Missing Security Roles In Microsoft Dynamics GP 2018 RTM

● Ian Grieve ●  ● 0 Comments   ● 

Microsoft Dynamics GPThe Dynamics GP Support and Services Blog has a post on the missing security in Microsoft Dynamics GP 2018 RTM; this is the new security roles and tasks created for the new functionality.

For features which are being enhanced, the new security tasks may be being added to roles which already exist and are assigned to users, the security is not automatically updated with the upgrade, but instead scripts are made available to add the missing security; this places the onus on the client to determine if the roles should be updated or not.

I have updated my original post with the new script, but you can also download it here.

● Categories: Dynamics, GP, Microsoft ● Tags: , , , , , ,  ● Permalink ● Shortlink ●

Security Views For Use In SmartList Designer: Group Based Company Access In Management Reporter

● Ian Grieve ●  ● 3 Comments   ● 

Microsoft Dynamics GPA while ago, I did a series of views on the Microsoft Dynamics GP security model. Well, a little after that I wrote a couple of scripts to allow the security configuration of Management Reporter to easily be enquired upon.

This, the second Management Reporter security script, shows security for users as granted by their Group membership. the previous post, on Friday, showed the user based company access.

The view is configured to read the security from a database called ManagementReporter and assumes the user who runs the report has select permissions on this database and relevant tables.

IF OBJECT_ID (N'uv_AZRCRV_GetManagementReporterGroupBasedSecurity', N'V') IS NOT NULL
	DROP VIEW uv_AZRCRV_GetManagementReporterGroupBasedSecurity
GO
CREATE VIEW uv_AZRCRV_GetManagementReporterGroupBasedSecurity AS
/*
Created by Ian Grieve of azurecurve|Ramblings of a Dynamics GP Consultant (http://www.azurecurve.co.uk)
This code is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0 Int).
*/
SELECT
	['Security User'].UserName AS 'Username'
	,['Security User Principal'].Name AS 'Domain Name'
	,['Security User'].LastLoginAttempt AS 'Last Login Attempt'
	,CASE ['Security User'].RoleType
		 WHEN 2 THEN
			'Viewer'
		 WHEN 3 THEN
			'Generator'
		 WHEN 4 THEN
			'Designer'
		 WHEN 5 THEN
			'Administrator'
		ELSE
			'None'
		END AS 'Role'
		,['Security Group Principal'].Name AS 'Group Name'
		,['Security Group Principal'].Description AS 'Group Description'
		,['Control Company'].Code AS 'INTERID'
		,['Control Company'].Name AS 'Company Name'
 FROM 
	Reporting.SecurityUser AS ['Security User'] WITH (NOLOCK)
INNER JOIN
	Reporting.SecurityPrincipal AS ['Security User Principal'] WITH (NOLOCK)
		ON
			['Security User'].UserID = ['Security User Principal'].ID
LEFT JOIN
	Reporting.SecurityGroupUser AS ['Security Group User'] WITH (NOLOCK)
		ON
			['Security User'].UserID = ['Security Group User'].UserID
LEFT JOIN
	Reporting.SecurityPrincipal AS ['Security Group Principal']  WITH (NOLOCK)
		ON
			 ['Security Group User'].GroupID = ['Security Group Principal'].ID
LEFT JOIN
	Reporting.SecurityCompanyPermission AS ['Security Company Group Permission'] WITH (NOLOCK)
		ON
			['Security Group Principal'].ID = ['Security Company Group Permission'].PrincipalID
LEFT JOIN
	Reporting.ControlCompany AS ['Control Company'] WITH (NOLOCK)
		ON
			['Security Company Group Permission'].CompanyID = ['Control Company'].ID
GO
GRANT SELECT ON uv_AZRCRV_GetManagementReporterGroupBasedSecurity TO DYNGRP
GO

Click to show/hide the Security Views For Use In SmartList Designer Series Index

● Categories: Dynamics, GP, Management Reporter, Microsoft, SmartList, SmartList Designer ● Tags: , , , , , , , , ,  ● Permalink ● Shortlink ●

Security Views For Use In SmartList Designer: User Based Company Access In Management Reporter

● Ian Grieve ●  ● 1 Comment   ● 

Microsoft Dynamics GPA while ago, I did a series of views on the Microsoft Dynamics GP security model. Well, a little after that I wrote a couple of scripts to allow the security configuration of Management Reporter to easily be enquired upon.

This first script returns the security based on how the user is configured; the view I will post on Monday shows Group based security.

The view is configured to read the security from a database called ManagementReporter and assumes the user who runs the report has select permissions on this database and relevant tables.

IF OBJECT_ID (N'uv_AZRCRV_GetManagementReporterUserBasedSecurity', N'V') IS NOT NULL
	DROP VIEW uv_AZRCRV_GetManagementReporterUserBasedSecurity 
GO
CREATE VIEW uv_AZRCRV_GetManagementReporterUserBasedSecurity AS
/*
Created by Ian Grieve of azurecurve|Ramblings of a Dynamics GP Consultant (http://www.azurecurve.co.uk)
This code is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0 Int).
*/
SELECT
	['Security User'].UserName AS 'Username'
	,['Security User Principal'].Name AS 'Domain Name'
	,['Security User'].LastLoginAttempt AS 'Last Login Attempt'
	,CASE ['Security User'].RoleType
		 WHEN 2 THEN
			'Viewer'
		 WHEN 3 THEN
			'Generator'
		 WHEN 4 THEN
			'Designer'
		 WHEN 5 THEN
			'Administrator'
		ELSE
			'None'
		END AS 'Role'
	,['Control Company'].Code AS 'INTERID'
	,['Control Company'].Name AS 'Company Name'
FROM 
	ManagementReporter.Reporting.SecurityUser AS ['Security User'] WITH (NOLOCK)
INNER JOIN
	ManagementReporter.Reporting.SecurityPrincipal AS ['Security User Principal'] WITH (NOLOCK)
		ON
			['Security User'].UserID = ['Security User Principal'].ID
LEFT JOIN
	ManagementReporter.Reporting.SecurityCompanyPermission AS ['Security Company Permission'] WITH (NOLOCK)
		ON
			['Security User Principal'].ID = ['Security Company Permission'].PrincipalID
LEFT JOIN
	ManagementReporter.Reporting.ControlCompany AS ['Control Company'] WITH (NOLOCK)
		ON
			['Security Company Permission'].CompanyID = ['Control Company'].ID
GO
GRANT SELECT ON uv_AZRCRV_GetManagementReporterUserBasedSecurity TO DYNGRP
GO

Click to show/hide the Security Views For Use In SmartList Designer Series Index

● Categories: Dynamics, GP, Management Reporter, Microsoft, SmartList, SmartList Designer ● Tags: , , , , , , , , ,  ● Permalink ● Shortlink ●

Dynamics GP Tech Conference 2017: New User Experience Features

● Ian Grieve ●  ● 3 Comments   ● 

Microsoft Dynamics GPThis post is part of the series I am doing on the Dynamics GP Tech Conference 2017.

One of the areas being focused on in the 2018 version of Microsoft Dynamics GP, is the user experience. The announced enhancements are:

  • Add sort to Receivables Transaction Inquiry – by Customer
  • Add sort to Receivables Transaction Inquiry – by Document
  • Add sort to Payables Transaction Inquiry – by Vendor
  • Add sort to Payables Transaction Inquiry – by Document
  • System password is remembered for the duration of the user session – the only downside is if you need to grant access to a window such as the VAT Return to a user, but then need to monitor them to make sure they then close Dynamics GP before continuing with other work.
  • Rename of Payables windows to say Payments instead of Checks – I can;t find the post, but this was a request from Mariano Gomez and is well overdue. Pretty much all payments in the UK are by EFT, so it was getting seriously embarrassing having all the windows with Cheque in the name (UK language pack changes it from Check).
  • Autocomplete added to the web client
  • SmartList Favourites – unique password protection – this is by popular request after the password for SmartList Favourites globally was added in GP 2016 R2.
  • SmartList shortcut on toolbar in web client
  • Bank Reconciliation maximise window in web client
  • Adding additional sorting in Bank Reconciliation window
  • Update help icons to link to tagged online support documents

The enhancements to the user experience listed above should be of benefit to users of Dynamics GP, and follows Microsoft’s ethos of evolution, not revolution in the improvements they are making.

Click to show/hide the Dynamics GP Tech Conference 2017 Series Index

● Categories: Dynamics, GP, Microsoft ● Tags: , , , , , , , , , , , , , , , ,  ● Permalink ● Shortlink ●

Configuring Permissions to RDP to Server

● Ian Grieve ●  ● 1 Comment   ● 

Microsoft Dynamics GPThis is only something I need to do occasionally so am posting this as a reminder.

Most of the demo VMs I create are on my local Client Hyper-V, but occasionally I make one available to a prospect or client and need to give them a user other than the administrator account.

Creating the user account itself is easy, but the bit I usually fail to remember how to do, is to give the user the rights to sign in remotely.

When this right has not been granted, an error message like the below will be displayed:

To sign in remotely, you need the right to sign in through Remote Desktop Services. By default, members of the Administrators group have this right. If the group you

To sign in remotely, you need the right to sign in through Remote Desktop Services. By default, members of the Administrators group have this right. If the group you're in doesn't have this right, or if the right has been removed from the Administrators group, you need to be granted this right manually.

Continue reading → Configuring Permissions to RDP to Server

● Categories: Microsoft, Windows, Windows Server 2012 ● Tags: , , , ,  ● Permalink ● Shortlink ●

Hands On With Microsoft Dynamics GP 2016 R2: Batch Edited Message

● Ian Grieve ●  ● 3 Comments   ● 

Microsoft Dynamics GPWith the release of Microsoft Dynamics GP 2016 R2 it’s time for a series of “hands on” posts where I go through the installation of all of it’s components and also look at the new functionality introduced; the index for this series can be found here.

The feature of the day I am covering in this post, is the Batch Edited Message. If a user tries to open a batch being edited by another user they will receive a warning message containing the users name:

Microsoft Dynamics GP: This batch is being edited by laurab. Please try later.

Microsoft Dynamics GP

This batch is being edited by laurab. Please try later.

Continue reading → Hands On With Microsoft Dynamics GP 2016 R2: Batch Edited Message

● Categories: Dynamics, GP, Microsoft ● Tags: , , , , , , ,  ● Permalink ● Shortlink ●

Hands On With Microsoft Dynamics GP 2016 R2: SmartList Favourite Protection

● Ian Grieve ●  ● 4 Comments   ● 

Microsoft Dynamics GPWith the release of Microsoft Dynamics GP 2016 R2 it’s time for a series of “hands on” posts where I go through the installation of all of it’s components and also look at the new functionality introduced; the index for this series can be found here.

The second of the new features I’m going to cover is SmartList Favorite Protection.

This feature allows the administrators to define a password which must be entered before a SmartList favorite can be modified. The password is entered in the SmartList Options window (Administration >> Setup >> System >> SmartList Options):

SmartList Options

The password impacts all SmartList favorites. Please do not use ACCESS as the password; I see far too many clients who have this as a password throughout their system. It is in all of the manuals and lots of blog posts so it is pretty much the least secure password you could use.

Continue reading → Hands On With Microsoft Dynamics GP 2016 R2: SmartList Favourite Protection

● Categories: Dynamics, GP, Microsoft, SmartList ● Tags: , , , , , , , ,  ● Permalink ● Shortlink ●

Upgrading to Microsoft Dynamics GP 2016 R2: Adding Missing Security Roles

● Ian Grieve ●  ● 3 Comments   ● 

Microsoft Dynamics GPWith Microsoft Dynamics GP 2016 R2 now being available, there are some new security roles and tasks which need to be added.

As they have for the last few versions, Microsoft have made available some SQL Scripts to insert these roles and tasks.

The Dynamics GP 2016 R2 ones can be downloaded from directly from Microsoft or I have a post containing links to all of the versions I can find, which has been updated for Dynamics GP 2016, which is here.

The scripts tend to be cumulative, so if you upgrade from Microsoft Dynamics GP 2013 SP2 to 2016 R2, you only need to run the final script.

Not sure why I thought the scripts were cumulative, but they are not. All of the scripts need to be run in sequence for your upgrade path.

As always, when running scripts against Dynamics GP databases, ensure you have a good backup before starting.

● Categories: Dynamics, GP, Microsoft ● Tags: , , , , , ,  ● Permalink ● Shortlink ●

Hands On With Microsoft Dynamics GP 2016 R2: Manage Web Client SQL Server Login

● Ian Grieve ●  ● 3 Comments   ● 

Microsoft Dynamics GPWith the release of Microsoft Dynamics GP 2016 R2 it’s time for a series of “hands on” posts where I go through the installation of all of it’s components; the index for this series can be found here.

The final step before we can log into the web client, is to configure the client with a proxy user which is used to connect to SQL Server. If you did this while installing the Microsoft Dynamics GP desktop client, you do not need to do this step now (provided of course that the username and password you set while installing the web client match what you set when installing the desktop client.

To configure (or manage) the Web Client SQL Sever Login, launch GP Utilities and log in using the sa or other user account with security admin permissions:

Welcome to Microsoft Dynamics GP Utilities

Continue reading → Hands On With Microsoft Dynamics GP 2016 R2: Manage Web Client SQL Server Login

● Categories: Dynamics, GP, GP Utilities, Microsoft, Web Client ● Tags: , , , , , , , , ,  ● Permalink ● Shortlink ●

Hands On With Microsoft Dynamics GP 2016 R2: Install Web Client Single-Machine Deployment

● Ian Grieve ●  ● 1 Comment   ● 

Microsoft Dynamics GPWith the release of Microsoft Dynamics GP 2016 R2 it’s time for a series of “hands on” posts where I go through the installation of all of it’s components; the index for this series can be found here.

Now that the Web Client Runtime feature has been added, we can install the web client itself. I am only doing a single-machine deployment of the web client in this series of posts.

To install the Web Client, launch the setup utility and, under Additional Products select Web Client:

Microsoft Dynamics GP 2016 setup utility

Continue reading → Hands On With Microsoft Dynamics GP 2016 R2: Install Web Client Single-Machine Deployment

● Categories: Dynamics, GP, Microsoft, Web Client ● Tags: , , , , , , , , , , , , ,  ● Permalink ● Shortlink ●