Hands On with Microsoft Dynamics GP October 2019 Release New Features – System Enhancements: Sort companies in User Access Setup

Microsoft Dynamics GPThis post is part of the Hands On with Microsoft Dynamics GP October 2019 Release New Features – System Enhancements series where I am going hands on with the system enhancements of the new version of Microsoft Dynamics GP; it is part of the larger Hands On with Microsoft Dynamics GP October 2019 Release New Features series.

The second of the new features in the system module, is the ability to sort companies in the User Access Setup window (Administration area page » Setup » System » User Access). This function improves the ease with which access to companies can be granted, or removed, for a user.

The default display order is in Company ID order; this is a numeric identifier which signifies the order in which the companies were created:

User Acces Setup in Company ID order

Continue reading “Hands On with Microsoft Dynamics GP October 2019 Release New Features – System Enhancements: Sort companies in User Access Setup”

MDGP October 2019 Release Feature of the Day: User Access Enhancements

Microsoft Dynamics GPThe Inside Microsoft Dynamics GP blog has started a series Feature of the Day posts for Microsoft Dynamics GP “October 2019” Release on which I am following and adding commentary. The index for this series of posts is here.

The fifth Feature of the Day is User Access Enhancements.

There are four enhancements to the User Access window. Firstly, you can choose to filter inactive users from displaying in User Access Setup. This is a per user setting and will be saved the next time you open the window:

User Access Setup

Continue reading “MDGP October 2019 Release Feature of the Day: User Access Enhancements”

Decrypting Microsoft Dynamics GP System Passwords Is Now Possible

Microsoft Dynamics GPMicrosoft Dynamics GP encrypts its system and budget passwords in a way which cannot be decrypted. Or at least it did. DynDeveloper.com, in April, posted an article containing a stored procedure which would allow the passwords such as the system or budget passwords to be decrypted.

As well as the stored proc, the article also includes sample code which will return the decrypted system password.

The post with code is here.

Update: It turns out this isn’t new and was first posted about back in 2010 when it was misunderstood what this type of decryption would cover. It is system and budget passwords (which are both optional and often not used), not user passwords.

Enable Bitlocker on Removable Drive

WindowsWhen I joined ISC Software I was given a new laptop and associated peripherals which included a removable 1TB SSD. As this SSD travels with me, one of the first things I did was encrypt it with BitLocker.

To encrypt a drive with BitLocker, launch Windows Explorer, right click on the drive and select Turn BitLocker On. When the BitLocker Drive Encryption window appears, click Encrypt this drive using BitLocker Drive Encryption:

Bitlocker Drive Encryption

Continue reading “Enable Bitlocker on Removable Drive”

Disable IE Enhanced Security Configuration

Windows ServerI do a lot of work in virtual machines and this work often involves using the web browser; this is usually just for web client, SSRS or other similar local pages, but even then Internet Explorer Enhanced Security Configuration will get in the way and need to be disabled.

I never remember where the setting for this is, so I am posting here to make it easy to find in future. To change the setting, open Server Manager; in the left pane, click Local Server:

Server Manager > Dashboard

In the main section of the page, click the word ON next to IE Enhanced Security Configuration:

Continue reading “Disable IE Enhanced Security Configuration”

Microsoft Dynamics GP In-Transit Transfer Document Locked

Microsoft Dynamics GPWhile I was looking at the problem raising In-Transit Transfers I needed to delete all orders with alpha numeric Document Numbers, but was getting an in use error on one of them:

Document is in use error

Continue reading “Microsoft Dynamics GP In-Transit Transfer Document Locked”

Add Company Access Back to sa User

Microsoft Dynamics GPWe’re busy doing some work for a client for whom we’ve recently taken over the support of their Microsoft Dynamics GP implementation. For the initial set of projects, we’re assisting them in the creation of a standalone test systemm. When you do this, the first thing you need to do is log in using the sa account and reset passwords.

However, we found that at some point in the past, all company access had been removed from the sa user account leaving us unable to log into Dynamics GP.

Fortunately, company access is only stored within one table in the system database: User-Company Access (SY60100).

The SQL below will add company access back to the sa user for all company databases:

Created by Ian Grieve of azurecurve|Ramblings of a Dynamics GP Consultant (http://www.azurecurve.co.uk)
This code is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0 Int).
		SY01500 AS ['Company Master']
			SY60100 AS ['User-Company Access']
			['User-Company Access'].CMPANYID = ['Company Master'].CMPANYID
			['User-Company Access'].USERID = 'sa'
		) = 0

After you’ve run the above to add company access back, you also need to run the SQL insert statement in this post to add POWERUSER access as well.

With the two scripts run, the sa account can be used to reset the DYNSA user and other user accounts.

Implementing SmartList Builder: Security

eOne SolutionsThis post is part of the series on Implementing SmartList Builder from eOne Solutions.

The final element to readying SmartList Builder for use is to configure security so that users without the POWERUSER* role can access it. While this step isn’t absolutely necessary, I would encourage people not to over use the POWERUSER* role.

A better approach would be to create a Super User role instead. Both this role and standard user roles will need to have access to the SmartList Builder windows granting.

This is easy to do, as SmartList Builder ships with some default security tasks and a role:

Security Role Setup

Assign this role to the relevant user or assign the tasks to existing roles and user will, next time they login, be able to access the SmartList Builder window.

Create User or Assign Company Access Without Using sa

Microsoft Dynamics GPWith Microsoft Dynamics GP, there are only two user accounts which can, by default, create new users or assign access to companies; these the the sa (SQL Server System Administrator) and DYNSA (Dynamics GP System Administrator).

The former account should only be used when absolutely necessary (such as when implementing Microsoft Dynamics GP or moving it to a new SQL Server Instance; there are some ISV products which also insist on the sa account when it isn’t strictly necessary from a tecHnical perspective).

The recommended way of maintaining security is to configure a normal user account with the permissions necessary to create and assign users to companies. There are a few steps to go through to assign the relevant security.

Mark Polino did a post a while ago on adding users without using the sa account, but, in this post, Mark assigned the sysadmin role to the user. While this will do the job, and in fewer steps, I prefer to lock down security so users only have the permissions required, which precludes assigning a sysadmin role. The reason for this is both best practice, but also that I have several clients who will not allow the sysadmin role to be assigned to a GP user.

The following steps cover the minimum security required for a user to be able to add new users or assign them access to companies.

Assign the user to all companies in Microsoft Dynamics GP (this is done in the User Access Setup window (Administration area page » Setup » System » User Access):

User Access Setup

Continue reading “Create User or Assign Company Access Without Using sa”

Implementing Enhanced Notes: Configure Security

GP Elementz Enhanced NotesThis post is part of a series on Implementing Enhanced Notes from ISC Software Solutions.

When Enhanced Notes is deployed to a company, there are two security roles created:

  1. ENHANCED NOTES – which gives users access ton the Enhanced Notes instead of the standard Dynamics GP Notes window.
  2. ENHANCED NOTES SETUP – which allows users to change the configuration of the Enhanced Notes module.

All non-POWERUSER* users are automatically assigned the Enhanced Notes security role when it is installed, but future users will need to be assigned it via User Security Setup (Adminstration » Setup » System » User Security):

User Security Setup

Any user other than a POWERUSER* will need to be assigned the Enhanced Notes Setup role.

Have an enquiry for ISC Software Solutions?

If you’re interested in speaking to ISC Software about consultancy, upgrades, implementation, development, GP Elementz add-ons or portals, or anything else, you can use the form below.

Your Name (required):
Your Email (required):
Enquiry message: