Thursday, January 31, 2013

Microsoft Dynamics GP 2013 on Windows Azure: The Deployment Process

Welcome to the third installment on Microsoft Dynamics GP 2013 on Windows Azure. In the previous article I showed how to provision the various VMs needed in our environment - see Microsoft Dynamics GP 2013 on Windows Azure: Provisioning Process. The following is a summary of the VMs with the applications and services they will be running:


Server NameFunction
ip-ads01 AD DS server
ip-sql01 Database Server
ip-gp01 GP and Session Service
ip-gpweb IIS, Web Client, WMC, and Session Central

The deployment started out with some prep work, as follows:

Active Directory Server (AD DS)

On the AD DS server, I setup a few domain user accounts and security groups that will be needed to run both Microsoft Dynamics GP's Session Service and Session Central Service services on the GP server (ip-gp01) and the Web Client and Web Management Console application pools on IIS (ip-gpweb). In addition, I have created two security groups, GP Web Admins to add any Dynamics GP web administrative user, and GP Web Users to add any domain account that will be accessing the Microsoft Dynamics GP via the web client interface.

Active Directory Users and Computers

Microsoft Dynamics GP Server (Session Host)

With the domain accounts and groups needed out of the way, I proceeded to install Microsoft Dynamics 2013 and the Web Client Runtime on ip-gp01. The installation is straight forward as you would expect with most GP installs. If you have configured your DNS server properly the ODBC configuration done by Dynamics GP should happen without a hitch. Upon completing the initial file installation, you will run Dynamics Utilities to setup the application system database - thanks to the new named system database feature in Dynamics GP 2013, I have called this DYNGPSYS - and setup the sample company, Fabrikam.

On this server also, I will setup a self-signed certificate pointing to my public DNS for this machine, ip-gp01.cloudapp.net, which I will export and import on my local machine. Another certificate is created for the private DNS, ip-gp01.ip-forest.local to create a secure communication between the web server and the session host.

For this, I use a tool called selfssl.exe which you can download below. Selfssl is a part of the IIS Resource Kit. From the command prompt with elevated administrative rights you can run the following command:

selfssl /N:CN=ip-gp01.clouldapp.net /V:365 /P:443 /T

Once selfssl generates the certificate, you can proceed to import the certificate into the Personal root and the Trusted Root Certification Authority folder using the Certificates mmc snap-in on the ip-gp01 VM. In addition, this same certificate must be imported on the IIS VM in the Trusted Root Certification Authority folder to provide a secure path to Session Service.


IIS Web Server

Next up was prepping the web server, ip-gpweb. The first task of order is to add the Web Server  (IIS) role to this VM, carefully making sure you select ASP.NET 4.5 from the Application Development Role Services for IIS - ASP.NET 4.5 is required by the Web Client components.

ASP.NET 4.5
Following the installation of IIS, you will then proceed to create a physical folder for the web client files - I took the easy way out and setup a C:\inetpub\gpweb.

In addition, I imported both certificates created for ip-gp01 to the Trusted Root Certification Authority folder to provide a secure path to the session host machine.

Finally, I used the selfssl.exe utility to create a self-signed certificate for the public DNS name of my machine, ip-gpweb.cloudapp.net.

selfssl /N:CN=ip-web.cloudapp.net /V:365 /T /P:443

I use this certificate to setup the web site in IIS, which is also a pre-requisite to the web client installation process:

Website created with self-signed certificate


Web Client Installation

The Web Client installation happens in two phases since I have provisioned a web server and plan to use a separate session host machine.

The Web Server

On the IIS server, you will need to run a custom install to select only the Web Server components.


Since you are working on Azure, to expose the website, you will need to create a new end-point on port 443 for the web server using the Azure Management portal (https://manage.windowsazure.com).




The Session Host Server

A custom installation to install the Session Server will do here.


The only tricky aspect is the runtime service, which requires a certificate to configure the service for SSL. Here I chose the cert previously created on ip-gp01. Note I am using port 443, which differs from the standard port, as it is the port I used when creating the certificate with the selfssl.exe utility.


Now that all is in place, you should be able to launch Internet Explorer from any machine outside of the Azure network and access Dynamics GP.

What I learned from this exercise:

  1. Due to Azure's tight security, the provisioned servers have just the necessary TCP and UDP ports opened. On the SQL Server VM, you will need to open ports 1433 and 80 if deploying SSRS. SQL Server will also need to be reconfigured to support Mixed Mode Authentication prior to beginning the installation of Dynamics GP.

  1. On the Dynamics GP and IIS servers, you will need to install .NET Framework 3.5 prior to running the Setup.exe application - by default, Windows Server 2012 installs .NET Framework 4.5. This could prove a bit confusing under Windows Server 2012, since during the confirmation process of adding the role, you are confronted with a warning message requesting an alternate path to the .NET Framework 3.5 installation files.
Add Roles and Features Wizard

    As it turns out, the resolution is fairly well documented in Microsoft Support KB article 2734782 - http://support.microsoft.com/kb/2734782, which calls for running the Deployment Image Servicing and Management tool (Dism) from the command line. Now, I happened to have the Windows Server 2012 installation files on a 32GB pen drive a carry around. By remoting into the GP and IIS servers with my local drives enabled I was able to point to the Sources folder on my pen drive allowing the .NET Framework 3.5 to be installed.
    Dism /online /enable-feature /featurename:NetFx3 /All /Source:(folder_name)\sources\sxs /LimitAccess
     
  1. It's easier to download the Silverlight client on your local machine and move it to your IIS VM, than attempting to install it from your IIS VM directly. As it turned out, Internet Explorer security on Azure disables scripting, so accessing any Microsoft website, ironically becomes a nightmare. You can download Silverlight from http://www.microsoft.com/silverlight/

  1. The tenant configuration file, TenantConfiguration.xml, must list (not point to, i.e., no UNC path) the paths on the session host server for each of the GP application runtime files requested. The tenant configuration file is a part of the Web Client files on the IIS VM.


There may certainly be other details that I may have forgotten to point out and other issues you may encounter along. This wasn't an easy process and frankly required quite a bit of research and bugging people like Microsoft's Daryl Anderson to get this right, but the effort was well worth it.

Until next post!

MG.-
Mariano Gomez, MVP
IntellPartners, LLC
http://www.IntellPartners.com/

Wednesday, January 30, 2013

Why I go to Convergence


The folks at Microsoft thought that it would be a good idea to ask me why I keep going back to Convergence. Take a look:


Until next post!

MG.-
Mariano Gomez, MVP
IntellPartners, LLC
http://www.IntellPartners.com/

Monday, January 28, 2013

Listing all eConnect Modified PRE and POST stored procedures

As of recent, I was ask of a simple method to determine which eConnect PRE and POST stored procedures had been modified. After all, with a concrete list, you are able to script just the affected ones prior to a major version upgrade or a feature pack installation.

A modified stored procedure could be simply qualified as one on which you have ran an ALTER PROCEDURE statement or have edited it using SQL Server Management Studio. With that said, the following query may not be failsafe, but provides a very accurate way of getting a list.

-- Created by Mariano Gomez, MVP
-- This code is licensed under the Creative Commons 
-- Attribution-NonCommercial-ShareAlike 3.0 Unported License.
-- http://creativecommons.org/licenses/by-nc-sa/3.0/legalcode
--
SELECT name, create_date, modify_date 
FROM sys.objects 
WHERE (type = 'P') AND (name LIKE 'ta%Pre' or name LIKE 'ta%Post') AND (create_date <> modify_date)

Enjoy!

Until next post!

MG.-
Mariano Gomez, MVP
IntellPartners, LLC
http://www.IntellPartners.com/

Thursday, January 17, 2013

Microsoft Dynamics GP 2013 on Windows Azure: Provisioning Process

Welcome to the second article on Microsoft Dynamics GP 2013 and Windows Azure of this installment. In the first installment, I showed how to create an Azure account and setup a subscription - see Microsoft Dynamics GP 2013 on Windows Azure: Subscription Process.

This time around I will review the virtual machines (VMs) provisioning process. For all intends and purposes, this environment will consist of an Active Directory Domain Server (AD DS), required to support authentication within our Azure environment; a Microsoft Dynamics GP application server, which will serve as a session host, therefore running GP and the Web Client Runtime; a Microsoft SQL Server database server, which will host the GP databases, the Web Management database, Session Central database, and Tenant Services database; and finally, a web server running IIS to support the Web Client itself along with the different session services required to run our web application.

For more information on Microsoft Dynamics GP 2013 web client architecture, see Dynamics GP 2013 Web Client Infrastructure Overview over at Developing for Dynamics GP.

All these VMs need to be a part of an Azure Virtual Network (AVN), so you must start by creating one. The purpose of this article is not to discuss how to setup an AVN as there are some considerations for this, especially if you are going to network with your on-premise network. For more information on the steps required see Create a Virtual Network in Windows Azure. Suffice to say, the AVN I created is a pure cloud network and will not interact with my on-premise network.

Provisioning the Virtual Machines

In order to begin the provisioning process, it is necessary to go to the Windows Azure management portal - https://manage.windowsazure.com. If you have completed a new subscription, the welcome page will direct you to setup a new asset for the environment.

Azure Management Console
Active Directory VM provisioning

The first thing in my list is an Active Directory VM which I will call ip-ads01. This VM will serve up my environment's domain controller - my domain will be called ip-forest.local - and will act as a DNS server as well. It will also allow me to create my environment's users and add the necessary security groups needed for the Web Client. Please consult with a network administrator on the steps required to setup AD DS. You can find more info in the following Microsoft TechNet article: AD DS Design Guide.

One of the cool aspects of Azure is the ability to select the type of memory and core you will be needing for your VM. I decided to go with a Large server, since I will be running Windows Server 2012 and AD DS management console tends to also use up some memory.


Once the server is been provisioned, setting up AD DS and making the server a primary domain controller should be fairly straight forward (using Server Manager) - dcpromo has been deprecated in Windows Server 2012 - see Introducing the first Windows Server 2012 Domain Controller (Part 1 of 2) over at the Server and Management team blog.

Dynamics GP VM provisioning

Once we complete the AD DS server setup, it's time to move on to provisioning the Dynamics GP VM. The process is similar to the Active Directory server provisioning. Here, I am also choosing a Windows Server 2012 machine to run the Dynamics GP client and the Web Client Runtime - in conjunction our session host server.

VM OS Selection
This server will be known as ip-gp01 and I will use a Large size setup to begin with. Note that in Azure you can change your VM configuration to increase or decrease the amount of resources you are using.

VM configuration

Next is the VM mode configuration, which could pretty much be summarized as setting up the VM's DNS on your Azure network. For obvious reasons, I am removing my Azure DNS extension in the picture below.


Finally, in the step of setting up the VM, you will want to assign an availability set. Again, not a topic for this article, but suffice to say something critical to consider during your Azure planning if you are to ensure maximum application uptime - see Manage the Availability of Virtual Machines for more information.

VM Options
Once you have navigated through the simple 4 step process, the provisioning process begins. From end-to-end this should be no more than 3 minutes, which I find to be very impressive.

Provisioning process kicked off for our first machine
SQL Server Provisioning

Not to be confused with SQL Azure, we will be provisioning a standard VM running a full version of Microsoft SQL Server 2012 Evaluation Edition. Interestingly enough, you can only get this on a Windows Server 2008 R2 operating system if you decide to use the standard gallery image. The alternative, of course, is to provision a standard Windows Server 2012 VM, then manually load SQL Server 2012 on it. Again, since this is a demo environment and my intent is not to install GP on the SQL Server - just one of those best practices items that I follow - I will continue and provision the standard image available from the gallery.

Microsoft Dynamics GP is not supported on SQL Azure (yet!) due to a number of design limitations in the latter, for example, cross-database operations. This is significant since Dynamics GP makes extensive calls to the system database from within the company database.



From here on, the VM configuration is standard. I chose to name this machine ip-sql01.


The final VM to provision is the web server, for which I will be using a Windows Server 2012 image and will add IIS later. You can follow the instructions in Installing IIS 8 on Windows Server 2012 after the provisioning process has been completed to get IIS up and running.

A few notes from this exercise...

1) Once you have provisioned all machines, you will need remote into each to change the DNS settings on each to point to your DNS server on your AD DS VM. At this point, you can join them to the domain. To remote into a machine, highlight the VM and click on the Connect button at the lower end of the screen.


Management Console screen


2) On the SQL Server, you will need to open ports 1433 and 80 to the domain only. Port security is pretty tight for the provisioned VMs. In addition, you will need to change SQL Server security to Mixed Mode and configure SQL Server Reporting Services by using the standard Reporting Services Configuration tool.

3) The PING command line utility is disabled in Azure, so don't try to use it. You cannot ping a VM from another one. A good measure of success is attempting to add your servers in Server Manager on your AD DS VM. If you can add each server, you are good to go which means TCP/IP is working as expected within your Azure virtual network.

My next installment will focus on getting the GP session host up and running. As we move through each server installation, I will continue to point out other considerations in making this all work.

Until next post!

MG.-
Mariano Gomez, MVP
IntellPartners, LLC
http://www.IntellPartners.com/

Monday, January 14, 2013

Microsoft Dynamics GP 2013 Web Client Phase I details

Over at Inside Microsoft Dynamics GP, Pam Misialek (Twitter: @PamMisialek) details what Microsoft Dynamics GP 2013 modules and features are available with the Web Client.


Web Client System features
At the System series level, here is a list of items to consider:
  • Modifer changes will render in the Web Client. Modifier itself is not in the Web Client. VBA code will not run on the Web Client.
  • Excel Reports work if you are connected to the domain.
  • Excel Report Builder and Drill Down Builder are not in the web client.
  • Business Analyzer is on the home page. It is not on the Navigation List Pages
Not available in the Web Client:
  • Field Level Security
  • Integration Manager
  • Payment Services
  • Concur Expense
  • Excel Based Budgeting
  • Creating Analysis Cubes Reports.  
Web Client Financials features

At the Financials series level, most features are available with the exception of Grant Management.

Web Client Distribution features
The Distribution modules feature all modules except for the Bill of Materials feature in Inventory.

You can download a PowerPoint presentation from Inside Microsoft Dynamics GP with the above information, just in case you need to present to your customers.

Until next post!

MG.-
Mariano Gomez, MVP
IntellPartners, LLC
http://www.IntellPartners.com/

Monday, January 7, 2013

Microsoft Dynamics GP 2013 on Windows Azure: Subscription Process

In my previous article, I provided an intro on the necessary elements required to deploy Microsoft Dynamics GP 2013 on Windows Azure - see Deploying Microsoft Dynamics GP 2013 on Azure - Introduction. Now, I begin a series of articles showing step by step how to configure the platform.

The first thing you will need to do is setup a subscription. As it turns out, Microsoft is running a 90-day free trial, how about that? The free trial allows you some good room to get a couple servers required for setting up a Microsoft Dynamics GP 2013 session host and the Web Client. Storage is set currently at 35 GB, so I believe we have plenty room to play.

So on we go by clicking the Free Trial option, which takes us to the Sign In page. Authentication is done via your Windows Live account, so one is effectively required.


Don't worry! Even if you haven't signed into Windows Azure before, you will be prompted to follow the account creation process. You will now be able to see what's being offered as part of your 90-day free trial. Ah, don't forget your credit card. You will not be charged as your initial spending limit is defaulted to $0 during the free trial period. A credit card is also required to verify your identity.


Upon clicking the arrow to continue with the account creation and subscription process, you are now faced with the credit card entry window. Very simple! Pop out your shiny [favorite card name here] and just follow the data entry fields. Click the next button to validate the credit card info and complete the account setup and subscription.

Once the credit card is validated, you are good to go. You will now be sent back to the Azure home page where you can manage your account and go to the administrative portal. My next article will focus on how to provision the machines needed to setup our Microsoft Dynamics GP environment.


Until next post!

MG.-
Mariano Gomez, MVP
IntellPartners, LLC
http://www.IntellPartners.com/

Friday, January 4, 2013

How to delete a fiscal year that was incorrectly created

Well is that time of the year again...

Most of you are in the midst of closing 2012 and getting Microsoft Dynamics GP configured for fiscal year 2013. If you are in this process of closing 2012, make sure to check out the Year-End closing procedures series over at the Microsoft Dynamics GP Support and Services team blog:

Microsoft Dynamics GP Year-End Closing Blog Series 2012 Schedule!!

The past few days however, I have had to address a number of calls asking for a little help deleting fiscal years that have been setup incorrectly. The following screenshot illustrates one of such issues:

Fiscal Periods Setup window
For the most part, users enter the correct start and end dates for the period, but mistype the fiscal year, which can cause a lot of headaches since there's no Delete button to remediate the situation. In addition, if the year is changed to 2013, the system will not allow you to create a new fiscal year with the start and end dates of a previously setup fiscal year.

So with no Delete button, where do you go?

Well, you can always resort to a little T-SQL to fix the problem by running the following script against the company database:

-- Created by Mariano Gomez, MVP
-- This code is licensed under the Creative Commons 
-- Attribution-NonCommercial-ShareAlike 3.0 Unported License.
-- http://creativecommons.org/licenses/by-nc-sa/3.0/legalcode
--
DELETE FROM SY40100 WHERE YEAR1 = 2103;
DELETE FROM SY40101 WHERE YEAR1 = 2103;
DELETE FROM SY40102 WHERE YEAR1 = 2103;
DELETE FROM SY40103 WHERE YEAR1 = 2103;

NOTE: in the above example the fiscal periods were properly setup to reflect 2013 start and end dates, but the year was incorrectly entered as 2103 - fat fingered if you will.

As is customary, please run this and any script against your test environment first to determine if you achieved the expected results. Backup your production databases environment prior to executing.

Once you have executed the script, please proceed to recreate the fiscal year and fiscal periods.

Until next post!

MG.-
Mariano Gomez, MVP
IntellPartners, LLC
http://www.IntellPartners.com/

Thursday, January 3, 2013

Microsoft Dexterity Training Roadshow - Atlanta

Don't miss this excellent Microsoft Dexterity training opportunity in the beautiful city of Atlanta, from January 21 - 25 at our midtown facilities. You can find full registration information here or you can contact Chuck Boyles. Other cities and schedules available.

(C) Chuck Koehler

Seating is limited so please sign up now.

Until next post!

MG.-
Mariano Gomez, MVP
IntellPartners, LLC
http://www.IntellPartners.com/