Don't Let CRM Authentication Changes Tank Your Integration

 It would seem that Microsoft is currently in the process of phasing out "basic style" authentication methods.  They intended to phase out basic authentication in Business Central 2021 wave 1 but that got pushed back to 2022 wave 1.  For CRM, though, the time is now.  For those of you still running on older NAV systems, you are going to start seeing CRM integration break in the coming months due to elimination of Regional Discovery Services.  There are different options to buy yourself some time but you should start coming to terms with the fact that OAuth authentication is is in your future.

There is a short term solution (until April 2022) for NAV versions 16 and above.  For 17, there will be a hotfix to implement OAuth but for 16 you will most likely need to do a technical upgrade along with merging in the necessary OAuth code - and that's just a guess.  For this post, I'm going to document the process for implementing the short term fix to update the XRM libraries.  I'm starting with some older installs of 16 and 17 so I should be hitting all the speed bumps.  So, here we go...

Step 1: Make sure you have .NET 4.6.2.  I've always felt there should be an elegant way to do this but you have to check the registry:


As long as your Windows Updates are current, you're probably going to be ok.

Step 2: Download and install the CRM toolkit.  The CRM toolkit is published as a NuGet package and is meant for consumption by Visual Studio.  Because we are not using it in that manner, we will need to go through some steps to get what we want.  First, download the package from the Microsoft NuGet gallery.  You will need to make use of the package download link.

This may ask you if it's ok to download multiple files and should result in a file named "microsoft.crmsdk.coretools.9.0.2.11.nupkg" in your downloads folder.

Step 3: Install.  In order to extract the contents of the file you just downloaded, you will need to rename it.  It's really a .zip file so let's just change the extension.


Per the directions, we want the files in content\bin\coretools.

Step 4: Stop the service tier.  Simple enough but when it's time to implement this in production you need to schedule downtime.

Step 5: Copy the files.  These are four files that you need:

Microsoft.Crm.Sdk.Proxy.dll
Microsoft.Xrm.Sdk.Deployment.dll
Microsoft.Xrm.Sdk.dll
Microsoft.Xrm.Tooling.Connector.dll


Copy them to a location on your system that is not restricted (not under Program Files or Windows).  This will allow you to unblock the files.  Once they are in their final location, you may not be able to unblock them.


These are going to need to go anywhere where the dll's might be used (duh!).  
  • The service folder.
  • Any development environment that you want to compile from, which should be either on the NAV server or a development server.
  • Any environment that you want to use the New-NAVCrmTable command from.  You would only use this if you were extending CRM functionality to integrate new tables.
So, for the service tier it will either be 

C:\Program Files\Microsoft Dynamics 365 Business Central\<version>\Service\DataSources\XrmV9
or
C:\Program Files\Microsoft Dynamics NAV<version>\Service

in my case, it was here:


Now for the client.  You don't necessarily have to do this but you should.  The files will go in either

C:\Program Files (x86)\Microsoft Dynamics 365 Business Central\<version>\RoleTailored Clientor
C:\Program Files (x86)\Microsoft Dynamics NAV\<version>\RoleTailored Client

in my case, it was here: 

Note: in both cases, it didn't prompt me to overwrite all of the files.  Some of them were new.  That's ok.


Step 6: Update the bindings.  .NET has a way to override dependencies so that you can upgrade libraries without having to recompile your application.  To do this, you need to modify the corresponding config file that exists for any .NET application.  (If you have a .NET application named donuts.exe, there will be a donuts.exe.config.)

The easiest way to do this is to open a command prompt with administrative privileges.  Then you can edit the configuration files without any security issues.


You will need to edit these files:

  • C:\Program Files\Microsoft Dynamics NAV\<version>\Service\Microsoft.Dynamics.Nav.Server.exe.config
  • C:\Program Files (x86)\Microsoft Dynamics NAV\<version>\RoleTailored Client\Microsoft.Dynamics.Nav.Client.exe.config
  • C:\Program Files (x86)\Microsoft Dynamics NAV\<version>\RoleTailored Client\Finsql.exe.config

As mentioned before, you always need to edit the server config, sometimes need to edit the finsql config and almost never need to modify the RTC config.

This is what you will need to add/change:

1
2
3
4
5
6
7
8
      <dependentAssembly>
         <assemblyIdentity name="Microsoft.Xrm.Sdk" publicKeyToken="31bf3856ad364e35"/>
         <bindingRedirect oldVersion="0.0.0.0-9.0.0.0" newVersion="9.0.0.0"/>
      </dependentAssembly>
      <dependentAssembly>
         <assemblyIdentity name="Microsoft.Xrm.Tooling.Connector" publicKeyToken="31bf3856ad364e35"/>
         <bindingRedirect oldVersion="0.0.0.0-3.0.0.0" newVersion="3.0.0.0"/>
      </dependentAssembly>

This is what my server config file looked like (yours may be different):

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
<?xml version="1.0"?>
<configuration>
  <configSections>
    <section name="uri" type="System.Configuration.UriSection, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
  </configSections>
  <appSettings file="CustomSettings.config"/>
  <system.diagnostics>
    <assert assertuienabled="false"/>
  </system.diagnostics>
  <uri>
    <schemeSettings>
      <add name="http" genericUriParserOptions="DontUnescapePathDotsAndSlashes"/>
      <add name="https" genericUriParserOptions="DontUnescapePathDotsAndSlashes"/>
    </schemeSettings>
    <idn enabled="All"/>
    <iriParsing enabled="false"/>
  </uri>
  <system.net>
    <settings>
      <httpListener unescapeRequestUrl="false"/>
    </settings>
  </system.net>
  <runtime>
    <NetFx40_LegacySecurityPolicy enabled="true"/>
    <gcServer enabled="true"/>
    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
      <dependentAssembly> 
         <assemblyIdentity name="DocumentFormat.OpenXml" publicKeyToken="31bf3856ad364e35"/>
         <bindingRedirect oldVersion="0.0.0.0-2.5.0.0" newVersion="2.5.5631.0"/>
      </dependentAssembly>
      <dependentAssembly>
         <assemblyIdentity name="Microsoft.Xrm.Sdk" publicKeyToken="31bf3856ad364e35"/>
         <bindingRedirect oldVersion="0.0.0.0-9.0.0.0" newVersion="9.0.0.0"/>
      </dependentAssembly>
      <dependentAssembly>
         <assemblyIdentity name="Microsoft.Xrm.Tooling.Connector" publicKeyToken="31bf3856ad364e35"/>
         <bindingRedirect oldVersion="0.0.0.0-3.0.0.0" newVersion="3.0.0.0"/>
      </dependentAssembly>
    </assemblyBinding>
  </runtime>
  <startup>
    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5"/>
  </startup>
</configuration>

...and my finsql.exe.config:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
  <runtime>
    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
      <dependentAssembly>
        <assemblyIdentity name="DocumentFormat.OpenXml" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="0.0.0.0-2.5.0.0" newVersion="2.5.5631.0"/>
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="Microsoft.Dynamics.Framework.UI.Extensibility" publicKeyToken="31bf3856ad364e35" culture="neutral"/>
        <bindingRedirect oldVersion="1.3.0.0-8.0.0.0" newVersion="9.0.0.0"/>
      </dependentAssembly>
      <dependentAssembly>
         <assemblyIdentity name="Microsoft.Xrm.Sdk" publicKeyToken="31bf3856ad364e35"/>
         <bindingRedirect oldVersion="0.0.0.0-9.0.0.0" newVersion="9.0.0.0"/>
      </dependentAssembly>
      <dependentAssembly>
         <assemblyIdentity name="Microsoft.Xrm.Tooling.Connector" publicKeyToken="31bf3856ad364e35"/>
         <bindingRedirect oldVersion="0.0.0.0-3.0.0.0" newVersion="3.0.0.0"/>
      </dependentAssembly>
      <probing privatePath="Add-ins\CodeViewer;Add-ins\CodeViewer\CommonComponents;Add-ins\CodeViewer\EditorComponents"/>
    </assemblyBinding>
  </runtime>
</configuration>


Step 7: Restart your services.  If you got everything in the right place, they will start.  I messed up the XML on my first attempt and got an error about SxS (Side by Side) configuration being wrong.  It was just a missing bracket.

Step 8: Modify the C/AL code to reference the new libraries.  This won't be required in your production deployment (at least it better not be) because you will already have modified objects to import.  For this step, you will need to open (or reopen, as the case may be) a development environment that has the new libraries installed and switch to a license with development capability.

Export codeunit and table 5330 to a text file:


At this point, my experience (working in NAV 2016 and 2017) starts to deviate from the instructions.  

The instructions say to remove versioning information from the .NET variable declaration and indicates there will be a Microsoft.Xrm.Sdk reference and a Microsoft.Xrm.Tooling.Connector reference.  I only found a reference to Microsoft.Xrm.Sdk, so I just changed that.  I also changed the version number rather than deleting it entirely.  The new version is 9.0.0.0.

2016 only had two references, 2017 had many, many more so you will definitely want to do a find and replace!


I then imported and compiled my changes and they worked!


If you have any strange error messages when compiling, starting services or testing DON'T PANIC!  Just go back and make sure you've...

  • Got the right files where they need to be (confirm by right-clicking the file, going to properties and selecting details.


  • Make sure the files are unblocked.
  • Make sure you've changed the library version in code.  Select all objects with CRM in the name (*CRM*) and compile them.
  • Make sure you've updated your config files.
  • Check the Event Viewer.  There will likely be more information there.
Good luck and remember - you still need to get to OAuth!

Comments

Post a Comment

Popular posts from this blog

Accessing Dynamics NAV OData with Postman

Image
1/13/20 - This apparently only applies to NAV.  See note at the end for connecting to Business Central It took me a little while to nail down authenticating to a Dynamics NAV OData web service with Postman.  Fiddler does it quite easily but I suspect it is a little more intelligent while Postman requires the correct settings for everything. First, in NAV you need to have NTLM authentication enabled.  I have found this is required any time you want to use the web services with anything other than .NET (and even then...). Now, with NTLM enabled, you might think the authentication is NTLM but you'd be wrong.  It's Digest.  There are two flavors of Digest: MD5 and MD5-sess.  By default, Postman will come up with MD5.  I discovered it was supposed to be MD5-sess by using Chrome's developer console.  With this console open, make the GET request and you can see all of the data being exchanged. Within the Authorization header, toward the end, you wi...
Read more

When you are falsely accused of not having SQL Server Report Builder installed

Today I was updating some report objects from a text file for an older BC13 upgrade.  Yes, even at this late date BC13 can be an "upgrade".  Long story.  Anyhow, in the process of pulling in reports I got an error message To upgrade reports, you must have Microsoft SQL Server 2016 Report Builder installed. The problem is, I did have SQL Server 2016 Report Builder installed.  Some cursory Googling revealed that someone else had run across this and their solution was to install an older version of the report builder.  Not satisfied with this option, I ran the import under Process Monitor .  Process Monitor showed that BC was looking for Microsoft.ReportingServices.RdlObjectModel.dll and not finding it.  Sure enough, that file was nowhere to be found.  I did find an article on that indicating that it was a part of older report builder installations and I managed to find it on my development system under some Docker containers (of all places)....
Read more

Error with Zetadocs on Sharepoint Online

Image
I was recently setting up Zetadocs on a new server (existing database) and I got this message when closing the General Settings screen. Exception of type 'Microsoft.Dynamics.Nav.Types.Exceptions.Encryption.NavEncryptionKeyNotFoundException' was thrown. I couldn't find the error anywhere in Google, hence this post.  The problem is that on a new server, the key needed to decrypt Sharepoint Online's login information will not have been installed.  To fix this, first connect to the service where Zetadocs was first installed (or is working) and open the Enrcryption Management screen. Click the "Export Encryption Key" button and save the key to a file.  You will be prompted to secure the file with a password. Once you have the file saved, copy it to the new server then go into the Encryption Management screen on its service and click "Import Encryption Key".  Enter the password for your file and the new key will be imported.
Read more