Security Views For Use In SmartList Designer: Security Roles With Tasks

Microsoft Dynamics GPThe fourth view being posted in this series takes a step back from the users and just shows the role and tasks within.

CREATE VIEW [dbo].[uv_PI_SecurityRolesWithTasks] AS
SELECT
	['Security Roles Master'].SECURITYROLEID AS 'Security Role ID'
	,['Security Roles Master'].SECURITYROLENAME AS 'Security Role Name'
	,['Security Role Task Assignment'].SECURITYTASKID AS 'Security Task ID'
	,['Security Task Master'].SECURITYTASKNAME AS 'Security Task Name'
FROM
	SY09100 AS ['Security Roles Master']
INNER JOIN
	SY10600 AS ['Security Role Task Assignment']
		ON ['Security Role Task Assignment'].SECURITYROLEID = ['Security Roles Master'].SECURITYROLEID
INNER JOIN
	SY09000 AS ['Security Task Master']
		ON ['Security Task Master'].SECURITYTASKID = ['Security Role Task Assignment'].SECURITYTASKID
GO

GRANT SELECT ON uv_PI_SecurityRolesWithTasks TO DYNGRP
GO

Click to show/hide the Security Views For Use In SmartList Designer Series Index

Security Views For Use In SmartList Designer
User Access
User Access & Granted Security Roles
User Access & Granted Security Roles With Tasks
Security Roles With Tasks

Security Views For Use In SmartList Designer: User Access & Granted Security Roles With Tasks

Microsoft Dynamics GPThe third SQL view I’m posting in this series is one which shows the user, the companies to which they have access and the security roles assigned within each company as well as the tasks within the role.

CREATE VIEW [dbo].[uv_PI_UserAccessAndGrantedSecurityRolesWithTasks] AS
SELECT
	['User Master'].USERID AS 'User ID'
	,['User Master'].USERNAME AS 'Username'
	,['User Master'].USRCLASS AS 'User Class'
	,ISNULL(['Class Master'].DSCRIPTN, '') AS 'User Class Description'
	,ISNULL(['Company Master'].INTERID, '') AS 'Intercompany ID'
	,ISNULL(['Company Master'].CMPNYNAM, '') AS 'Company Name'
	,ISNULL(['Security Assignment User Role'].SECURITYROLEID, '') AS 'Security Role ID'
	,ISNULL(['Security Roles Master'].SECURITYROLENAME, '') AS 'Security Role Name'
	,ISNULL(['Security Role Task Assignment'].SECURITYTASKID AS 'Security Task ID'
	,ISNULL(['Security Task Master'].SECURITYTASKNAME AS 'Security Task Name'
FROM
	SY01400 AS ['User Master']
LEFT JOIN
	SY40400 AS ['Class Master']
		ON ['Class Master'].USRCLASS = ['User Master'].USRCLASS
LEFT JOIN
	SY60100 AS ['User-Company Access']
		ON ['User-Company Access'].USERID = ['User Master'].USERID
LEFT JOIN
	SY10500 AS ['Security Assignment User Role']
		ON ['Security Assignment User Role'].CMPANYID = ['User-Company Access'].CMPANYID
			AND ['Security Assignment User Role'].USERID = ['User-Company Access'].USERID
LEFT JOIN
	SY09100 AS ['Security Roles Master']
		ON ['Security Roles Master'].SECURITYROLEID = ['Security Assignment User Role'].SECURITYROLEID
LEFT JOIN
	SY01500 AS ['Company Master']
		ON ['Company Master'].CMPANYID = ['User-Company Access'].CMPANYID
LEFT JOIN
	SY10600 AS ['Security Role Task Assignment']
		ON ['Security Role Task Assignment'].SECURITYROLEID = ['Security Roles Master'].SECURITYROLEID
LEFT JOIN
	SY09000 AS ['Security Task Master']
		ON ['Security Task Master'].SECURITYTASKID = ['Security Role Task Assignment'].SECURITYTASKID
GO

GRANT SELECT ON uv_PI_UserAccessAndGrantedSecurityRolesWithTasks TO DYNGRP
GO

Click to show/hide the Security Views For Use In SmartList Designer Series Index

Security Views For Use In SmartList Designer
User Access
User Access & Granted Security Roles
User Access & Granted Security Roles With Tasks
Security Roles With Tasks

Security Views For Use In SmartList Designer: User Access & Granted Security Roles

Microsoft Dynamics GPThe second SQL view I’m posting in this series is one which shows the user, the companies to which they have access and the security roles assigned within each company.

CREATE VIEW [dbo].[uv_PI_UserAccessAndGrantedSecurityRolesWithTasks] AS
SELECT
	['User Master'].USERID AS 'User ID'
	,['User Master'].USERNAME AS 'Username'
	,['User Master'].USRCLASS AS 'User Class'
	,ISNULL(['Class Master'].DSCRIPTN, '') AS 'User Class Description'
	,ISNULL(['Company Master'].INTERID, '') AS 'Intercompany ID'
	,ISNULL(['Company Master'].CMPNYNAM, '') AS 'Company Name'
	,ISNULL(['Security Assignment User Role'].SECURITYROLEID, '') AS 'Security Role ID'
	,ISNULL(['Security Roles Master'].SECURITYROLENAME, '') AS 'Security Role Name'
FROM
	SY01400 AS ['User Master']
LEFT JOIN
	SY40400 AS ['Class Master']
		ON ['Class Master'].USRCLASS = ['User Master'].USRCLASS
LEFT JOIN
	SY60100 AS ['User-Company Access']
		ON ['User-Company Access'].USERID = ['User Master'].USERID
LEFT JOIN
	SY10500 AS ['Security Assignment User Role']
		ON ['Security Assignment User Role'].CMPANYID = ['User-Company Access'].CMPANYID
			AND ['Security Assignment User Role'].USERID = ['User-Company Access'].USERID
LEFT JOIN
	SY09100 AS ['Security Roles Master']
		ON ['Security Roles Master'].SECURITYROLEID = ['Security Assignment User Role'].SECURITYROLEID
LEFT JOIN
	SY01500 AS ['Company Master']
		ON ['Company Master'].CMPANYID = ['User-Company Access'].CMPANYID
GO

GRANT SELECT ON uv_PI_UserAccessAndGranted TO DYNGRP
GO

Click to show/hide the Security Views For Use In SmartList Designer Series Index

Security Views For Use In SmartList Designer
User Access
User Access & Granted Security Roles
User Access & Granted Security Roles With Tasks
Security Roles With Tasks

Security Views For Use In SmartList Designer: User Access

Microsoft Dynamics GPThe first of the security SQL views I am posting in this series shows all of the users and the companies to which they have been granted access.

CREATE VIEW [dbo].[uv_PI_UserAccessAndGranted] AS
SELECT
	['User Master'].USERID AS 'User ID'
	,['User Master'].USERNAME AS 'Username'
	,['User Master'].USRCLASS AS 'User Class'
	,ISNULL(['Class Master'].DSCRIPTN, '') AS 'User Class Description'
	,ISNULL(['Company Master'].INTERID, '') AS 'Intercompany ID'
	,ISNULL(['Company Master'].CMPNYNAM, '') AS 'Company Name'
FROM
	SY01400 AS ['User Master']
LEFT JOIN
	SY40400 AS ['Class Master']
		ON ['Class Master'].USRCLASS = ['User Master'].USRCLASS
LEFT JOIN
	SY60100 AS ['User-Company Access']
		ON ['User-Company Access'].USERID = ['User Master'].USERID
LEFT JOIN	SY01500 AS ['Company Master']
		ON ['Company Master'].CMPANYID = ['User-Company Access'].CMPANYID
GO

GRANT SELECT ON uv_PI_UserAccessAndGranted TO DYNGRP
GO

Click to show/hide the Security Views For Use In SmartList Designer Series Index

Security Views For Use In SmartList Designer: Series Index

Microsoft Dynamics GPBack in November I posted a SQL View which could be used in SmartList Designer to return the users, company and role assignments. This view is now accompanied by several others which allow for reporting on the Dynamics GP security setup at several different levels.

These have been done as SQL views so they can easily be plugged into SmartList Designer which does not have an import/export function, but they can also be used in SmartList Builder, should the client be licensed for this add-on, or any other reporting tool.

Security Views For Use In SmartList Designer
User Access
User Access & Granted Security Roles
User Access & Granted Security Roles With Tasks
Security Roles With Tasks

Scripts to Reset System and Budget Passwords

Microsoft Dynamics GPIf a user forgets the password set against a Budget it cannot be amended through Microsoft Dynamics GP, but can be removed through SQL Server; the same stands true for the System Password as well.

The first script in this post, removes the password of a budget; this SQL is not mine, but was posted by Leslie Vail in this post on the Dynamics Community forum.

To run this script change the highlighted section to the name of the budget which needs the password reset:

UPDATE
	GL00200
SET
	BUDPWRD = 0x00202020202020202020202020202020
WHERE
	BUDGETID = 'budget id'
GO

A very similar script can be used to reset the System Password. If you are using a Named System Database, change the highlighted DYNAMICS text to the name of your System Database:

USE DYNAMICS
GO
UPDATE
	SY02400
SET
	Password = 0X00202020202020202020202020202020
GO

MDGP 2015 Feature of the Day: Organizational Accounts User Authentication

Microsoft Dynamics GPThe Inside Microsoft Dynamics GP blog has started a series of posts on the new features of, the soon to be released, Microsoft Dynamics GP 2015. As I have done for the last two releases, I intend to shadow these posts and add my own opinions on these new feature; the series index is here.

The sixth Feature of the Day is Organizational Accounts User Authentication.

This feature allows users to be authenticated for Microsoft Dynamics GP using organizational account credentials, also known as Azure AD accounts. This allows the user to log into the Microsoft Dynamics GP Web Client using the same credentials that are used for Office 365, Microsoft Dynamics CRM Online, or many other cloud applications:

User Setup

Continue reading

Implementing Fastpath’s Config AD: Conclusion

FastpathIn this series of posts I have taken a look at the Config AD product from Fastpath which adds single sign-on to the Dynamics GP desktop client; you can find my series index here.

Over the course of the series I have run through the installation and configuration of several parts of Config AD, but there is still a lot of functionality that I haven’t covered.

For example, I have shown how to associate a GP user with a Windows AD account, but not how to disassociate them. I also didn’t show how SSRS security could also be assigned to users in Config AD; largely because I didn’t have SSRS installed and configured on my test box.

The main reason I haven’t covered even more than I have is that I enjoy playing around with different software and want to move onto something else. I’ve enjoyed the opportunity to have a go with Config AD which I found easy to install, easy to configure and that it provides a lot of functionality which brings together the security setup of Dynamics GP into one location.

Something I find very annoying in Dynamics GP is that to create a user, grant company access and assign roles you need to enter the System Password at least three times (unless you’re just copying security from another user wholesale), but Config AD allows you to configure all of this after logging into it once.

If you’re looking for an add-on which will both simplify the maintenance of Dynamics GP security (and I assume the effect would be the same for the other Dynamics products it integrates with) and allow for single sign on, then Config AD is definitely worth considering.

Click to show/hide the Implementing Fastpath's Config AD Series Index

Implementing Fastpath’s Config AD: Configuring Config AD Desktop

Microsoft Dynamics GPIn this series of posts I’m going to take a look at the Config AD product from Fastpath which adds single sign-on to the Dynamics GP desktop client; you can find my series index here.

With the Config AD Desktop installed, we need to configure it for use; many of the steps in this section are only required the first time you run Config AD Desktop on a machine.

Start Config AD Desktop from the Windows Start Screen (or Start menu for those on an older version of Windows) and click on File >> options:

Fastpath Config AD Desktop

Continue reading

Implementing Fastpath’s Config AD: Installing Config AD Desktop

In this series of posts I’m going to take a look at the Config AD product from Fastpath which adds single sign-on to the Dynamics GP desktop client; you can find my series index here.

To install the Config AD Desktop run the setup.exe in the Config AD Desktop 2.1.3 folder and accept the security warning:

Open File - Security Warning

Continue reading