D365FO - Table Browser via web browser
D365FO - Execute a job/runnable class outside of visual studio
[D365FO main URL]/?cmp=[company]&mi=SysClassRunner&cls=[job/runnable class name]
D365FO - Maintenance mode / Importing License File (ISV/VAR Add-on License import)
In D365FO there is now only a license configuration which is available via System administration > Setup > License configuration however you will notice that the data is read-only.
(This form is read-only unless the system is in the maintenance mode. Maintenance mode can be enabled in this environment by running maintenance job from LCS, or using Deployment.Setup tool locally)
In order to change this from read-only to modifiable we need to put the system in maintenance mode. We do this by opening the command prompt (cmd.exe)
change the dir to your local \AosService\PackagesLocalDirectory\Bin\ folder:
>cd C:\AosService\PackagesLocalDirectory\Bin\
Put the service into maintenance mode:
>Microsoft.Dynamics.AX.Deployment.Setup.exe --metadatadir C:\AosService\PackagesLocalDirectory --bindir C:\AosService\PackagesLocalDirectory\Bin --sqlserver . --sqldatabase axdb --sqluser [sql login] --sqlpwd [sqlpassword] --setupmode maintenancemode --isinmaintenancemode true
Reset IIS/Cycle the AOS> IISRESET
The system should now be in maintenance mode so we can import the file
via the cmd.exe prompt run the following
Import license file:
> Microsoft.Dynamics.AX.Deployment.Setup.exe --setupmode importlicensefile --metadatadir C:\AOSService\PackagesLocalDirectory --bindir C:\AOSService\PackagesLocalDirectory --sqlserver . --sqldatabase AxDB --sqluser [sql login] --sqlpwd [sql password] --licensefilename C:\licensefolder\license2018.txt
In D365FO you should now be able to open System administration > Setup > License configuration and not see the read-only warning. You should see the name of the license that was import and you should be able to enable the configuration for the new license file.
Turn off maintenance mode
> Microsoft.Dynamics.AX.Deployment.Setup.exe --metadatadir C:\AosService\PackagesLocalDirectory --bindir C:\AosService\PackagesLocalDirectory\Bin --sqlserver . --sqldatabase axdb --sqluser [sql login] --sqlpwd [sqlpassword] --setupmode maintenancemode --isinmaintenancemode false
Reset IIS/Cycle the AOS: > iisreset
D365FO - OneBox Default account information
OneBox default windows login:
Login: local\Administrator
Password: pass@word1
OneBox SQL login
Login: axdbadmin
Password: AOSWebSite@123
I will add more as I run across the need for different accounts that are associated with the OneBox.
Architecture
Extended Architecture
Introduction of Power BI integration in D365
Cost Saving Capabilities on Azure for Dynamics AX 2012 R3
The Ever Green "Dynamics 365 for Finance and Operations"
Change management and ERP: Understand the limits
#D365FO Diary 02: Time to create a comprehensive training plan for our end users, Part 1
D365FO - Importing License File (ISV/VAR Add-on) via deployable package into QA/Prod
Extensible Data Security examples – Secure by legal entity
In my last blog, I shared some code examples for eXtensible Data Security (XDS). In this post, I will explain how it works and also introduce a V2 version which will be more advanced in determine which legal entities will be visible for the user.
Secure by legal entity
About four and a half year years ago, I already created the first version of the security policy to constrain records on the form Legal entities. At that time I did create a blog describing all steps in detail how to create this policy. You can read the blog How to restrict legal entities based on assigned organizations – AX 2012 how this policy was created.
To be able to have this version of the policy working, you should restrict all security roles; also the system user role. All other details are documented in the initial blog. There might be an additional requirement to constrain also accounting entries. This is based on global tables, but are already filtered on reports and forms within the client. However, if you want to use the Excel add-in in AX2012 with these accounting entries, there was no company (DataAreaId) context field, so it showed also data for companies which are not part of your domain. So, in addition to the explanation provided in the blog mentioned above, this has been covered in this security policy.
Enhanced version
As described above, the system user role needs to get restrictions on assigned organizations; otherwise the legal entity form shows too many records. Also, it might be the case that a person would be e.g. a sales assistant in all legal entities, but an accountant in just a few legal entities. For this purpose, I was thinking of another way to get a certain result.
I got the idea to look at all roles which does grant permissions for the Legal entities form. Then only look at the organization assignments for these roles and ignore the settings for the system user and other roles which does not have permissions on this entry point. To be able to achieve the desired result, I had to create a new so-called MyContruct table which builds a list with companies. (A MyContruct table is a special temporary table which creates a temporary table on the SQL server per user with his/her own values using a table method ‘xds()’.)
This new table has been used in a new view instead of the MyLegalEntities table in the first table.
All objects (V1 and V2) can be found on my My OneDrive DynamicsShare. Note that the provided examples of V1 and V2 cannot be used together without modifications. As they both have a policy on the same table(s) for all roles, only one policy should be active at a time.
If you want to explore these examples, feel free to download and use it. The software is provided as-is and you cannot obtain any rights if something is not working correctly. You have to ensure you will install the examples in a separate environment first and test it carefully. If you have questions or feedback, feel free to add comments or send a message.
That’s all for now. Till next time!
Microsoft Dynamics CommunitySubscribe to this blogger RSS FeedMy book on Merging global address book records in AX 2012
The post Extensible Data Security examples – Secure by legal entity appeared first on Kaya Consulting.
Dynamics 365 Achieves Broad Range of Compliance and Attestation Updates
In my previous blog post, I discussed Microsoft’s commitment to achieving and maintaining those certifications and attestations that support the needs of our customers. In our ongoing work to deliver on that promise, I am happy to announce that we have delivered on that commitment.
In addition, we also just achieved FedRAMP High authorization for Dynamics 365 Government. You can read more in the blog post from Kevin Briggs, Direction, Business Applications, Microsoft Federal.
Below is the list of the net new certifications and attestations that each Dynamics 365 application has achieved. You can read the complete list of certifications in Microsoft Dynamics 365 Cloud services compliance.
Dynamics 365 for Finance and Operations
- EU Model Clauses
- FERPA
- HIPPA BAA
- ISO 27001
- ISO 27017
- ISO 27018
- Spain ENS
- Spain LOPD
- SOC 1 (SSAE 18) Type 2
- SOC 2 Type 2
Dynamics 365 for Retail
- EU Model Clauses
- FERPA
- HIPPA BAA
- ISO 27001
- ISO 27017
- ISO 27018
- PA-DSS
- Spain ENS
- Spain LOPD
- SOC 1 (SSAE 18) Type 2
- SOC 2 Type 2
Dynamics 365 for Talent
- EU Model Clauses
- ISO 27001
- ISO 27017
- ISO 27018
- FERPA
- HIPPA BAA
Dynamics 365 Business Central
- EU Model Clauses
- FERPA
- HIPPA BAA
- ISO 27001
- ISO 27017
- ISO 27018
- SOC 1 (SSAE 18) Type 2
- SOC 2 Type 2
Dynamics 365 for Customer Service
- ISO 27017
- Spain ENS
- Spain LOPD
- FedRAMP High
Dynamics 365 for Field Service
- ISO 27017
- Spain ENS
- Spain LOPD
- FedRAMP High
Dynamics 365 for Project Service Automation
- ISO 27017
- Spain ENS
- Spain LOPD
- FedRAMP High
Dynamics 365 for Sales
- ISO 27017
- Spain ENS
- Spain LOPD
- FedRAMP High
Microsoft Social Engagement
- EU-US Privacy Shield
- ISO 27017
We continue to help our customers meet complex obligations, including the EU GDPR, ISO 27001, ISO 271018, and HIPPA with the general availability of Compliance Manager, a cross-Microsoft cloud service solution, for Dynamics 365, Azure, and Office 365 Business and Enterprise subscribers. You can read more about Compliance Manager here and how it supports Dynamics 365 here.
[AX2012] How to: Set up Analysis Services and deploy cubes
Today I will show how to set up analysis services on Dynamics AX 2012, although it takes several steps to complete this walkthrough the process is quite simple.
Before we proceed, we need to install SSAS, which I am not going to cover in this post but you can check this link for detailed instructions.
I do recommend to check SSAS service account database privileges to Dynamics AX Business Store, if you are on a previously configured environment check the account used to run SQL Server Analysis Services (MSSSQLSERVER):
Now head to SQL Server Management Studio and make sure you service account has db_datawriter, db_datareader and db_ddladmin privileges to Dynamics AX Business Store.
Installing analysis server component:
- Start Microsoft Dynamics AX Setup. Under Install, select Microsoft Dynamics AX components.
- On the Select components page:
- Select the Analysis Services configuration check box.
- Click Next.
- On the Prerequisite Validation page, resolve any errors. When no errors remain, click Next.
- On the Select a file location page, select the location.
- On the Specify a location for configuration settings page, specify whether you want the cubes to access configuration information from the registry on the local computer or from a shared configuration file.
- On the Connect to an AOS instance page, enter the name of the computer that is running the Application Object Server (AOS) instance
- On the Specify Business Connector proxy account information page, enter the password for the proxy account that is used by Business Connector.
- On the Specify an Analysis Services instance page, select an instance of Analysis Services.
- On the Connect to a SQL Server Database page, follow these steps:
- Select the computer that hosts your Microsoft Dynamics AX online transaction processing (OLTP) database.
- Select the Microsoft Dynamics AX OLTP database.
- On the Ready to install page, click Install.
- Click Finish to close the Setup wizard.
Open Dynamics AX rich client and head to System administration> Setup > Business intelligence > Analysis Services > System currency and exchange rate type. Confirm if you have set up System exchange rate type, if not, click on System parameters and configure it.
Set up OLAP connection:
- Click System administration> Setup > Business intelligence > Analysis Services >Analysis Server
- On Analysis server form, change OLAP server name to your server where SSAS is installed and make it default.
The last step, deploy your cube to SSAS. For the purpose of example I will deploy the forecasting cube, which is one of Dynamics AX default cubes.
On Dynamics AX rich client, click File/Tools/Business Intelligence (BI) tools/SQL Server Analysis Services project wizard.
On the Analysis Services project wizard page, click Next.
Select Deploy, click Next.
We are going to deploy a project from AOT, select Demand Forecast. Click Next.
On Deployment Options, verify which SSAS server your are deploying and change the database name if you wish. You can either deploy through AX checking Process the project after it is successfully deployed, or you can do it through SSMS, Click Next.
Finish the wizard and you are done!
If you have chosen to deploy through SQL Server Management Studio (SSMS), connect to your Analysis server database.
Right-click your database, if you have followed my example right-click Demand Forecast initial and click Process.
Click Process and wait until SSMS finishes deploying your cube and we are done!
While writing this walkthrough I faced some issues but all related to firewall and privileges problems, which SSMS gave a very understandable message error, which can be avoided by checking your SSAS account privileges like described in the start.