCustomersRole has an XDS policy applied to only show customers with a CustGroup of 10. With the FPXdsCustomersRole applied, our test user can only see those customers with a CustGroup of 10:

Scenario #3 – Can you Apply an XDS Policy to a sub role?

If we apply for the roles with the FPCustomersRole being the base role and the FPXdsCustomersRole being the sub role (so the role with XDS applied to be the sub role):

We get an interesting outcome, our test user can see all customers:

This means that the XDS policy is not being applied.

What happens if we reverse it and have the XDS role being the base role and the normal role being the subrole?

Now the XDS policy is applied correctly:

This idea also works if the base role has no permissions directly assigned to it but has the normal role as a subrole. This type of scenario would be beneficial if one set of users should have XDS applied and another set of users should not, you can control access for both groups with one underlying role and control the XDS portion by creating parent roles with their context string set to the XDS policy that should be applied:

XDS cannot be applied as a sub-role to another role, however, a normal role can be a sub-role to a role with XDS applied and it will function correctly.

Scenario #4 – Can you Have a User Be Able to View All Instances of an Object, but Only Update/Create/Delete Specific Objects via XDS?

In the previous scenarios, I have always set the Operation parameter for a security policy to ‘AllOperations’ but there are other options. One of those is ‘InsertUpdateDelete’, which means that the XDS policy will only apply to those SQL operations:

If we apply this security policy to a role and assign it to a user and load the All Customers form we can see all of the customers:

However this is what happens if you try to create a customer with a CustGroup other than 10:

And here is what happens if you try to edit a record with a CustGroup other than 10:

And here is what happens if you try to delete a customer with a CustGroup of 10:

So, you do have the ability to see all objects but only Update, Create, or Delete objects with a specified parameter defined in the security policy.

Scenario #5 – If There Are Multiple XDS Policies Applied to the Same Role and for the Same Object are the Policies ‘AND’d or ‘OR’d Together?

Let’s use a combination of our CustGroup = 10 security policy and add in a CustGroup = 20 security policy and apply both policies to the same role via security context.

So now if we apply both to the role and assign it to the user we can see that the XDS scenarios are AND’d together as no customers are returned.


The above scenarios show how XDS reacts to different configurations within your D365FO environment. Be on the look out in the future as we look at how to perform XDS when there is not a current primary table to use.


WorQFlow Solutions is honored to be named one of the Fastest Growing US Staffing Firms of 2022 by the Staffing Industry Analysts (SIA). Over the past 6 years, we have had the extraordinary opportunity to work alongside exceptional companies and candidates that have allowed us to grow to this point.

This year, thousands of staffing firms submitted applications to be a part of this prestigious award. Thousands of applications were submitted across the United States, and WorQFlow Solutions ranked #20! In order to win the award, companies had to show a level of significant revenue growth over the last five years. The average compound annual growth rate (CAGR) for all of 2022’s Fastest Growing Staffing companies was 43.28%. WorQFlow had a CAGR of 73.70% which shows we have grown 30% faster than the majority of the companies that received the Fastest Growing award this year.

Thank you to all the individuals who have put their trust in us all these years. As we continue to grow, we will remain steadfast in our values of trust, transparency, collaboration, and delivery. We could not have done this without the continued trust and support of our clients, candidates, and the WorQFlow team. We have big dreams for the future and don’t plan on slowing down any time soon!