Configuring Azure Key Vault Parameters in Dynamics 365 Finance and Operations

Introduction:

In this blog post, I will guide you through the process of configuring Azure Key Vault parameters in Dynamics 365 Finance and Operations (referred to as FinOps). This configuration is particularly useful for integration scenarios where sensitive data, such as security keys or certifications, needs to be securely stored. By leveraging Azure Key Vault, we can ensure data encryption and proper management of cryptographic keys and certificates.

Prerequisite Steps:

Before we dive into the configuration, let's go through some prerequisite steps to set the stage for a seamless setup:

1. Create a Key Vault: Begin by creating a Key Vault in the Azure portal and make a note of the Value URI, which can be found in the overview tab. This Value URI will be needed during the configuration process.
2. Add Certificates, Secrets, and Keys: Next, add the necessary certificates, secrets, and keys to your Key Vault. These items are essential for secure data storage and retrieval.
3. App Registration in Azure: Perform an app registration in the Azure portal and store the generated Client ID and Secret Key. This registration will enable secure communication between Dynamics 365 Finance and Operations and the Azure Key Vault.

Configuration Steps:

Now that we have completed the prerequisite steps, let's proceed with the actual configuration of Azure Key Vault parameters in Dynamics 365 Finance and Operations:

1. Navigate to D365FO: Go to the D365FO application and access the System Administration module.
2. Open Key Vault Parameters: Within the System Administration module, locate and open the "Key Vault Parameters" form.
3. Create a New Record: Create a new record in the Key Vault Parameters form, and fill in the required details for the configuration.
4. Certification Tab: Switch to the Certification tab within the Key Vault Parameters form. Here, you will add the necessary information for each certificate, including Name, Description, Secret, Secret Type, and Version (if applicable). The Secret field should contain a reference to the certificate in the format: vault://<KeyVaultName>/<SecretName>/(Version if any). Set the Secret Type to "Certificate."
5. Validate Configuration: Click on the Validate button to ensure the settings are properly configured and functioning as expected.

Code Example:

To demonstrate how to access the configured certificate in your code, consider the following sample code snippet:

public class TheAxaptaAccessKeyVault
  {
      public static void main(Args _args)
      {
          KeyVaultCertificateTable kvcTable;
          str value;

          kvcTable = KeyVaultCertificateTable::findByName("TestKeyVault");
          value = KeyVaultCertificateHelper::getManualSecretValue(certTable.RecId);

          info(value); // This will retrieve the value stored in the certificate.
      }
  }

Conclusion:

Congratulations! You have successfully configured Azure Key Vault parameters in Dynamics 365 Finance and Operations. Now you can securely store and access sensitive data, such as certificates and keys, ensuring the highest level of data protection. Implementing this configuration will greatly enhance your integration scenarios and data security practices within the Dynamics 365 environment.

Happy configuring and coding!

#Dynamics365 #Azure #KeyVault #DataSecurity #Integration #Configuration

-Harry Follow us on Facebook to keep in rhythm with us. https:fb.com/theaxapta

Azure Key vault parameter setup in D365FO

Hi Folks, 

In this post, I am going to share how to configure Azure key vault parameters in Dynamics 365 Finance and Operations  (Let's call it FinOps until we have a new name from Microsoft :) ).

First, let's understand what the use of this form is, This is primarily used for integration scenarios where a business needs to save sensitive data like security keys or certifications and a functionality or application working with this data must support data encryption, working with certificates, etc. As the cloud version of Microsoft Dynamics 365 for Finance and Operations doesn't support local storage of certificates, customers need to use key vault storage in this case. The Azure Key Vault provides the opportunity to import cryptographic keys, and certificates to Azure, and to manage them.

Now let's see some prerequisite steps, 

1. Create a key value on the Azure portal and note the Value URI. This is available on the overview tab.

2. Add your certificate, Secrate, and keys.

3. On the Azure portal, do an app registration and store the client Id and secret key.  

4. Now navigate to D365FO > System admin > Setup > Key Vault Parameters

5. Create a new record and fill below details

6. On the certification tab, add below for each certificate 

Name

Description

Secret – Enter a secret reference to the certificate in the below format

vault://<KeyVaultName>/<SecretName>/(Version if any)

Secret Type: Certificate

7. Click on Validate button to check the setting. 

That is all, now you should be able to access this certificate in your code, here is a sample code to access the certificate, 

public class TheAxaptaAccessKeyVault

{

    public static void main(Args _args)

    {

        KeyVaultCertificateTable    kvcTable;

        str                                        value

         kvcTable  = KeyVaultCertificateTable::findByName("TestKeyVault");

        value         = KeyVaultCertificateHelper::getManualSecretValue(certTable.RecId);

        info(value); //This will give you stored in the certificate. 

}

Cheers!!!

-Harry Follow us on Facebook to keep in rhythm with us. https:fb.com/theaxapta

Unable to restore database into DEV/Tier-1 instance

Hi Folks, 

When trying to restore a DB backup (.bak file) to one of the DEV boxes I was getting a strange error (initially it was strange :) ). The backup file was the size of about 50GB and I have disc space available of about 400GB but still, system was reporting issues for size. 

Possible reason: When we create a backup from SQL management studio, it contains only the used data pages and the backup file can be compress, while the actual database can be much larger then the backup file itself.

Solution: To verify the actual size of database, you can right-click on the database (at source) and check the properties, you will get the actual size of the Database itself. Now when you have the required size details with you, just make sure you have the space available in target system. 

Now, as the dev box is hosted on your Azure subscription, you have much more control over this. You can change the disk size from Azure portal. 

Cheers!!!

-Harry 

Follow us on Facebook to keep in rhythm with us. https:fb.com/theaxapta

QuickFix: Set default browser in Visual studio for debugging

Introduction:

In the realm of Dynamics 365 development, encountering issues when debugging and finding that Visual Studio opens objects in Internet Explorer (IE) can be quite frustrating. Although Microsoft no longer officially supports IE, this peculiar behavior persists. Fortunately, there is a simple solution: changing the default browser within Visual Studio. In this blog post, we will guide you through the steps to configure your preferred browser, such as Chrome, for seamless debugging in Dynamics 365.

Step 1: Navigating to Visual Studio Extension

To begin, open Visual Studio and access the "Extensions" menu.

Step 2: Dynamics 365 Extension Options

Within the "Extensions" menu, locate and select the "Dynamics 365" extension. This will open the options panel specific to Dynamics 365 development.

Step 3: Debugging Configuration

Within the Dynamics 365 extension options, find and select the "Debugging" section.

Step 4: Modifying Default Browser

In the Debugging section, you will find the option to modify the default browser used for object debugging.

Step 5: Set Preferred Browser

Choose your preferred browser, such as Chrome or any other compatible browser, as the default option for object debugging.

Conclusion:

By following these simple steps, you can easily resolve the issue of Visual Studio opening objects in Internet Explorer during debugging sessions in Dynamics 365. Take control of your debugging experience and choose a browser that aligns with your preferences and development requirements.

Happy debugging and seamless development!

#VisualStudio #Dynamics365 #Debugging #Development #BrowserConfiguration

-Harry Follow us on Facebook to keep in rhythm with us. https:fb.com/theaxapta

Best way to do Postman setup with D365FO

Hi Folks, 

There are very simple steps to do initial setup between Postman and D365FO environment. Please follow below steps.

(Make sure you have added a record in 'Azure Active Directory applications' in D365FO under Sys admin > setup > Azure Active Directory applications )

1. Download postman from here and install on you machine.

2. Do app registration on Azure portal, and make sure you copy all details from app registration to a safe place as not all information will available for later use.

3. Go to environment in left pane and create a new environment, you can name it as same as your D365FO environment like DEV01, UAT, Test etc. This also help when you are working with multiple environment and you keep using same get/post script to access different environments. 

4. Add all the variables here as below

Client_ID: You will get it from Azure app registration. 

grant_Type: client_credentials

resource: D365FO environment URL i<https://D365FOUrl/>

client_secret: You will get it from Azure app registration. 

tenant_id: You will get it from Azure app registration. 

access_token: To generate access token follow step 9.

5. Now create new collection and name it with your environment name eg. Dev01

6. Next, click on 3 dots next to collection name and select 'add request'

7. Name this request as 'Authorization', you can name it as per your use like getting public entities details or get a specific entity data or metadata. In the post request paste below as is.

https://login.microsoftonline.com/{{tenant_id}}/oauth2/token

8. Select 'From-data' in body and set below details.

Now you see we parameterize most of things and you don't need to create multiple request for different environments, you can simple change the environment from right top corner. 

9. Now,  Click on send button and you should get a status 200 message with access token. 

You can add the access token to your environment variable. 

Here we have completed the Postman setup. Now you can try few things to explore this further

10. Add one more request in your collection, and add details as below to get list of public entities. 

-Harry Follow us on Facebook to keep in rhythm with us. https:fb.com/theaxapta

QuickFix: [Solved] SSRS Report Deployment failed - The number of defined parameter is not equal to the number of cell definitions in the parameter panel

While duplicating an SSRS report for customization sometimes you may face this error at the time of report deployment. 

Error Message:

"SSRS Report Deployment failed - The number of the defined parameters is not equal to the number of cell definitions in the parameter panel."

Solution: 

The first thing you need to check for any extra parameter is this report, compare with the standard report. There are two places you need to compare

1. DataSet parameters

2. Report Parameter

There might be an extra parameter(s), try to remove this extra parameter from the report. In case you are unable to delete it from the front end you need to open the report in XML (Right-click on the report in solution and select open with > Open with XML Text editor).

In the XML file search for this parameter and carefully remove it from everywhere. If you are not familiar with XML better to take help. Save your changes and build the solution. This time your report should be deployed without any error. 

-Harry Follow us on Facebook to keep in rhythm with us. https:fb.com/theaxapta

[Solved] Issue with Database import in Dev Box

Hi Folks, 

While trying to import the UAT database into dev box or any other tier -1 box (You might have try this MS document), 

*** Changes to connection setting default values were incorporated in a recent release.  More information is available at https://aka.ms/dacfx-connection

*** Error importing database:Could not import package.

Changes to connection setting default values were incorporated in a recent release.  More information is available at https://aka.ms/dacfx-connection

Unable to connect to target server 'localhost'. Please verify the connection information such as the server name, login credentials, and firewall rules for the target server.

A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 - The certificate chain was issued by an authority that is not trusted.)

The certificate chain was issued by an authority that is not trusted.

*** The settings for connection encryption or server certificate trust may lead to connection failure if the server is not properly configured.

That's because of recent changes with encryption policies on SQL. To fix this issue you need to update the import SQL command as below

SqlPackage.exe /a:import /sf:J:\MSSQL_BACKUP\UATbackup.bacpac /tsn:localhost /tdn:AXDB_UAT /p:CommandTimeout=1200 /TargetEncryptConnection:False

-Harry Follow us on Facebook to keep in rhythm with us. https:fb.com/theaxapta