Tag Archives: Security

Microsoft Dynamics GP 2013 SP2 Web Client Scale-Out Deployment: Creating Required Service Accounts

Depending on your selected options when installing the Microsoft Dynamics GP web client, there are between three and four service accounts required.

The three which are always required are:

  1. Web Application User
  2. Session Service
  3. Session Central Service

The one which is optional dependent on installation options is:

  1. Management Console Application User

This last is only required if the Management COnsole is installed to a different web site to the web client.

To create the service accounts, you need to be logged onto the Domain Control (in my case DC1 which is running Windows Server 2008 R2) and open Active Directory Users and Computers.

Continue reading

Posted in Active Directory, Dynamics, GP, Microsoft, Web Client | Tagged , , , , , , , , , , | Leave a comment

Microsoft Dynamics GP 2013 SP2 Web Client Scale-Out Deployment: Creating Security Groups In AD For The Web Client

There are two security groups required for the Microsoft Dynamics GP web client:

  1. A group for users who can access the web client
  2. A group for users who can access the web client’s management console.

To create these groups we need to be logged onto the domain controller which on my test system is AZC-DC1.

On the domain controller, open Active Directory Users and Computers.

I decided to create a business unit called Microsoft Dynamics GP but you could create the required groups anywhere. To create the web console user’s group click the Create Group button on the toolbar:

Active Directory Users and Computers

Continue reading

Posted in Active Directory, Dynamics, GP, Microsoft, Web Client | Tagged , , , , , , , , , , | Leave a comment

Management Reporter Login Error

I thought I had posted this a while ago, but searching my blog I can’t find it. A client contacted me recently to report the following error message:

Management Reporter - CanManagement Reporter – Can’t connect to the Management Reporter server. Do you want to specify a different server address?

My first step was to try running Management Reporter myself and was able to log in without a problem’; this was on the same Citrix server the client had been trying to log into which ruled it out as being a problem with the Management Reporter services.

The client in question was a member of their internal IT department and had his own Domain account and access to a global Domain administrator account. It was his own Domain account which he had logged into the server with, but this user was not in Management Reporter; it had been configured using the global Domain Admin account to minimise the number of licenses assigned to IT (the client is running Microsoft Dynamics GP 2010).

Once he logged in with the global Domain Admin account he was able to access Management Reporter without any further issues.

Posted in Dynamics, Management Reporter, Microsoft | Tagged , , , , | Leave a comment

SOP Blank Invoice Form Word Template Not Working

I was configuring up a test system a short time ago and found that the Sales Documents (specifically the SOP Blank Invoice Form) were producing into IE rather than Word when I printed them.

The problem was caused by the VAT Daybook being installed. VAT Daybook provides alternative versions of the standard SOP reports which do not work with the Word Template Email functionality. To have the invoices send via Word, I had two choices; make a Word Template version of the SOP Blank Invoice Form or, and as this was only a test system my preferred choice, to change a setting to use the standard SOP template rather than the VAT Daybook one.

To do this, open Alternative/Modified Forms and Reports (Microsoft Dynamics GP menu >> Tools >> Setup >> System), set Product to VAT Daybook and restrict the Type to Reports;

Alternative/Modified Forms and Reports

In the scrolling window, expand SOP Blank Invoice Form and SOP Blank History Invoice Form and mark the Microsoft Dynamics GP option under both.

After saving these changes, the SOP Blank Invoice Form successfully produced to Word.

Posted in Dynamics, GP, Microsoft, VAT Daybook | Tagged , , , , , , , , , | Leave a comment

Error Granting Database Access In SQL Server Management Studio

I’m currently involved with a couple of projects where we have needed to migrate databases from one SQL Server to another and needed to do so more than once.

Prior to the first copy, we used a script to load the users into SQL Server and then restored the databases and had no problems.

Later on, after changing some of the permissions to databases we had need to remigrate some of them over. However, we found that users could not access some databases and when we tried to add them we got the following error;

Msg 15023, Level 16, State 1, Line 1
User, group, or role 'pidev' already exists in the current database.

It was looking very like we would need to go through each database and remove access and then regrant it all; a labourious process. A quick Google found me a page from Julian Kuiters which introduced me to the ALTER USER command. The following code will run against the selected database and tie together the SQL Server user with the user in the database without any other work;

USE [GPNL]
GO

ALTER USER pidev WITH LOGIN = pidev
GO

The first highlighted element needs to be changed to the database you want to update the user on and then the following two entries are the usernames which need to be linked (these should be set to the same value).

Posted in Microsoft, SQL Server, SQL Server 2008 | Tagged , , , , | Leave a comment

Management Reporter 2012 Install Error – Invalid sa Password

I was recently on site with a client doing an upgrade from Microsoft Dynamics GP 2010 to 2013 and implementing Management Reporter 2012 to replace FRx 6.7.

The upgrade of Dynamics GP to 2013 went through without issue, once I sorted out the overlapping periods which are no longer allowed (I hope Microsoft will be updating the exam question), but I ran into an issue with Management Reporter.

When I was entering the details for the SQL Server I got an error that the password provided was incorrect. I reentered it and got the same error and then entered it a third time very slowly and carefully. Again, it was rejected.

Now because I was onsite and therefore using a customer supplied password there was every possibility that I had entered it incorrectly. I verified the password with the customer and then copied and pasted it in from Notepad so that I was certain it was correct, but it was, again, rejected.

It was at this point a memory fired that someone had recently told me about this. I checked emails I’d received a few weeks ago and found the answer in one from Andrew Cooper, my former colleague. The problem is when Enforce password policy in Microsoft SQL Server is enabled for the user account.

This should not be a problem, but with Management Reporter 2012 RU4 it is because the password is verified against SQL Server as each letter is typed in order to populate the database selection box and if the password policy is being enforced then the user account gets locked out after the third letter. I haven’t had a change/remembered to test this against RU5.

After unlocking the user account via SQL Server Management Studio, I copied and pasted the password into the Management Reporter Configuration window and was able to progress with the installation.

Posted in Dynamics, GP, Management Reporter, Microsoft | Tagged , , , , , , , , , | Leave a comment

Can’t Connect To The Management Reporter Server

We had a call logged by a new customer recently who has just had Managagement Reporter implemented. One of the IT team was trying to get into Report Designer and continually got the message below;

Management Reporter - CanManagement Reporter – Can’t connect to the Management Reporter server. Do you want to specify a different server address?

I’ve seen this error before and it has been one of two things:

  1. The Management Reporter 20123 Application Service isn’t running
  2. The logged in Windows user has not been given access to Management Reporter

In this instance the problem was the latter. The IT team member’s own domain account was configured as a Management Reporter Administrator, but he was logged onto the server as Domain\Administrator which was not a Management Reporter user. After logging out and back in under his own domain account he was able to access Management Reporter successfully.

Posted in Dynamics, Management Reporter, Microsoft | Tagged , , , , | Leave a comment

VBA Customisation To Microsoft Dynamics GP 2013 Login Window To Display Desktop Alert If Caps Lock On

In 2009 Patrick Roth, on the Developing for Dynamics GP blog, posted a customisation for the Microsoft Dynamics GP login window which displays a message box if the caps lock is on when the user goes to enter their password.

Then, back in July, Aaron Berquist on his blog High Dynamic Range, posted an article on using VBA to create a desktop alert to users which doesn’t take focus away from the application.

I decided to take a look and see if I could combine these two ideas into one and have a desktop alert displayed when the user has caps lock on when logging in, which is far less intrusive than the message box approach by Patrick.

The result is a customisation of the login window (which you can download at the end of the post) to display an alert if the user has the Caps Lock on using the desktop alert code Aaron posted.

The code displays a message to the user if they have Caps Lock on when the login window displays, or when they tab into the Password field if they haven’t already seen the message;

Desktop Alert

The customisation was created in GP 2013 and has only been tested in this version of GP but has been tested on Windows Server 2008 R2 and Windows 8. As with everything I post here, it is supplied entirely without warranty and you use it at your own risk.

However, if you do have problems let me know and I’ll see what I can do to fix them.

Posted in Dynamics, GP, Microsoft, Modifier with VBA | Tagged , , , , , , , | 4 Comments

How To Install The GP Web Services – Configure Management Tools

This is the seventh, and final, post in the series on installing, configuring and preparing the Web Services for Microsoft Dynamics GP for use. So far I’ve covered the prerequisites, installation process, configuration, verification of the install, security configuration and client Management Tools installation.

To configure the Management Tools, launch the Dynamics Security Console (Windows Start menu >> All Programs >> Administrative Tools >> Dynamics Security Console) and select the Microsoft Dynamics Security node;

DynamicsSecurityConsole - [Console Root\Microsoft Dynamics Security]

Continue reading

Posted in Dynamics, GP, Microsoft, Web Services | Tagged , , , , , , , , , , | 2 Comments

How To Install The GP Web Services – Management Tools Installation

This is the sixth post in the series on installing, configuring and preparing the Web Services for Microsoft Dynamics GP for use. So far I’ve covered the prerequisites, installation process, configuration, verification of the install and security configuration.

In this post, I’m going to show the installation of the Management Tools on a client machine; in this case AZC-DESK1 which is running Windows 7 Enterprise.

The Management Tools are installed off the Microsoft Dynamics GP 2010 installation media. When you run up the setup utility, the standard Microsoft Dynamics GP 210 Bootstrapper Setup will run to install the prerequisites;

Microsoft Dynamics GP 2010 Bootstrapper Setup

Continue reading

Posted in Dynamics, Microsoft, Web Services | Tagged , , , , , , , , , , | 3 Comments