AX-Desire: July 2023

July 31, 2023

D365 FO On-Premises POSTMAN Integration

Step 1:

Navigate to ADFS server and open “Microsoft Dynamics 365 for Operations On-premises” from Application Group.

ADFS Application Group

Step 2:

click on Add Application and Name the application as describe your API if custom service or OData as below screenshot!

Adding ADFS Application

Step 3:

Select Server Application and click Next.

ADFS Server Application

Step 4:

Copy generated Client Identifier (Application Id)

Enter Application URL without “/namespaces/AXSF”.

ADFS Application Id

Step 5:

Copy Secret code in safe area as it will not appear again and only way if you lost it to generate new secret.

ADFS Secret

Step 6:

Authorize the new server application to use the Web API and request OpenID connection authorizations.

ADFS Application WEB API Authorization

Step 7:

After completing this setup, its necessary configure the Azure Active Directory applications.

System administration –> Setup –> Azure Active Directory applications

And use the previously Client ID generated in the ADFS application.

D365FO Azure Active Directory

Step 8:

Postman Configuration

Create a new environment with the following parameters.

Variable	Value
tenant_id	adfs
client_id	«CLIENTID GENERATED IN THE ADFS APP»
client_secret	«SECRET GENERATED IN ADFS»
resource	Your AOS URL
grant_type	client_credentials

Step 9:

Create a new Request to get Token.

Postman Token collection

In the body, set the reference to the global variables defined in the environment configuration.

Key	Value
tenant_id	{{tenant_id}}
client_id	{{client_id}}
client_secret	{{client_secret}}
resource	{{resource}}
grant_type	{{grant_type}}

Step 10:

Copy the following script in Test.

var json = JSON.parse(responseBody);

tests[«Get Azure AD Token»] = !json.error && responseBody !== » && responseBody !== '{}' && json.access_token !== »;

postman.setEnvironmentVariable(«bearerToken», json.access_token);

To test if everything is ok, you can click on Send and the bearer token is generated.

Key	Value
Content-Type	application/x-www-form-urlencoded

Step 11:

Test DataEntity

You can get data for any entity, you only need set the following parameter in the Get

Type	Odata URL
Get	{{resource}}/namespaces/AXSF/data/CustomersV3?$top=5

Header Parameters

Key	Value
Authorization	Bearer {{bearerToken}}
Content-Type	application/json

SQL server log database size shrink

1. Log in to SQL server wit Admin rights

2. Use the below SQL commands in sequence

Note: Replace DBName with your log DB Name. EX(AXDB_Log)

Set the Database recovery mode to simple

ALTER DATABASE DBName

SET RECOVERY SIMPLE;

Shrink the DB

DBCC SHRINKFILE (DBName, 1);

Set the database recover mode back to full

ALTER DATABASE DBName

SET RECOVERY FULL;

July 19, 2023

Certificate issues in D365FO Cloud hosted environment

The problem with certificates is that they have an expiry date.

Since all Dynamics environments are deployed using LCS and the Cert used is owned by Microsoft we have limited ability to fix the issue on our own. This is why Microsoft built functionality into LCS to help us with this. To fix the issue, just look up the environment in LCS, click Maintain and select Rotate Secrets

The Cert you need to fix is the SSL Certificate

Simply click Rotate SSL Cert and wait for the process to finish.

July 18, 2023

SQL Query to get Security roles, duties and privileges in D365FO

All security roles

Select Name as SecurityRoleName FROM SecurityRole;

All security roles to duties

SELECT SECURITYROLE.Name as SecurityRole, SECURITYDUTY.NAME as Duty FROM SECURITYOBJECTCHILDREREFERENCES JOIN SECURITYROLE ON SECURITYOBJECTCHILDREREFERENCES.IDENTIFIER = SECURITYROLE.AOTNAME JOIN SECURITYDUTY ON SECURITYOBJECTCHILDREREFERENCES.CHILDIDENTIFIER = SECURITYDUTY.IDENTIFIER WHERE SECURITYOBJECTCHILDREREFERENCES.OBJECTTYPE = 0 AND SECURITYOBJECTCHILDREREFERENCES.CHILDOBJECTTYPE = 1

order by SECURITYROLE.Name asc;

All security roles with privileges

SELECT SECURITYROLE.Name as SecurityRole, SECURITYPRIVILEGE.NAME as Privileges FROM SECURITYOBJECTCHILDREREFERENCES JOIN SECURITYROLE ON SECURITYOBJECTCHILDREREFERENCES.IDENTIFIER = SECURITYROLE.AOTNAME JOIN SECURITYPRIVILEGE

ON SECURITYOBJECTCHILDREREFERENCES.CHILDIDENTIFIER = SECURITYPRIVILEGE.IDENTIFIER WHERE SECURITYOBJECTCHILDREREFERENCES.OBJECTTYPE = 0 AND SECURITYOBJECTCHILDREREFERENCES.CHILDOBJECTTYPE = 2 order by SECURITYROLE.Name asc;

All role-duty combination with privilege

SELECT SECURITYROLE.Name as SecurityRole, SECURITYROLE.AOTNAME as RoleSystemName, SECURITYDUTY.NAME AS Duty, SECURITYDUTY.IDENTIFIER as DutySystemName, SECURITYPRIVILEGE.NAME as Privilege, SECURITYPRIVILEGE.IDENTIFIER as PrivilegeSystemName FROM SECURITYOBJECTCHILDREREFERENCES JOIN SECURITYROLE ON SECURITYOBJECTCHILDREREFERENCES.IDENTIFIER = SECURITYROLE.AOTNAME JOIN SECURITYDUTY ON SECURITYOBJECTCHILDREREFERENCES.CHILDIDENTIFIER = SECURITYDUTY.IDENTIFIER JOIN SECURITYOBJECTCHILDREREFERENCES Table1 on Table1.IDENTIFIER = SECURITYDUTY.IDENTIFIER JOIN SECURITYPRIVILEGE on Table1.CHILDIDENTIFIER = SECURITYPRIVILEGE.IDENTIFIER WHERE SECURITYOBJECTCHILDREREFERENCES.OBJECTTYPE = 0 AND SECURITYOBJECTCHILDREREFERENCES.CHILDOBJECTTYPE = 1 AND Table1.OBJECTTYPE = 1 AND Table1.CHILDOBJECTTYPE = 2 order by SECURITYROLE.Name asc;

July 06, 2023

Synchronize the table from Visual studio Project - D365 FO

From Visual studio project node, we can perform database synchronization either on a required table (or) on few tables bases on our requirement.

This could be very useful during on-premises environments package deployments because can drastically reduce the downtime.

In fact you can only synchronize the tables that you have actually modified rather than perform an entire synchronization

To perform a single table db sync simply Right click on project >>synchronize table.