Security changes while user creation in GP (Encription Changed ?)

Hi,
i would like to know if some updations has been made to the DEX undocumented 
function Login_CreateLogin. This function is used in creating user logins 
through GP.

Problem: While trying to Export Budgets from AA, none of the  non sa users 
are able to export the budget. This is due to a dll file which retrives the 
connection for AA. In Montego, probably the security password encription is 
canged, causing the dll function to fail.

Can i have some update on the DEX function Login_CreateLogin pls.

Thanks
0
GaneshS (12)
11/14/2006 2:49:02 PM
greatplains 29623 articles. 3 followers. Follow

12 Replies
817 Views

Similar Articles

[PageSpeed] 51

The security and password encryption changed for v9.0.  I suggest you log a 
support case if you need specifics.  We cannot post security information on a 
public discssion group.

David Musgrave [MSFT]
Senior Development Consultant
Escalation Engineer - Great Plains
Microsoft Dynamics Support - Asia Pacific

Micorosoft Dynamics (formerly Microsoft Business Solutions)
http://www.microsoft.com/Dynamics

mailto:dmusgrav@online.microsoft.com

Any views contained within are my personal views and 
not necessarily Microsoft Business Solutions policy.
This posting is provided "AS IS" with no warranties, 
and confers no rights.  


"Ganesh S" wrote:

> Hi,
> i would like to know if some updations has been made to the DEX undocumented 
> function Login_CreateLogin. This function is used in creating user logins 
> through GP.
> 
> Problem: While trying to Export Budgets from AA, none of the  non sa users 
> are able to export the budget. This is due to a dll file which retrives the 
> connection for AA. In Montego, probably the security password encription is 
> canged, causing the dll function to fail.
> 
> Can i have some update on the DEX function Login_CreateLogin pls.
> 
> Thanks
0
dmusgrav1 (1325)
11/14/2006 3:53:02 PM
Hi David

Is there any changes made from 9.0 RTM to 9.0 SP1 and from 9.0 SP1 to 9.0 
SP2 in security and password encryption?
Where can we find details of connection dll and its usage?
Is DEX function Login_CreateLogin documentmented in any help file?We were 
unable to find out in 9.0 help.

Thanks
Pradeep

"David Musgrave [MSFT]" wrote:

> The security and password encryption changed for v9.0.  I suggest you log a 
> support case if you need specifics.  We cannot post security information on a 
> public discssion group.
> 
> David Musgrave [MSFT]
> Senior Development Consultant
> Escalation Engineer - Great Plains
> Microsoft Dynamics Support - Asia Pacific
> 
> Micorosoft Dynamics (formerly Microsoft Business Solutions)
> http://www.microsoft.com/Dynamics
> 
> mailto:dmusgrav@online.microsoft.com
> 
> Any views contained within are my personal views and 
> not necessarily Microsoft Business Solutions policy.
> This posting is provided "AS IS" with no warranties, 
> and confers no rights.  
> 
> 
> "Ganesh S" wrote:
> 
> > Hi,
> > i would like to know if some updations has been made to the DEX undocumented 
> > function Login_CreateLogin. This function is used in creating user logins 
> > through GP.
> > 
> > Problem: While trying to Export Budgets from AA, none of the  non sa users 
> > are able to export the budget. This is due to a dll file which retrives the 
> > connection for AA. In Montego, probably the security password encription is 
> > canged, causing the dll function to fail.
> > 
> > Can i have some update on the DEX function Login_CreateLogin pls.
> > 
> > Thanks
0
PradeepMV (108)
11/14/2006 4:20:03 PM
I don't believe any changes have been made since v9.0 was released.

This function is not documented as it is for internal GP use only.

I think you should log a support case with the tools team.

David Musgrave [MSFT]
Senior Development Consultant
Escalation Engineer - Great Plains
Microsoft Dynamics Support - Asia Pacific

Micorosoft Dynamics (formerly Microsoft Business Solutions)
http://www.microsoft.com/Dynamics

mailto:dmusgrav@online.microsoft.com

Any views contained within are my personal views and 
not necessarily Microsoft Business Solutions policy.
This posting is provided "AS IS" with no warranties, 
and confers no rights.  


"Pradeep M V" wrote:

> Hi David
> 
> Is there any changes made from 9.0 RTM to 9.0 SP1 and from 9.0 SP1 to 9.0 
> SP2 in security and password encryption?
> Where can we find details of connection dll and its usage?
> Is DEX function Login_CreateLogin documentmented in any help file?We were 
> unable to find out in 9.0 help.
> 
> Thanks
> Pradeep
> 
> "David Musgrave [MSFT]" wrote:
> 
> > The security and password encryption changed for v9.0.  I suggest you log a 
> > support case if you need specifics.  We cannot post security information on a 
> > public discssion group.
> > 
> > David Musgrave [MSFT]
> > Senior Development Consultant
> > Escalation Engineer - Great Plains
> > Microsoft Dynamics Support - Asia Pacific
> > 
> > Micorosoft Dynamics (formerly Microsoft Business Solutions)
> > http://www.microsoft.com/Dynamics
> > 
> > mailto:dmusgrav@online.microsoft.com
> > 
> > Any views contained within are my personal views and 
> > not necessarily Microsoft Business Solutions policy.
> > This posting is provided "AS IS" with no warranties, 
> > and confers no rights.  
> > 
> > 
> > "Ganesh S" wrote:
> > 
> > > Hi,
> > > i would like to know if some updations has been made to the DEX undocumented 
> > > function Login_CreateLogin. This function is used in creating user logins 
> > > through GP.
> > > 
> > > Problem: While trying to Export Budgets from AA, none of the  non sa users 
> > > are able to export the budget. This is due to a dll file which retrives the 
> > > connection for AA. In Montego, probably the security password encription is 
> > > canged, causing the dll function to fail.
> > > 
> > > Can i have some update on the DEX function Login_CreateLogin pls.
> > > 
> > > Thanks
0
dmusgrav1 (1325)
11/14/2006 4:32:03 PM
David, the new security encryption is a problem. It should have been 
addressed in the manual. When I did raise a support case, they were unaware 
of the encryption. They started telling the same story, go to user set-up, 
give me a snap-shot of this and that etc.. A futile exercise.

Problem is the new password encruption is not recognizbale by other programs 
such as Crystal Reports, Access, SQL Query Analyzer etc. Also GP 9.0 does not 
encrypt sa password, but it encrypts all other logins.

I know why this was done. Because if it is not done a GP user can login to 
Crystal Reports and pull data from all tables. But that said, the new 
approach is very bad esepcially considering the fact that the customers were 
not given a heads-up on this.

Please throw some light on this subject. You don't have to get into 
specifics. And a support incident DOES NOT WORK.

Thanks.
Girish

"David Musgrave [MSFT]" wrote:

> I don't believe any changes have been made since v9.0 was released.
> 
> This function is not documented as it is for internal GP use only.
> 
> I think you should log a support case with the tools team.
> 
> David Musgrave [MSFT]
> Senior Development Consultant
> Escalation Engineer - Great Plains
> Microsoft Dynamics Support - Asia Pacific
> 
> Micorosoft Dynamics (formerly Microsoft Business Solutions)
> http://www.microsoft.com/Dynamics
> 
> mailto:dmusgrav@online.microsoft.com
> 
> Any views contained within are my personal views and 
> not necessarily Microsoft Business Solutions policy.
> This posting is provided "AS IS" with no warranties, 
> and confers no rights.  
> 
> 
> "Pradeep M V" wrote:
> 
> > Hi David
> > 
> > Is there any changes made from 9.0 RTM to 9.0 SP1 and from 9.0 SP1 to 9.0 
> > SP2 in security and password encryption?
> > Where can we find details of connection dll and its usage?
> > Is DEX function Login_CreateLogin documentmented in any help file?We were 
> > unable to find out in 9.0 help.
> > 
> > Thanks
> > Pradeep
> > 
> > "David Musgrave [MSFT]" wrote:
> > 
> > > The security and password encryption changed for v9.0.  I suggest you log a 
> > > support case if you need specifics.  We cannot post security information on a 
> > > public discssion group.
> > > 
> > > David Musgrave [MSFT]
> > > Senior Development Consultant
> > > Escalation Engineer - Great Plains
> > > Microsoft Dynamics Support - Asia Pacific
> > > 
> > > Micorosoft Dynamics (formerly Microsoft Business Solutions)
> > > http://www.microsoft.com/Dynamics
> > > 
> > > mailto:dmusgrav@online.microsoft.com
> > > 
> > > Any views contained within are my personal views and 
> > > not necessarily Microsoft Business Solutions policy.
> > > This posting is provided "AS IS" with no warranties, 
> > > and confers no rights.  
> > > 
> > > 
> > > "Ganesh S" wrote:
> > > 
> > > > Hi,
> > > > i would like to know if some updations has been made to the DEX undocumented 
> > > > function Login_CreateLogin. This function is used in creating user logins 
> > > > through GP.
> > > > 
> > > > Problem: While trying to Export Budgets from AA, none of the  non sa users 
> > > > are able to export the budget. This is due to a dll file which retrives the 
> > > > connection for AA. In Montego, probably the security password encription is 
> > > > canged, causing the dll function to fail.
> > > > 
> > > > Can i have some update on the DEX function Login_CreateLogin pls.
> > > > 
> > > > Thanks
0
11/14/2006 4:56:03 PM
When i searched in product studio regarding connection dll,i have found that 
its is changed for sp1.We haven't got any info regarding the same and were 
using 9.0 dll.The example code was send to us at the time of 9.0 release.We 
found that same code using connection dll works for 9.0 but not working for 
montego with same dll.But if we change password for non sa user from sql 
manager its working fine.
You mean to say we should log a CR for the same?But this problems(AA 
budget/mqw export not working for non sa user) is logged for AA.

Thanks
Pradeep

"David Musgrave [MSFT]" wrote:

> I don't believe any changes have been made since v9.0 was released.
> 
> This function is not documented as it is for internal GP use only.
> 
> I think you should log a support case with the tools team.
> 
> David Musgrave [MSFT]
> Senior Development Consultant
> Escalation Engineer - Great Plains
> Microsoft Dynamics Support - Asia Pacific
> 
> Micorosoft Dynamics (formerly Microsoft Business Solutions)
> http://www.microsoft.com/Dynamics
> 
> mailto:dmusgrav@online.microsoft.com
> 
> Any views contained within are my personal views and 
> not necessarily Microsoft Business Solutions policy.
> This posting is provided "AS IS" with no warranties, 
> and confers no rights.  
> 
> 
> "Pradeep M V" wrote:
> 
> > Hi David
> > 
> > Is there any changes made from 9.0 RTM to 9.0 SP1 and from 9.0 SP1 to 9.0 
> > SP2 in security and password encryption?
> > Where can we find details of connection dll and its usage?
> > Is DEX function Login_CreateLogin documentmented in any help file?We were 
> > unable to find out in 9.0 help.
> > 
> > Thanks
> > Pradeep
> > 
> > "David Musgrave [MSFT]" wrote:
> > 
> > > The security and password encryption changed for v9.0.  I suggest you log a 
> > > support case if you need specifics.  We cannot post security information on a 
> > > public discssion group.
> > > 
> > > David Musgrave [MSFT]
> > > Senior Development Consultant
> > > Escalation Engineer - Great Plains
> > > Microsoft Dynamics Support - Asia Pacific
> > > 
> > > Micorosoft Dynamics (formerly Microsoft Business Solutions)
> > > http://www.microsoft.com/Dynamics
> > > 
> > > mailto:dmusgrav@online.microsoft.com
> > > 
> > > Any views contained within are my personal views and 
> > > not necessarily Microsoft Business Solutions policy.
> > > This posting is provided "AS IS" with no warranties, 
> > > and confers no rights.  
> > > 
> > > 
> > > "Ganesh S" wrote:
> > > 
> > > > Hi,
> > > > i would like to know if some updations has been made to the DEX undocumented 
> > > > function Login_CreateLogin. This function is used in creating user logins 
> > > > through GP.
> > > > 
> > > > Problem: While trying to Export Budgets from AA, none of the  non sa users 
> > > > are able to export the budget. This is due to a dll file which retrives the 
> > > > connection for AA. In Montego, probably the security password encription is 
> > > > canged, causing the dll function to fail.
> > > > 
> > > > Can i have some update on the DEX function Login_CreateLogin pls.
> > > > 
> > > > Thanks
0
PradeepMV (108)
11/14/2006 5:01:02 PM
------=_NextPart_0001_211F33B8
Content-Type: text/plain
Content-Transfer-Encoding: 7bit


Girish,

Yes, the change to the encryption algorithm probably should have been 
documented somewhere- although I'm not saying that it isn't as it might be 
somewhere.  I confess to not looking at all the documentation for every 
release.  From a Dynamics end user perspective (and from the person 
supporting the GP application itself) that the encryption algorithm changed 
is irrelevant- you log into GP and the GP applications work.  From an end 
user perspective who might have external applications then yes, it  might 
matter.  Or might not depending on the integrating application you have.  
You don't give a reference number to your incident so I could review it to 
see how this was approached from your side & the technicians side.  I'm not 
sure exactly what he would be troubleshooting for you.

As you state, the password encryption isn't recognizeable by other 
application- neither was the old one.  The difference is that in 9.0 we 
force encryption on you and in 8.0 we did not (if you change the password 
in enterprise manager in 8.0 it stayed unencrypted).  So my guess is that 
in 8.0 you were using unencrypted logins.

As you go on to state, yes this would be "bad" for other applications 
potentially depending on what you are doing and how you are doing it.  At 
this point (as of SP1 out the door and SP2 soon to come), I'm not sure what 
further light can be shed on this subject beyond the facts as we know them.

The facts as I see them are:

1. The encryption algorithm changed for 9.0 to be different than the 8.0 
encryption.  Encryption is now enforced for GP users.  Encryption is NOT 
forced on the "sa" user because that is not OUR user.  Any SQL user that 
you have setup in Enterprise Manger that is your user is left alone.  Any 
GP user including the dynsa account is "our" user and gets encrypted.

2. Dexterity uses, I believe, Login_CreateLoginEx() to create the users.  
The details of this function are likely irrelevant as all the encryption 
magic happen behind the scenes in function and not changeable by how the 
function is called.

3. The new password encryption is being used in 9.0/9.0SP1 and forward.  
This hasn't changed in 10.0 as far as I'm aware.  There is no way to return 
the "encrypted" version of the password with any tool.

4. There is the GPConn & GPConnNet dll's available.  While not returning a 
password they can return an ADO connection to a GP database that can be 
used in your application.

5. Another approach would be using Windows Authentication.  For your other 
applications (except for crytal reports I think) you should be able to ue  
Windows Authentication.  Just change the connection string slightly and 
possibly give the rights to the windows user in SQL.

6. The last approach that I know some ISV's have been using is to create 
their own user for their application in SQL.  And then in their application 
they hard code the user & possibly the password.  Since it is again their 
own user and not a GP user then the password is plain text in SQL.  And so 
the connection to ADO works OK.


patrick
mbs developer support



David, the new security encryption is a problem. It should have been 
addressed in the manual. When I did raise a support case, they were unaware 
of the encryption. They started telling the same story, go to user set-up, 
give me a snap-shot of this and that etc.. A futile exercise.

Problem is the new password encruption is not recognizbale by other 
programs 
such as Crystal Reports, Access, SQL Query Analyzer etc. Also GP 9.0 does 
not 
encrypt sa password, but it encrypts all other logins.

I know why this was done. Because if it is not done a GP user can login to 
Crystal Reports and pull data from all tables. But that said, the new 
approach is very bad esepcially considering the fact that the customers 
were 
not given a heads-up on this.

Please throw some light on this subject. You don't have to get into 
specifics. And a support incident DOES NOT WORK.

Thanks.
Girish

"David Musgrave [MSFT]" wrote:

> I don't believe any changes have been made since v9.0 was released.
> 
> This function is not documented as it is for internal GP use only.
> 
> I think you should log a support case with the tools team.
> 
> David Musgrave [MSFT]
> Senior Development Consultant
> Escalation Engineer - Great Plains
> Microsoft Dynamics Support - Asia Pacific
> 
> Micorosoft Dynamics (formerly Microsoft Business Solutions)
> http://www.microsoft.com/Dynamics
> 
> mailto:dmusgrav@online.microsoft.com
> 
> Any views contained within are my personal views and 
> not necessarily Microsoft Business Solutions policy.
> This posting is provided "AS IS" with no warranties, 
> and confers no rights.  
> 
> 
> "Pradeep M V" wrote:
> 
> > Hi David
> > 
> > Is there any changes made from 9.0 RTM to 9.0 SP1 and from 9.0 SP1 to 
9.0 
> > SP2 in security and password encryption?
> > Where can we find details of connection dll and its usage?
> > Is DEX function Login_CreateLogin documentmented in any help file?We 
were 
> > unable to find out in 9.0 help.
> > 
> > Thanks
> > Pradeep
> > 
> > "David Musgrave [MSFT]" wrote:
> > 
> > > The security and password encryption changed for v9.0.  I suggest you 
log a 
> > > support case if you need specifics.  We cannot post security 
information on a 
> > > public discssion group.
> > > 
> > > David Musgrave [MSFT]
> > > Senior Development Consultant
> > > Escalation Engineer - Great Plains
> > > Microsoft Dynamics Support - Asia Pacific
> > > 
> > > Micorosoft Dynamics (formerly Microsoft Business Solutions)
> > > http://www.microsoft.com/Dynamics
> > > 
> > > mailto:dmusgrav@online.microsoft.com
> > > 
> > > Any views contained within are my personal views and 
> > > not necessarily Microsoft Business Solutions policy.
> > > This posting is provided "AS IS" with no warranties, 
> > > and confers no rights.  
> > > 
> > > 
> > > "Ganesh S" wrote:
> > > 
> > > > Hi,
> > > > i would like to know if some updations has been made to the DEX 
undocumented 
> > > > function Login_CreateLogin. This function is used in creating user 
logins 
> > > > through GP.
> > > > 
> > > > Problem: While trying to Export Budgets from AA, none of the  non 
sa users 
> > > > are able to export the budget. This is due to a dll file which 
retrives the 
> > > > connection for AA. In Montego, probably the security password 
encription is 
> > > > canged, causing the dll function to fail.
> > > > 
> > > > Can i have some update on the DEX function Login_CreateLogin pls.
> > > > 
> > > > Thanks

------=_NextPart_0001_211F33B8
Content-Type: text/x-rtf
Content-Transfer-Encoding: 7bit

{\rtf1\ansi\ansicpg1252\deff0\deflang1033{\fonttbl{\f0\fnil\fprq2\fcharset0 MS Sans Serif;}}
\viewkind4\uc1\pard\f0\fs20 
\par \pard\li720 Girish,
\par 
\par Yes, the change to the encryption algorithm probably should have been documented somewhere- although I'm not saying that it isn't as it might be somewhere.  I confess to not looking at all the documentation for every release.  From a Dynamics end user perspective (and from the person supporting the GP application itself) that the encryption algorithm changed is irrelevant- you log into GP and the GP applications work.  From an end user perspective who might have external applications then yes, it  might matter.  Or might not depending on the integrating application you have.  You don't give a reference number to your incident so I could review it to see how this was approached from your side & the technicians side.  I'm not sure exactly what he would be troubleshooting for you.
\par 
\par As you state, the password encryption isn't recognizeable by other application- neither was the old one.  The difference is that in 9.0 we force encryption on you and in 8.0 we did not (if you change the password in enterprise manager in 8.0 it stayed unencrypted).  So my guess is that in 8.0 you were using unencrypted logins.
\par 
\par As you go on to state, yes this would be "bad" for other applications potentially depending on what you are doing and how you are doing it.  At this point (as of SP1 out the door and SP2 soon to come), I'm not sure what further light can be shed on this subject beyond the facts as we know them.
\par 
\par The facts as I see them are:
\par 
\par 1. The encryption algorithm changed for 9.0 to be different than the 8.0 encryption.  Encryption is now enforced for GP users.  Encryption is NOT forced on the "sa" user because that is not OUR user.  Any SQL user that you have setup in Enterprise Manger that is your user is left alone.  Any GP user including the dynsa account is "our" user and gets encrypted.
\par 
\par 2. Dexterity uses, I believe, Login_CreateLoginEx() to create the users.  The details of this function are likely irrelevant as all the encryption magic happen behind the scenes in function and not changeable by how the function is called.
\par 
\par 3. The new password encryption is being used in 9.0/9.0SP1 and forward.  This hasn't changed in 10.0 as far as I'm aware.  There is no way to return the "encrypted" version of the password with any tool.
\par 
\par 4. There is the GPConn & GPConnNet dll's available.  While not returning a password they can return an ADO connection to a GP database that can be used in your application.
\par 
\par 5. Another approach would be using Windows Authentication.  For your other applications (except for crytal reports I think) you should be able to ue  Windows Authentication.  Just change the connection string slightly and possibly give the rights to the windows user in SQL.
\par 
\par 6. The last approach that I know some ISV's have been using is to create their own user for their application in SQL.  And then in their application they hard code the user & possibly the password.  Since it is again their own user and not a GP user then the password is plain text in SQL.  And so the connection to ADO works OK.
\par 
\par 
\par patrick
\par mbs developer support
\par 
\par 
\par 
\par David, the new security encryption is a problem. It should have been 
\par addressed in the manual. When I did raise a support case, they were unaware 
\par of the encryption. They started telling the same story, go to user set-up, 
\par give me a snap-shot of this and that etc.. A futile exercise.
\par 
\par Problem is the new password encruption is not recognizbale by other programs 
\par such as Crystal Reports, Access, SQL Query Analyzer etc. Also GP 9.0 does not 
\par encrypt sa password, but it encrypts all other logins.
\par 
\par I know why this was done. Because if it is not done a GP user can login to 
\par Crystal Reports and pull data from all tables. But that said, the new 
\par approach is very bad esepcially considering the fact that the customers were 
\par not given a heads-up on this.
\par 
\par Please throw some light on this subject. You don't have to get into 
\par specifics. And a support incident DOES NOT WORK.
\par 
\par Thanks.
\par Girish
\par 
\par "David Musgrave [MSFT]" wrote:
\par 
\par > I don't believe any changes have been made since v9.0 was released.
\par > 
\par > This function is not documented as it is for internal GP use only.
\par > 
\par > I think you should log a support case with the tools team.
\par > 
\par > David Musgrave [MSFT]
\par > Senior Development Consultant
\par > Escalation Engineer - Great Plains
\par > Microsoft Dynamics Support - Asia Pacific
\par > 
\par > Micorosoft Dynamics (formerly Microsoft Business Solutions)
\par > http://www.microsoft.com/Dynamics
\par > 
\par > mailto:dmusgrav@online.microsoft.com
\par > 
\par > Any views contained within are my personal views and 
\par > not necessarily Microsoft Business Solutions policy.
\par > This posting is provided "AS IS" with no warranties, 
\par > and confers no rights.  
\par > 
\par > 
\par > "Pradeep M V" wrote:
\par > 
\par > > Hi David
\par > > 
\par > > Is there any changes made from 9.0 RTM to 9.0 SP1 and from 9.0 SP1 to 9.0 
\par > > SP2 in security and password encryption?
\par > > Where can we find details of connection dll and its usage?
\par > > Is DEX function Login_CreateLogin documentmented in any help file?We were 
\par > > unable to find out in 9.0 help.
\par > > 
\par > > Thanks
\par > > Pradeep
\par > > 
\par > > "David Musgrave [MSFT]" wrote:
\par > > 
\par > > > The security and password encryption changed for v9.0.  I suggest you log a 
\par > > > support case if you need specifics.  We cannot post security information on a 
\par > > > public discssion group.
\par > > > 
\par > > > David Musgrave [MSFT]
\par > > > Senior Development Consultant
\par > > > Escalation Engineer - Great Plains
\par > > > Microsoft Dynamics Support - Asia Pacific
\par > > > 
\par > > > Micorosoft Dynamics (formerly Microsoft Business Solutions)
\par > > > http://www.microsoft.com/Dynamics
\par > > > 
\par > > > mailto:dmusgrav@online.microsoft.com
\par > > > 
\par > > > Any views contained within are my personal views and 
\par > > > not necessarily Microsoft Business Solutions policy.
\par > > > This posting is provided "AS IS" with no warranties, 
\par > > > and confers no rights.  
\par > > > 
\par > > > 
\par > > > "Ganesh S" wrote:
\par > > > 
\par > > > > Hi,
\par > > > > i would like to know if some updations has been made to the DEX undocumented 
\par > > > > function Login_CreateLogin. This function is used in creating user logins 
\par > > > > through GP.
\par > > > > 
\par > > > > Problem: While trying to Export Budgets from AA, none of the  non sa users 
\par > > > > are able to export the budget. This is due to a dll file which retrives the 
\par > > > > connection for AA. In Montego, probably the security password encription is 
\par > > > > canged, causing the dll function to fail.
\par > > > > 
\par > > > > Can i have some update on the DEX function Login_CreateLogin pls.
\par > > > > 
\par > > > > Thanks
\par \pard 
\par 
\par }
------=_NextPart_0001_211F33B8--

0
prot (52)
11/14/2006 5:40:54 PM
Hi Patrick

I found that in 8.0 sp4 and above to retrive password we were using 
Decode_Utility function for all users.Earlier it was there for only sa user.
Also as you said we are using ADO connection  of GpConn dll.But for non sa 
users its popups error "Login failed for user ...".But if we create new 
password from sql manager it works fine.
Can you tell me why GP non sa user fails in ADO connection  of GpConn ?What 
might be the reasons?

Thanks
Pradeep
""Patrick"" wrote:

> 
> Girish,
> 
> Yes, the change to the encryption algorithm probably should have been 
> documented somewhere- although I'm not saying that it isn't as it might be 
> somewhere.  I confess to not looking at all the documentation for every 
> release.  From a Dynamics end user perspective (and from the person 
> supporting the GP application itself) that the encryption algorithm changed 
> is irrelevant- you log into GP and the GP applications work.  From an end 
> user perspective who might have external applications then yes, it  might 
> matter.  Or might not depending on the integrating application you have.  
> You don't give a reference number to your incident so I could review it to 
> see how this was approached from your side & the technicians side.  I'm not 
> sure exactly what he would be troubleshooting for you.
> 
> As you state, the password encryption isn't recognizeable by other 
> application- neither was the old one.  The difference is that in 9.0 we 
> force encryption on you and in 8.0 we did not (if you change the password 
> in enterprise manager in 8.0 it stayed unencrypted).  So my guess is that 
> in 8.0 you were using unencrypted logins.
> 
> As you go on to state, yes this would be "bad" for other applications 
> potentially depending on what you are doing and how you are doing it.  At 
> this point (as of SP1 out the door and SP2 soon to come), I'm not sure what 
> further light can be shed on this subject beyond the facts as we know them.
> 
> The facts as I see them are:
> 
> 1. The encryption algorithm changed for 9.0 to be different than the 8.0 
> encryption.  Encryption is now enforced for GP users.  Encryption is NOT 
> forced on the "sa" user because that is not OUR user.  Any SQL user that 
> you have setup in Enterprise Manger that is your user is left alone.  Any 
> GP user including the dynsa account is "our" user and gets encrypted.
> 
> 2. Dexterity uses, I believe, Login_CreateLoginEx() to create the users.  
> The details of this function are likely irrelevant as all the encryption 
> magic happen behind the scenes in function and not changeable by how the 
> function is called.
> 
> 3. The new password encryption is being used in 9.0/9.0SP1 and forward.  
> This hasn't changed in 10.0 as far as I'm aware.  There is no way to return 
> the "encrypted" version of the password with any tool.
> 
> 4. There is the GPConn & GPConnNet dll's available.  While not returning a 
> password they can return an ADO connection to a GP database that can be 
> used in your application.
> 
> 5. Another approach would be using Windows Authentication.  For your other 
> applications (except for crytal reports I think) you should be able to ue  
> Windows Authentication.  Just change the connection string slightly and 
> possibly give the rights to the windows user in SQL.
> 
> 6. The last approach that I know some ISV's have been using is to create 
> their own user for their application in SQL.  And then in their application 
> they hard code the user & possibly the password.  Since it is again their 
> own user and not a GP user then the password is plain text in SQL.  And so 
> the connection to ADO works OK.
> 
> 
> patrick
> mbs developer support
> 
> 
> 
> David, the new security encryption is a problem. It should have been 
> addressed in the manual. When I did raise a support case, they were unaware 
> of the encryption. They started telling the same story, go to user set-up, 
> give me a snap-shot of this and that etc.. A futile exercise.
> 
> Problem is the new password encruption is not recognizbale by other 
> programs 
> such as Crystal Reports, Access, SQL Query Analyzer etc. Also GP 9.0 does 
> not 
> encrypt sa password, but it encrypts all other logins.
> 
> I know why this was done. Because if it is not done a GP user can login to 
> Crystal Reports and pull data from all tables. But that said, the new 
> approach is very bad esepcially considering the fact that the customers 
> were 
> not given a heads-up on this.
> 
> Please throw some light on this subject. You don't have to get into 
> specifics. And a support incident DOES NOT WORK.
> 
> Thanks.
> Girish
> 
> "David Musgrave [MSFT]" wrote:
> 
> > I don't believe any changes have been made since v9.0 was released.
> > 
> > This function is not documented as it is for internal GP use only.
> > 
> > I think you should log a support case with the tools team.
> > 
> > David Musgrave [MSFT]
> > Senior Development Consultant
> > Escalation Engineer - Great Plains
> > Microsoft Dynamics Support - Asia Pacific
> > 
> > Micorosoft Dynamics (formerly Microsoft Business Solutions)
> > http://www.microsoft.com/Dynamics
> > 
> > mailto:dmusgrav@online.microsoft.com
> > 
> > Any views contained within are my personal views and 
> > not necessarily Microsoft Business Solutions policy.
> > This posting is provided "AS IS" with no warranties, 
> > and confers no rights.  
> > 
> > 
> > "Pradeep M V" wrote:
> > 
> > > Hi David
> > > 
> > > Is there any changes made from 9.0 RTM to 9.0 SP1 and from 9.0 SP1 to 
> 9.0 
> > > SP2 in security and password encryption?
> > > Where can we find details of connection dll and its usage?
> > > Is DEX function Login_CreateLogin documentmented in any help file?We 
> were 
> > > unable to find out in 9.0 help.
> > > 
> > > Thanks
> > > Pradeep
> > > 
> > > "David Musgrave [MSFT]" wrote:
> > > 
> > > > The security and password encryption changed for v9.0.  I suggest you 
> log a 
> > > > support case if you need specifics.  We cannot post security 
> information on a 
> > > > public discssion group.
> > > > 
> > > > David Musgrave [MSFT]
> > > > Senior Development Consultant
> > > > Escalation Engineer - Great Plains
> > > > Microsoft Dynamics Support - Asia Pacific
> > > > 
> > > > Micorosoft Dynamics (formerly Microsoft Business Solutions)
> > > > http://www.microsoft.com/Dynamics
> > > > 
> > > > mailto:dmusgrav@online.microsoft.com
> > > > 
> > > > Any views contained within are my personal views and 
> > > > not necessarily Microsoft Business Solutions policy.
> > > > This posting is provided "AS IS" with no warranties, 
> > > > and confers no rights.  
> > > > 
> > > > 
> > > > "Ganesh S" wrote:
> > > > 
> > > > > Hi,
> > > > > i would like to know if some updations has been made to the DEX 
> undocumented 
> > > > > function Login_CreateLogin. This function is used in creating user 
> logins 
> > > > > through GP.
> > > > > 
> > > > > Problem: While trying to Export Budgets from AA, none of the  non 
> sa users 
> > > > > are able to export the budget. This is due to a dll file which 
> retrives the 
> > > > > connection for AA. In Montego, probably the security password 
> encription is 
> > > > > canged, causing the dll function to fail.
> > > > > 
> > > > > Can i have some update on the DEX function Login_CreateLogin pls.
> > > > > 
> > > > > Thanks
> 
0
PradeepMV (108)
11/14/2006 5:52:02 PM
Patrick, I appreciate your detailed response. I agree with you on the fact 
that 9.0 forces encryption and 8.0 did not. I did not explain this well in my 
original post. 

On your point # 6 regarding what the ISV's are doing, creating their own SQL 
user instead of GP user. However tell me something in this scenario. If we do 
use our own user instead of GP user, how will the Advanced Security behave.  
Will the security administered through GP/Advanced Security work for "our SQL 
users" ?

Thanks

Girish

""Patrick"" wrote:

> 
> Girish,
> 
> Yes, the change to the encryption algorithm probably should have been 
> documented somewhere- although I'm not saying that it isn't as it might be 
> somewhere.  I confess to not looking at all the documentation for every 
> release.  From a Dynamics end user perspective (and from the person 
> supporting the GP application itself) that the encryption algorithm changed 
> is irrelevant- you log into GP and the GP applications work.  From an end 
> user perspective who might have external applications then yes, it  might 
> matter.  Or might not depending on the integrating application you have.  
> You don't give a reference number to your incident so I could review it to 
> see how this was approached from your side & the technicians side.  I'm not 
> sure exactly what he would be troubleshooting for you.
> 
> As you state, the password encryption isn't recognizeable by other 
> application- neither was the old one.  The difference is that in 9.0 we 
> force encryption on you and in 8.0 we did not (if you change the password 
> in enterprise manager in 8.0 it stayed unencrypted).  So my guess is that 
> in 8.0 you were using unencrypted logins.
> 
> As you go on to state, yes this would be "bad" for other applications 
> potentially depending on what you are doing and how you are doing it.  At 
> this point (as of SP1 out the door and SP2 soon to come), I'm not sure what 
> further light can be shed on this subject beyond the facts as we know them.
> 
> The facts as I see them are:
> 
> 1. The encryption algorithm changed for 9.0 to be different than the 8.0 
> encryption.  Encryption is now enforced for GP users.  Encryption is NOT 
> forced on the "sa" user because that is not OUR user.  Any SQL user that 
> you have setup in Enterprise Manger that is your user is left alone.  Any 
> GP user including the dynsa account is "our" user and gets encrypted.
> 
> 2. Dexterity uses, I believe, Login_CreateLoginEx() to create the users.  
> The details of this function are likely irrelevant as all the encryption 
> magic happen behind the scenes in function and not changeable by how the 
> function is called.
> 
> 3. The new password encryption is being used in 9.0/9.0SP1 and forward.  
> This hasn't changed in 10.0 as far as I'm aware.  There is no way to return 
> the "encrypted" version of the password with any tool.
> 
> 4. There is the GPConn & GPConnNet dll's available.  While not returning a 
> password they can return an ADO connection to a GP database that can be 
> used in your application.
> 
> 5. Another approach would be using Windows Authentication.  For your other 
> applications (except for crytal reports I think) you should be able to ue  
> Windows Authentication.  Just change the connection string slightly and 
> possibly give the rights to the windows user in SQL.
> 
> 6. The last approach that I know some ISV's have been using is to create 
> their own user for their application in SQL.  And then in their application 
> they hard code the user & possibly the password.  Since it is again their 
> own user and not a GP user then the password is plain text in SQL.  And so 
> the connection to ADO works OK.
> 
> 
> patrick
> mbs developer support
> 
> 
> 
> David, the new security encryption is a problem. It should have been 
> addressed in the manual. When I did raise a support case, they were unaware 
> of the encryption. They started telling the same story, go to user set-up, 
> give me a snap-shot of this and that etc.. A futile exercise.
> 
> Problem is the new password encruption is not recognizbale by other 
> programs 
> such as Crystal Reports, Access, SQL Query Analyzer etc. Also GP 9.0 does 
> not 
> encrypt sa password, but it encrypts all other logins.
> 
> I know why this was done. Because if it is not done a GP user can login to 
> Crystal Reports and pull data from all tables. But that said, the new 
> approach is very bad esepcially considering the fact that the customers 
> were 
> not given a heads-up on this.
> 
> Please throw some light on this subject. You don't have to get into 
> specifics. And a support incident DOES NOT WORK.
> 
> Thanks.
> Girish
> 
> "David Musgrave [MSFT]" wrote:
> 
> > I don't believe any changes have been made since v9.0 was released.
> > 
> > This function is not documented as it is for internal GP use only.
> > 
> > I think you should log a support case with the tools team.
> > 
> > David Musgrave [MSFT]
> > Senior Development Consultant
> > Escalation Engineer - Great Plains
> > Microsoft Dynamics Support - Asia Pacific
> > 
> > Micorosoft Dynamics (formerly Microsoft Business Solutions)
> > http://www.microsoft.com/Dynamics
> > 
> > mailto:dmusgrav@online.microsoft.com
> > 
> > Any views contained within are my personal views and 
> > not necessarily Microsoft Business Solutions policy.
> > This posting is provided "AS IS" with no warranties, 
> > and confers no rights.  
> > 
> > 
> > "Pradeep M V" wrote:
> > 
> > > Hi David
> > > 
> > > Is there any changes made from 9.0 RTM to 9.0 SP1 and from 9.0 SP1 to 
> 9.0 
> > > SP2 in security and password encryption?
> > > Where can we find details of connection dll and its usage?
> > > Is DEX function Login_CreateLogin documentmented in any help file?We 
> were 
> > > unable to find out in 9.0 help.
> > > 
> > > Thanks
> > > Pradeep
> > > 
> > > "David Musgrave [MSFT]" wrote:
> > > 
> > > > The security and password encryption changed for v9.0.  I suggest you 
> log a 
> > > > support case if you need specifics.  We cannot post security 
> information on a 
> > > > public discssion group.
> > > > 
> > > > David Musgrave [MSFT]
> > > > Senior Development Consultant
> > > > Escalation Engineer - Great Plains
> > > > Microsoft Dynamics Support - Asia Pacific
> > > > 
> > > > Micorosoft Dynamics (formerly Microsoft Business Solutions)
> > > > http://www.microsoft.com/Dynamics
> > > > 
> > > > mailto:dmusgrav@online.microsoft.com
> > > > 
> > > > Any views contained within are my personal views and 
> > > > not necessarily Microsoft Business Solutions policy.
> > > > This posting is provided "AS IS" with no warranties, 
> > > > and confers no rights.  
> > > > 
> > > > 
> > > > "Ganesh S" wrote:
> > > > 
> > > > > Hi,
> > > > > i would like to know if some updations has been made to the DEX 
> undocumented 
> > > > > function Login_CreateLogin. This function is used in creating user 
> logins 
> > > > > through GP.
> > > > > 
> > > > > Problem: While trying to Export Budgets from AA, none of the  non 
> sa users 
> > > > > are able to export the budget. This is due to a dll file which 
> retrives the 
> > > > > connection for AA. In Montego, probably the security password 
> encription is 
> > > > > canged, causing the dll function to fail.
> > > > > 
> > > > > Can i have some update on the DEX function Login_CreateLogin pls.
> > > > > 
> > > > > Thanks
> 
0
11/14/2006 7:26:01 PM
Well, this would be "back end" SQL security/login stuff which Advanced
Security didn't touch before either.  All security that you see in GP
(window,report,table) is all enforced at the Dexterity level.  So in that
regard, this change don't matter at all.

patrick
mbs dev support
-- 
This posting is provided "AS IS" with no warranties, and confers no rights.


"Girish Viriyur" <GirishViriyur@discussions.microsoft.com> wrote in message
news:7CB555AD-F0F6-4EEA-8DE5-673EDA9A2331@microsoft.com...
> Patrick, I appreciate your detailed response. I agree with you on the fact
> that 9.0 forces encryption and 8.0 did not. I did not explain this well in
my
> original post.
>
> On your point # 6 regarding what the ISV's are doing, creating their own
SQL
> user instead of GP user. However tell me something in this scenario. If we
do
> use our own user instead of GP user, how will the Advanced Security
behave.
> Will the security administered through GP/Advanced Security work for "our
SQL
> users" ?
>
> Thanks
>
> Girish
>
> ""Patrick"" wrote:
>
> >
> > Girish,
> >
> > Yes, the change to the encryption algorithm probably should have been
> > documented somewhere- although I'm not saying that it isn't as it might
be
> > somewhere.  I confess to not looking at all the documentation for every
> > release.  From a Dynamics end user perspective (and from the person
> > supporting the GP application itself) that the encryption algorithm
changed
> > is irrelevant- you log into GP and the GP applications work.  From an
end
> > user perspective who might have external applications then yes, it
might
> > matter.  Or might not depending on the integrating application you have.
> > You don't give a reference number to your incident so I could review it
to
> > see how this was approached from your side & the technicians side.  I'm
not
> > sure exactly what he would be troubleshooting for you.
> >
> > As you state, the password encryption isn't recognizeable by other
> > application- neither was the old one.  The difference is that in 9.0 we
> > force encryption on you and in 8.0 we did not (if you change the
password
> > in enterprise manager in 8.0 it stayed unencrypted).  So my guess is
that
> > in 8.0 you were using unencrypted logins.
> >
> > As you go on to state, yes this would be "bad" for other applications
> > potentially depending on what you are doing and how you are doing it.
At
> > this point (as of SP1 out the door and SP2 soon to come), I'm not sure
what
> > further light can be shed on this subject beyond the facts as we know
them.
> >
> > The facts as I see them are:
> >
> > 1. The encryption algorithm changed for 9.0 to be different than the 8.0
> > encryption.  Encryption is now enforced for GP users.  Encryption is NOT
> > forced on the "sa" user because that is not OUR user.  Any SQL user that
> > you have setup in Enterprise Manger that is your user is left alone.
Any
> > GP user including the dynsa account is "our" user and gets encrypted.
> >
> > 2. Dexterity uses, I believe, Login_CreateLoginEx() to create the users.
> > The details of this function are likely irrelevant as all the encryption
> > magic happen behind the scenes in function and not changeable by how the
> > function is called.
> >
> > 3. The new password encryption is being used in 9.0/9.0SP1 and forward.
> > This hasn't changed in 10.0 as far as I'm aware.  There is no way to
return
> > the "encrypted" version of the password with any tool.
> >
> > 4. There is the GPConn & GPConnNet dll's available.  While not returning
a
> > password they can return an ADO connection to a GP database that can be
> > used in your application.
> >
> > 5. Another approach would be using Windows Authentication.  For your
other
> > applications (except for crytal reports I think) you should be able to
ue
> > Windows Authentication.  Just change the connection string slightly and
> > possibly give the rights to the windows user in SQL.
> >
> > 6. The last approach that I know some ISV's have been using is to create
> > their own user for their application in SQL.  And then in their
application
> > they hard code the user & possibly the password.  Since it is again
their
> > own user and not a GP user then the password is plain text in SQL.  And
so
> > the connection to ADO works OK.
> >
> >
> > patrick
> > mbs developer support
> >
> >
> >
> > David, the new security encryption is a problem. It should have been
> > addressed in the manual. When I did raise a support case, they were
unaware
> > of the encryption. They started telling the same story, go to user
set-up,
> > give me a snap-shot of this and that etc.. A futile exercise.
> >
> > Problem is the new password encruption is not recognizbale by other
> > programs
> > such as Crystal Reports, Access, SQL Query Analyzer etc. Also GP 9.0
does
> > not
> > encrypt sa password, but it encrypts all other logins.
> >
> > I know why this was done. Because if it is not done a GP user can login
to
> > Crystal Reports and pull data from all tables. But that said, the new
> > approach is very bad esepcially considering the fact that the customers
> > were
> > not given a heads-up on this.
> >
> > Please throw some light on this subject. You don't have to get into
> > specifics. And a support incident DOES NOT WORK.
> >
> > Thanks.
> > Girish
> >
> > "David Musgrave [MSFT]" wrote:
> >
> > > I don't believe any changes have been made since v9.0 was released.
> > >
> > > This function is not documented as it is for internal GP use only.
> > >
> > > I think you should log a support case with the tools team.
> > >
> > > David Musgrave [MSFT]
> > > Senior Development Consultant
> > > Escalation Engineer - Great Plains
> > > Microsoft Dynamics Support - Asia Pacific
> > >
> > > Micorosoft Dynamics (formerly Microsoft Business Solutions)
> > > http://www.microsoft.com/Dynamics
> > >
> > > mailto:dmusgrav@online.microsoft.com
> > >
> > > Any views contained within are my personal views and
> > > not necessarily Microsoft Business Solutions policy.
> > > This posting is provided "AS IS" with no warranties,
> > > and confers no rights.
> > >
> > >
> > > "Pradeep M V" wrote:
> > >
> > > > Hi David
> > > >
> > > > Is there any changes made from 9.0 RTM to 9.0 SP1 and from 9.0 SP1
to
> > 9.0
> > > > SP2 in security and password encryption?
> > > > Where can we find details of connection dll and its usage?
> > > > Is DEX function Login_CreateLogin documentmented in any help file?We
> > were
> > > > unable to find out in 9.0 help.
> > > >
> > > > Thanks
> > > > Pradeep
> > > >
> > > > "David Musgrave [MSFT]" wrote:
> > > >
> > > > > The security and password encryption changed for v9.0.  I suggest
you
> > log a
> > > > > support case if you need specifics.  We cannot post security
> > information on a
> > > > > public discssion group.
> > > > >
> > > > > David Musgrave [MSFT]
> > > > > Senior Development Consultant
> > > > > Escalation Engineer - Great Plains
> > > > > Microsoft Dynamics Support - Asia Pacific
> > > > >
> > > > > Micorosoft Dynamics (formerly Microsoft Business Solutions)
> > > > > http://www.microsoft.com/Dynamics
> > > > >
> > > > > mailto:dmusgrav@online.microsoft.com
> > > > >
> > > > > Any views contained within are my personal views and
> > > > > not necessarily Microsoft Business Solutions policy.
> > > > > This posting is provided "AS IS" with no warranties,
> > > > > and confers no rights.
> > > > >
> > > > >
> > > > > "Ganesh S" wrote:
> > > > >
> > > > > > Hi,
> > > > > > i would like to know if some updations has been made to the DEX
> > undocumented
> > > > > > function Login_CreateLogin. This function is used in creating
user
> > logins
> > > > > > through GP.
> > > > > >
> > > > > > Problem: While trying to Export Budgets from AA, none of the
non
> > sa users
> > > > > > are able to export the budget. This is due to a dll file which
> > retrives the
> > > > > > connection for AA. In Montego, probably the security password
> > encription is
> > > > > > canged, causing the dll function to fail.
> > > > > >
> > > > > > Can i have some update on the DEX function Login_CreateLogin
pls.
> > > > > >
> > > > > > Thanks
> >


0
prot1 (1345)
11/16/2006 2:12:22 AM
Are you saying that under 8.0 SP4 (and previous RTM, sp1-sp4) that for say
LESSONUSER1 you used GPConn.dll which makes the ADO connection for you.  And
that worked OK.  But then you added on GP 8.0SP5 and now it fails for
LESSONUSER1?  And is that only if you change their password in GP it fails?
But then changing it in enterprise manager (which would leave the password
plain text) allows it to work?

As there are no changes to Dexterity that I'm aware of (I would see the
bug/feature request) in 8.00.86 (sp5 dexterity runtime version I believe)
that part shouldn't matter.  The odds approach 0% of this happening
accidently as the dex 8.0 & 9.0 builds are separate so it didn't "just
happen".

It is possible that there was a code change in Dynamics 8.0 SP5 that no
longer encrypts the password in globals.  In 9.0 for instance the memory of
the password variable is now stored unencrypted.  So it is possible that
might be the case in 8.0 SP5 as well.

You mention, for instance that you are using "Decode_Utility" which I take
to mean Utility_DecodeString() which you probably use on 'Password' of
globals and claim that worked just fine under pre SP5.  That being the case,
I guess since we know that GPConn.dll requires the plain text password, in
your code are you checking the value you are sending to GPConn to verify it
is indeed the "plain text" of the password now in sp5?

Now my guess is that this is all OK.  The reason is that you say an
enterprise manager change password user works.  And that wouldn't happen
with gpconn.dll unless you really did pass in the plain text password.  I
guess I just don't see why this would fail now.

Although we _did_ have a case today from a VAR saying just this _same_
thing.  But we asked a few probing questions and he replied "Oh, we figured
it out" without answering our other questions or elaborating on the
discovery.  So until shown otherwise we're thinking it was more "user
error".  He'll likely post back tomorrow.

patrick
mbs dev support

patrick
mbs dev support

-- 
This posting is provided "AS IS" with no warranties, and confers no rights.


"Pradeep M V" <PradeepMV@discussions.microsoft.com> wrote in message
news:9F27649B-9C16-4A57-804E-E14F7BF5BDFD@microsoft.com...
> Hi Patrick
>
> I found that in 8.0 sp4 and above to retrive password we were using
> Decode_Utility function for all users.Earlier it was there for only sa
user.
> Also as you said we are using ADO connection  of GpConn dll.But for non sa
> users its popups error "Login failed for user ...".But if we create new
> password from sql manager it works fine.
> Can you tell me why GP non sa user fails in ADO connection  of GpConn
?What
> might be the reasons?
>
> Thanks
> Pradeep
> ""Patrick"" wrote:
>
> >
> > Girish,
> >
> > Yes, the change to the encryption algorithm probably should have been
> > documented somewhere- although I'm not saying that it isn't as it might
be
> > somewhere.  I confess to not looking at all the documentation for every
> > release.  From a Dynamics end user perspective (and from the person
> > supporting the GP application itself) that the encryption algorithm
changed
> > is irrelevant- you log into GP and the GP applications work.  From an
end
> > user perspective who might have external applications then yes, it
might
> > matter.  Or might not depending on the integrating application you have.
> > You don't give a reference number to your incident so I could review it
to
> > see how this was approached from your side & the technicians side.  I'm
not
> > sure exactly what he would be troubleshooting for you.
> >
> > As you state, the password encryption isn't recognizeable by other
> > application- neither was the old one.  The difference is that in 9.0 we
> > force encryption on you and in 8.0 we did not (if you change the
password
> > in enterprise manager in 8.0 it stayed unencrypted).  So my guess is
that
> > in 8.0 you were using unencrypted logins.
> >
> > As you go on to state, yes this would be "bad" for other applications
> > potentially depending on what you are doing and how you are doing it.
At
> > this point (as of SP1 out the door and SP2 soon to come), I'm not sure
what
> > further light can be shed on this subject beyond the facts as we know
them.
> >
> > The facts as I see them are:
> >
> > 1. The encryption algorithm changed for 9.0 to be different than the 8.0
> > encryption.  Encryption is now enforced for GP users.  Encryption is NOT
> > forced on the "sa" user because that is not OUR user.  Any SQL user that
> > you have setup in Enterprise Manger that is your user is left alone.
Any
> > GP user including the dynsa account is "our" user and gets encrypted.
> >
> > 2. Dexterity uses, I believe, Login_CreateLoginEx() to create the users.
> > The details of this function are likely irrelevant as all the encryption
> > magic happen behind the scenes in function and not changeable by how the
> > function is called.
> >
> > 3. The new password encryption is being used in 9.0/9.0SP1 and forward.
> > This hasn't changed in 10.0 as far as I'm aware.  There is no way to
return
> > the "encrypted" version of the password with any tool.
> >
> > 4. There is the GPConn & GPConnNet dll's available.  While not returning
a
> > password they can return an ADO connection to a GP database that can be
> > used in your application.
> >
> > 5. Another approach would be using Windows Authentication.  For your
other
> > applications (except for crytal reports I think) you should be able to
ue
> > Windows Authentication.  Just change the connection string slightly and
> > possibly give the rights to the windows user in SQL.
> >
> > 6. The last approach that I know some ISV's have been using is to create
> > their own user for their application in SQL.  And then in their
application
> > they hard code the user & possibly the password.  Since it is again
their
> > own user and not a GP user then the password is plain text in SQL.  And
so
> > the connection to ADO works OK.
> >
> >
> > patrick
> > mbs developer support
> >
> >
> >
> > David, the new security encryption is a problem. It should have been
> > addressed in the manual. When I did raise a support case, they were
unaware
> > of the encryption. They started telling the same story, go to user
set-up,
> > give me a snap-shot of this and that etc.. A futile exercise.
> >
> > Problem is the new password encruption is not recognizbale by other
> > programs
> > such as Crystal Reports, Access, SQL Query Analyzer etc. Also GP 9.0
does
> > not
> > encrypt sa password, but it encrypts all other logins.
> >
> > I know why this was done. Because if it is not done a GP user can login
to
> > Crystal Reports and pull data from all tables. But that said, the new
> > approach is very bad esepcially considering the fact that the customers
> > were
> > not given a heads-up on this.
> >
> > Please throw some light on this subject. You don't have to get into
> > specifics. And a support incident DOES NOT WORK.
> >
> > Thanks.
> > Girish
> >
> > "David Musgrave [MSFT]" wrote:
> >
> > > I don't believe any changes have been made since v9.0 was released.
> > >
> > > This function is not documented as it is for internal GP use only.
> > >
> > > I think you should log a support case with the tools team.
> > >
> > > David Musgrave [MSFT]
> > > Senior Development Consultant
> > > Escalation Engineer - Great Plains
> > > Microsoft Dynamics Support - Asia Pacific
> > >
> > > Micorosoft Dynamics (formerly Microsoft Business Solutions)
> > > http://www.microsoft.com/Dynamics
> > >
> > > mailto:dmusgrav@online.microsoft.com
> > >
> > > Any views contained within are my personal views and
> > > not necessarily Microsoft Business Solutions policy.
> > > This posting is provided "AS IS" with no warranties,
> > > and confers no rights.
> > >
> > >
> > > "Pradeep M V" wrote:
> > >
> > > > Hi David
> > > >
> > > > Is there any changes made from 9.0 RTM to 9.0 SP1 and from 9.0 SP1
to
> > 9.0
> > > > SP2 in security and password encryption?
> > > > Where can we find details of connection dll and its usage?
> > > > Is DEX function Login_CreateLogin documentmented in any help file?We
> > were
> > > > unable to find out in 9.0 help.
> > > >
> > > > Thanks
> > > > Pradeep
> > > >
> > > > "David Musgrave [MSFT]" wrote:
> > > >
> > > > > The security and password encryption changed for v9.0.  I suggest
you
> > log a
> > > > > support case if you need specifics.  We cannot post security
> > information on a
> > > > > public discssion group.
> > > > >
> > > > > David Musgrave [MSFT]
> > > > > Senior Development Consultant
> > > > > Escalation Engineer - Great Plains
> > > > > Microsoft Dynamics Support - Asia Pacific
> > > > >
> > > > > Micorosoft Dynamics (formerly Microsoft Business Solutions)
> > > > > http://www.microsoft.com/Dynamics
> > > > >
> > > > > mailto:dmusgrav@online.microsoft.com
> > > > >
> > > > > Any views contained within are my personal views and
> > > > > not necessarily Microsoft Business Solutions policy.
> > > > > This posting is provided "AS IS" with no warranties,
> > > > > and confers no rights.
> > > > >
> > > > >
> > > > > "Ganesh S" wrote:
> > > > >
> > > > > > Hi,
> > > > > > i would like to know if some updations has been made to the DEX
> > undocumented
> > > > > > function Login_CreateLogin. This function is used in creating
user
> > logins
> > > > > > through GP.
> > > > > >
> > > > > > Problem: While trying to Export Budgets from AA, none of the
non
> > sa users
> > > > > > are able to export the budget. This is due to a dll file which
> > retrives the
> > > > > > connection for AA. In Montego, probably the security password
> > encription is
> > > > > > canged, causing the dll function to fail.
> > > > > >
> > > > > > Can i have some update on the DEX function Login_CreateLogin
pls.
> > > > > >
> > > > > > Thanks
> >


0
prot1 (1345)
11/16/2006 2:24:13 AM
Hi Patrick

Can you tell me why GP non sa user fails in ADO connection  of GpConn ?What 
might be the reasons?

Thanks
Pradeep
"Patrick [MSFT]" wrote:

> Well, this would be "back end" SQL security/login stuff which Advanced
> Security didn't touch before either.  All security that you see in GP
> (window,report,table) is all enforced at the Dexterity level.  So in that
> regard, this change don't matter at all.
> 
> patrick
> mbs dev support
> -- 
> This posting is provided "AS IS" with no warranties, and confers no rights.
> 
> 
> "Girish Viriyur" <GirishViriyur@discussions.microsoft.com> wrote in message
> news:7CB555AD-F0F6-4EEA-8DE5-673EDA9A2331@microsoft.com...
> > Patrick, I appreciate your detailed response. I agree with you on the fact
> > that 9.0 forces encryption and 8.0 did not. I did not explain this well in
> my
> > original post.
> >
> > On your point # 6 regarding what the ISV's are doing, creating their own
> SQL
> > user instead of GP user. However tell me something in this scenario. If we
> do
> > use our own user instead of GP user, how will the Advanced Security
> behave.
> > Will the security administered through GP/Advanced Security work for "our
> SQL
> > users" ?
> >
> > Thanks
> >
> > Girish
> >
> > ""Patrick"" wrote:
> >
> > >
> > > Girish,
> > >
> > > Yes, the change to the encryption algorithm probably should have been
> > > documented somewhere- although I'm not saying that it isn't as it might
> be
> > > somewhere.  I confess to not looking at all the documentation for every
> > > release.  From a Dynamics end user perspective (and from the person
> > > supporting the GP application itself) that the encryption algorithm
> changed
> > > is irrelevant- you log into GP and the GP applications work.  From an
> end
> > > user perspective who might have external applications then yes, it
> might
> > > matter.  Or might not depending on the integrating application you have.
> > > You don't give a reference number to your incident so I could review it
> to
> > > see how this was approached from your side & the technicians side.  I'm
> not
> > > sure exactly what he would be troubleshooting for you.
> > >
> > > As you state, the password encryption isn't recognizeable by other
> > > application- neither was the old one.  The difference is that in 9.0 we
> > > force encryption on you and in 8.0 we did not (if you change the
> password
> > > in enterprise manager in 8.0 it stayed unencrypted).  So my guess is
> that
> > > in 8.0 you were using unencrypted logins.
> > >
> > > As you go on to state, yes this would be "bad" for other applications
> > > potentially depending on what you are doing and how you are doing it.
> At
> > > this point (as of SP1 out the door and SP2 soon to come), I'm not sure
> what
> > > further light can be shed on this subject beyond the facts as we know
> them.
> > >
> > > The facts as I see them are:
> > >
> > > 1. The encryption algorithm changed for 9.0 to be different than the 8.0
> > > encryption.  Encryption is now enforced for GP users.  Encryption is NOT
> > > forced on the "sa" user because that is not OUR user.  Any SQL user that
> > > you have setup in Enterprise Manger that is your user is left alone.
> Any
> > > GP user including the dynsa account is "our" user and gets encrypted.
> > >
> > > 2. Dexterity uses, I believe, Login_CreateLoginEx() to create the users.
> > > The details of this function are likely irrelevant as all the encryption
> > > magic happen behind the scenes in function and not changeable by how the
> > > function is called.
> > >
> > > 3. The new password encryption is being used in 9.0/9.0SP1 and forward.
> > > This hasn't changed in 10.0 as far as I'm aware.  There is no way to
> return
> > > the "encrypted" version of the password with any tool.
> > >
> > > 4. There is the GPConn & GPConnNet dll's available.  While not returning
> a
> > > password they can return an ADO connection to a GP database that can be
> > > used in your application.
> > >
> > > 5. Another approach would be using Windows Authentication.  For your
> other
> > > applications (except for crytal reports I think) you should be able to
> ue
> > > Windows Authentication.  Just change the connection string slightly and
> > > possibly give the rights to the windows user in SQL.
> > >
> > > 6. The last approach that I know some ISV's have been using is to create
> > > their own user for their application in SQL.  And then in their
> application
> > > they hard code the user & possibly the password.  Since it is again
> their
> > > own user and not a GP user then the password is plain text in SQL.  And
> so
> > > the connection to ADO works OK.
> > >
> > >
> > > patrick
> > > mbs developer support
> > >
> > >
> > >
> > > David, the new security encryption is a problem. It should have been
> > > addressed in the manual. When I did raise a support case, they were
> unaware
> > > of the encryption. They started telling the same story, go to user
> set-up,
> > > give me a snap-shot of this and that etc.. A futile exercise.
> > >
> > > Problem is the new password encruption is not recognizbale by other
> > > programs
> > > such as Crystal Reports, Access, SQL Query Analyzer etc. Also GP 9.0
> does
> > > not
> > > encrypt sa password, but it encrypts all other logins.
> > >
> > > I know why this was done. Because if it is not done a GP user can login
> to
> > > Crystal Reports and pull data from all tables. But that said, the new
> > > approach is very bad esepcially considering the fact that the customers
> > > were
> > > not given a heads-up on this.
> > >
> > > Please throw some light on this subject. You don't have to get into
> > > specifics. And a support incident DOES NOT WORK.
> > >
> > > Thanks.
> > > Girish
> > >
> > > "David Musgrave [MSFT]" wrote:
> > >
> > > > I don't believe any changes have been made since v9.0 was released.
> > > >
> > > > This function is not documented as it is for internal GP use only.
> > > >
> > > > I think you should log a support case with the tools team.
> > > >
> > > > David Musgrave [MSFT]
> > > > Senior Development Consultant
> > > > Escalation Engineer - Great Plains
> > > > Microsoft Dynamics Support - Asia Pacific
> > > >
> > > > Micorosoft Dynamics (formerly Microsoft Business Solutions)
> > > > http://www.microsoft.com/Dynamics
> > > >
> > > > mailto:dmusgrav@online.microsoft.com
> > > >
> > > > Any views contained within are my personal views and
> > > > not necessarily Microsoft Business Solutions policy.
> > > > This posting is provided "AS IS" with no warranties,
> > > > and confers no rights.
> > > >
> > > >
> > > > "Pradeep M V" wrote:
> > > >
> > > > > Hi David
> > > > >
> > > > > Is there any changes made from 9.0 RTM to 9.0 SP1 and from 9.0 SP1
> to
> > > 9.0
> > > > > SP2 in security and password encryption?
> > > > > Where can we find details of connection dll and its usage?
> > > > > Is DEX function Login_CreateLogin documentmented in any help file?We
> > > were
> > > > > unable to find out in 9.0 help.
> > > > >
> > > > > Thanks
> > > > > Pradeep
> > > > >
> > > > > "David Musgrave [MSFT]" wrote:
> > > > >
> > > > > > The security and password encryption changed for v9.0.  I suggest
> you
> > > log a
> > > > > > support case if you need specifics.  We cannot post security
> > > information on a
> > > > > > public discssion group.
> > > > > >
> > > > > > David Musgrave [MSFT]
> > > > > > Senior Development Consultant
> > > > > > Escalation Engineer - Great Plains
> > > > > > Microsoft Dynamics Support - Asia Pacific
> > > > > >
> > > > > > Micorosoft Dynamics (formerly Microsoft Business Solutions)
> > > > > > http://www.microsoft.com/Dynamics
> > > > > >
> > > > > > mailto:dmusgrav@online.microsoft.com
> > > > > >
> > > > > > Any views contained within are my personal views and
> > > > > > not necessarily Microsoft Business Solutions policy.
> > > > > > This posting is provided "AS IS" with no warranties,
> > > > > > and confers no rights.
> > > > > >
> > > > > >
> > > > > > "Ganesh S" wrote:
> > > > > >
> > > > > > > Hi,
> > > > > > > i would like to know if some updations has been made to the DEX
> > > undocumented
> > > > > > > function Login_CreateLogin. This function is used in creating
> user
> > > logins
> > > > > > > through GP.
> > > > > > >
> > > > > > > Problem: While trying to Export Budgets from AA, none of the
> non
> > > sa users
> > > > > > > are able to export the budget. This is due to a dll file which
> > > retrives the
> > > > > > > connection for AA. In Montego, probably the security password
> > > encription is
> > > > > > > canged, causing the dll function to fail.
> > > > > > >
> > > > > > > Can i have some update on the DEX function Login_CreateLogin
> pls.
> > > > > > >
> > > > > > > Thanks
> > >
> 
> 
> 
0
PradeepMV (108)
11/16/2006 2:52:01 AM
Hi,
Thanks all for the details.
i would like to know, with each release or may be major release, are there 
any changes made to the init keys that need to be passed to the dll function??

like the initkey1 and initkey2 ???

We are using the values that were provided at the time of initial 
implimentation of GPConn.
As explained in the previous posts, the connection works if the password is 
edited from SQL manager and wont work if the same has been edited through GP.

Also i dont see any change in the signature of the function.

Which means it is either the change in the constants or parameters to be 
passed or a change in implimentation of GPConn.dll.

Any updates ???

Thanks
 

"Pradeep M V" wrote:

> When i searched in product studio regarding connection dll,i have found that 
> its is changed for sp1.We haven't got any info regarding the same and were 
> using 9.0 dll.The example code was send to us at the time of 9.0 release.We 
> found that same code using connection dll works for 9.0 but not working for 
> montego with same dll.But if we change password for non sa user from sql 
> manager its working fine.
> You mean to say we should log a CR for the same?But this problems(AA 
> budget/mqw export not working for non sa user) is logged for AA.
> 
> Thanks
> Pradeep
> 
> "David Musgrave [MSFT]" wrote:
> 
> > I don't believe any changes have been made since v9.0 was released.
> > 
> > This function is not documented as it is for internal GP use only.
> > 
> > I think you should log a support case with the tools team.
> > 
> > David Musgrave [MSFT]
> > Senior Development Consultant
> > Escalation Engineer - Great Plains
> > Microsoft Dynamics Support - Asia Pacific
> > 
> > Micorosoft Dynamics (formerly Microsoft Business Solutions)
> > http://www.microsoft.com/Dynamics
> > 
> > mailto:dmusgrav@online.microsoft.com
> > 
> > Any views contained within are my personal views and 
> > not necessarily Microsoft Business Solutions policy.
> > This posting is provided "AS IS" with no warranties, 
> > and confers no rights.  
> > 
> > 
> > "Pradeep M V" wrote:
> > 
> > > Hi David
> > > 
> > > Is there any changes made from 9.0 RTM to 9.0 SP1 and from 9.0 SP1 to 9.0 
> > > SP2 in security and password encryption?
> > > Where can we find details of connection dll and its usage?
> > > Is DEX function Login_CreateLogin documentmented in any help file?We were 
> > > unable to find out in 9.0 help.
> > > 
> > > Thanks
> > > Pradeep
> > > 
> > > "David Musgrave [MSFT]" wrote:
> > > 
> > > > The security and password encryption changed for v9.0.  I suggest you log a 
> > > > support case if you need specifics.  We cannot post security information on a 
> > > > public discssion group.
> > > > 
> > > > David Musgrave [MSFT]
> > > > Senior Development Consultant
> > > > Escalation Engineer - Great Plains
> > > > Microsoft Dynamics Support - Asia Pacific
> > > > 
> > > > Micorosoft Dynamics (formerly Microsoft Business Solutions)
> > > > http://www.microsoft.com/Dynamics
> > > > 
> > > > mailto:dmusgrav@online.microsoft.com
> > > > 
> > > > Any views contained within are my personal views and 
> > > > not necessarily Microsoft Business Solutions policy.
> > > > This posting is provided "AS IS" with no warranties, 
> > > > and confers no rights.  
> > > > 
> > > > 
> > > > "Ganesh S" wrote:
> > > > 
> > > > > Hi,
> > > > > i would like to know if some updations has been made to the DEX undocumented 
> > > > > function Login_CreateLogin. This function is used in creating user logins 
> > > > > through GP.
> > > > > 
> > > > > Problem: While trying to Export Budgets from AA, none of the  non sa users 
> > > > > are able to export the budget. This is due to a dll file which retrives the 
> > > > > connection for AA. In Montego, probably the security password encription is 
> > > > > canged, causing the dll function to fail.
> > > > > 
> > > > > Can i have some update on the DEX function Login_CreateLogin pls.
> > > > > 
> > > > > Thanks
0
GaneshS (12)
11/16/2006 2:42:02 PM
Reply:

Similar Artilces:

Worksheet change execution ends, but worksheet goes to never never
I've got a worksheet change event that when it ends, the focus is not on the active sheet. The only way I can get it back is to enter CTRL F4 and then cancel on saving the workbook. There are some cells referencing UDF's that are copied during execution. I've seen this before and I'm sure it's something simple, but as yet, have been unable to determine the cause. Can someone assist? Barb Reinhardt IIRC, I've seen this problem before when the "active cell" was hidden or was part of a merged range, but not the entire range. That'...

User Clss Security
I am new to Microsoft Dynamics, and performing an evaulation using Rel.9. I am attempting to set up user class security to assign to usrs when I add them. When I set up a class for purchaing for example, selecting Windows and a series of Purchasing to allow access to the purchaing screens and save this. Then create a user and assign the class to the user I am creating, the end result when I print a security report for this user, the user has far more authorizations than the windows I granted to the Purchaning class. Authorizations include advanced security, Financials and many others. W...

Changing Default Filter on Associated Activities
Hi can anyone confimr whether it is/isn't possible to change the default filter from 30 Days to All within the associated activities view ?? Thanks ...

Business Portal 3.0 with GP 8.0 or 8.5?
Hi there. I realize that in the Business Portal 3.0 documentation, one of the prerequisites for Business Portal 3.0 is GP 9.0. However, I would like to confirm that BP 3.0 absolutely won't work with previous versions of GP. Will it work at all with versions such as 8.0 or 8.5, even in a limited capacity? Thanks! Colleen Absolutely not. BTW, there is no such release as 8.5. When you try to install BP, it verifies the version of GP you have installed. -- Charles Allen, MVP "Colleen" wrote: > Hi there. I realize that in the Business Portal 3.0 documentation, one of t...

how do I change the default margins
1. Default margins for your Publisher publication? 2. Default margins for your text boxes? 3. Default margins for you printer? 4. Which version of Publisher? -- Brian Kvalheim Microsoft Publisher MVP http://www.publishermvps.com ~pay it forward~ This posting is provided "AS IS" with no warranties, and confers no rights. "carroway" <carroway@discussions.microsoft.com> wrote in message news:4C62391E-73D8-4146-9E63-15D7A48FDBCC@microsoft.com... > ...

CRM
I am using XP Pro and IE6.x. I usually log into my computer locally first, do some other work, then start IE, and point it to http://CrmHost:5555. It usually asks me for a login name the first time, but then I cannot shake off from the first login. I cannot "logout" and then use another user name to login to the CRM server. Any help would be appreciated. TonyT Try this Click Start -> All programs -> Right-Click on Internet Explorer icon -> Run as "TonyT" <TonyT@discussions.microsoft.com> wrote in message news:441C3279-3CDA-42FD-8C45-A7EB3B09D8A2...

Changing transparency of object colors
I need to lighten several objects before sending the file to the printer. When I increase the transparency, this shows up in the file, but not in print preview, and it prints the original darker tone. Any suggestions on what I might do to apply changes, etc. in order to get the changes to stick when printing? Many thanks. Select the object, right-click, save as picture, save as a hi-res tif or png. Insert the new image into your publication. -- Mary Sauer MSFT MVP http://office.microsoft.com/ http://msauer.mvps.org/ news://msnews.microsoft.com "ChrisP" <ChrisP@discussi...

Advanced Security Error
When I am in the Advanced Security form, I will select a user class (or user) and then select the "by menu" option on right of the form, I get the following error; The stored procedure WDC_Security_CloneClassEntity returned the following results: DBMS: 0, Microsoft Dynamics GP: 50403. I have search the knowledgebase and googled it and I can't find anything about how to fix this error. This error code means that it was trying to clone from an entity that did not exist in the Accelerator tables. I suggest that you Reset the Accelerator from the Advanced Security Options w...

MS Excel file extension changed through e-mail
MS Excel .xlsx files sent as attachments are received without the x, as a .xls instead. The same is true for MS Word .docx changed to .doc Answered in the Word group. Please don't post the same question in multiple groups. It not only causes responders to waste their time replying to questions that have already been answered but it also makes it more difficult for you to follow up on the replies. If it truly is an issue that involves more than one app either post to the Office group rather than the individual groups or use a newsreader rather than the web interface & learn to ...

Recipient Policy on a Group of users??????
I have approximately 100 users all in one Organizational unit that need a particular email address. The problem i am having is that when i create a group and add the users to that group and then set the recipient policy to apply the email address to the group. The users dont get the email address only the group itself. I have tried all the different types of groups (Distribution, Security, Query based group, etc....) and nothing seems to work. I have seen other post saying specify a custom attribute for the users and search on that. This works with one or two but i have over 100, and i ...

Outlook2K7/Vista & Security Certificates??
I'm using Outlook 2007 and Vista Ultimate. My AOL IMAP mail worked fine until a about a week ago. Now I get this error message: "The server you are connected to is using a security certificate cannot be verified. Do want to continue using this server" I click "Yes" and it downloads the new email, but I have to do this each time I open Outlook 2007. Anyone have any clues how to fix this? Any feedback would be greatly appreciated. Thx can you download the certificate and add it to your trusted certs? -- Diane Poremsky [MVP - Outlook] Author, Teach Yourself Outl...

Security
Now with Money 2005 it seems you are pretty much required to use an MSN Passport to take advantage of its features. This means all your financial information is somewhere on some Microsoft server. Not only some statements from a certain bank, but ALL of your info. Your checking and savings accounts, your investment and retirement accounts and all the necessary passwords to access these accounts at each particular bank. Together with individual notes you may have added to each transaction (and with the combined information of all of your accounts) anyone accessing your data gets a pr...

Change event?
I have the following code in "This woorkbook" Private Sub Workbook_Open() Application.CommandBars("Worksheet Menu Bar").Enabled = False Application.CommandBars("Standard").Enabled = False Application.CommandBars("Formatting").Enabled = False Application.CommandBars("Cell").Enabled = False Application.DisplayFormulaBar = False Application.DisplayStatusBar = False End Sub Private Sub Workbook_BeforeClose(Cancel As Boolean) Application.CommandBars("Worksheet Menu Bar").Enabled = True Application.CommandBa...

auto signature change?
Is there an add-on or other software that automatically cycles through a group of signature blocks? I want it to pick a signature block either randomly or cycle through signature blocks that I have written. Kozmo ...

Proper Security Settings on Exchange Install Folder?
I am trying to nail down the security of our Exchange 2003 servers before we start a mass migration off 5.5. One issue I am dealing with is securing the Exchange install directory, in my case c:\program files\exchsrvr I have a Microsoft Press Book "Secure Messaging with MS Exchange Server 2003" that talks about doing this on page 144, but the details aren't as clear as I would like them. For example, they say to remove the everyone inheritance. I don't have that. (thats not my question - but right away I'm seeing the book completely different from what I have) Th...

security setup
is there anyway to change security level of cashier by time. for example from 9am to 1 pm they have different security level and from 1 to 5 they have different. Also is there anyway to disable "tender" button on POS for all cashiers. i want to dedicate one of my machines just to make work orders so knowbody can tender amount on it. thank you Shoby, Not that I'm aware of. If you can't press the F12 Tender button, you can't save the workorder. But you can disable the Amount column in the Tender screen. When in POS, click on the bottom blank button on the le...

How do Bar chart where Bar colour changes with different data Valu
hi, I would like to develop a Bar chart, which changes its bar colour for different data values. e.g for a cell format and to change colour of a cell for different values we can use conditional format. Hi, Have a look an Jon's example of conditional charts. http://peltiertech.com/Excel/Charts/ConditionalChart1.html Cheers Andy Zeeshan wrote: > hi, > I would like to develop a Bar chart, which changes its bar colour for > different data values. e.g for a cell format and to change colour of a cell > for different values we can use conditional format. -- Andy Pope, Micro...

Picklist value doesn't change when changed in a workflow
Hi There I have a custom picklist attribute which is on a custom entity, the picklist has been created to replace the standard status and status reason values. When I try to change the value in a workflow the workflow step succeeds but the value doesn't change. Any help would be greatly appreciated. On Aug 21, 3:27=A0pm, MayBoy <andy...@paradise.net.nz> wrote: > Hi There > > I have a custom picklist attribute which is on a custom entity, the > picklist has been created to replace the standard status and status > reason values. When I try to change the value in a wo...

Outlook 2000 security update
Does anyone know how to disable the Outlook 2000 security update? which one/why ? N "Jeremy" <jeremylee1975@yahoo.com> wrote in message news:01dc01c3ce3e$3509e140$a301280a@phx.gbl... > Does anyone know how to disable the Outlook 2000 security > update? ...

Default Security Roles for Canadian Payroll
It would be nice to have the same type of security roles in Version 10 when you install Canadian Payroll as you do with US payroll. Fliehigh You could probably "mimic" the same security roles for Canadian payroll, no? Best regards, -- MG.- Mariano Gomez, MIS, MCP, PMP Maximum Global Business, LLC http://www.maximumglobalbusiness.com "Fliehigh" wrote: > It would be nice to have the same type of security roles in Version 10 when > you install Canadian Payroll as you do with US payroll. > > Fliehigh No because the tasks do not mimic or relate to the US P...

My hyperlink address change?
I have already make address in my excel worksheet into Network but suddenly the address become change to c:\ prompt evenly my former address in Network..example: my original address-->(In My Network Places) file:///\\Id740dc01\engineering\Drawings\Sales Drawings\... now suddenly become-->file:///C:\Documents and Settings\gc000014\Application Data\Microsoft\Drawings\Sales Drawings\... Now, my big problems I must Hyperlink all worksheet in excel one by one with number of 3000 files, it's so hard. This is because of excel or else?Can I not hyperlink it one by one but mass hyperl...

Outlook 2003 Security
Hi everyone, I am having a problem with outlook 2003 when i am trying to synchronise my nokia 8210i phone to my addresses and calendar. When i try and do this i get the box popup that says that i have to allow access, so i press 10 minutes and allow. The only problem is that i have too much stuff i think and it takes longer then 10 minutes to sync. Its also through a serial cable, so it doesnt help. But when the 10 mins is up, then it wont allow the sync to finish and so it drops the connection with the nokia without finishing what needs to be done. I have tried the little install of click ye...

Apply that security package
--yuockqlvko Content-Type: multipart/related; boundary="mkoqpquddlxw"; type="multipart/alternative" --mkoqpquddlxw Content-Type: multipart/alternative; boundary="erudxjyh" --erudxjyh Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Microsoft Consumer this is the latest version of security update, the "September 2003, Cumulative Patch" update which resolves all known security vulnerabilities affecting MS Internet Explorer, MS Outlook and MS Outlook Express as well as three newly discovered vulnerabilities. Install now to help main...

Secure Site Security Emblem
Windows XP(Home) SP3, OE6, IE8; Plenty of RAM & HHD space. Continuous checks for Virus/Malware 1.4Ghz, VIA Technologies, Inc. 8 kilobyte primary memory cache, 256 kilobyte secondary memory cache, P4X266-8233, Enclosure Type: Desktop V2 Premier, Windows XP (Home) SP3, 2 External USB 500/1TB Hard Drives (NTFS), 1.5 GB Ram, Upgraded PSU, Belarc Advisor, Multimedia - lists, MPU-401 Compatible MIDI Device - Realtek AC'97 Audio for VIA (R) Audio Controller - Standard Game Port. Circuit Board: P4X266-8233, Bus Clock: 100 megahertz, BIOS: Award Software International, Inc. 6.0...

Can't Change Personal Information Logo
Does anyone know how to remove the logo that gets into the Personal Information box. All other fields can be deleted but not the Logo. Publisher does not prompt to update change to Personal Information when a file is saved, even though I have turned on 'Update Personal Information When Saving' in the Tools Options menu. Thanks, Mike Ward ...