JohanPersson.nu

My Digital Brain

  • DualWrite Error [DIPV1004] – Explained 

    Sometimes when you customize a mapping (in this example DV Released Products), you will get an error similar to Project validation failed. [DIPV1004]… this error comes from Data Integrator in Dataverse, which is the engine that drives DualWrite.

    Lets dig into why we get this error. According to the MS Learn article about Data Integrator Error codes for dual-write and Data Integrator, this error means the following:

    “Integration key field isn’t bi-directionally mapped

    The entitiy in my case was DV DV Released products, where I had added a field for Search Name.

    Lets first look at the Integration Keys for the DV Released Products / msdyn_sharedproductdetails

    The fields that are Integration Keys in DualWrite are ItemNumber and Company and when we look at those fields in the DW mapping, ItemNumber is mapped 1-way, this means that no other fields, inte mapping profile, can be mapped 2-way. (The company Code is almost always in the mapping due to the concept of Legal Entities).

    In my case, the SearchName field was accidentally mapped two way. When I fixed it, the error went away and I was able to do an Initial Sync

    Links:
    Error codes for dual-write and Data Integrator

  • What is a Released Distinct Product

    When you map products between Dyanmics 365 for Finance and Supply Chain and Dynamics 365 for Sales there are a couple of basic concepts that are important to think about.

    Products

    Product in FnO contains master data. It is also a global table, available in all Legal Entities. To sell a “product” we first need to release it in a Legal Entity. Dualwrite syncs these to the table msdyn_globalproducts.

    Released Products

    A Released Products, also known as an Item is a product that is released to a Legal Entity. In D365FO, Microsoft has created a custom entity that is used for syncing Released Products to CRM, called DV Released products. In the Dualwrite mapping, it is syncing to the table called msdyn_sharedproductdetails.

    Released Distinct Products

    As you notice, none of the dataverse tables above, are native CRM tables for products (the hint here is the prefix msdyn_). Du to the difference in data structure between ERP and CRM, Microsoft created and additional Data Entity in FnO that we can sync more easily to CRM. DV Released distinct products is basically a copy of Released Products, with some added metadata such as Configuration, Color and Size.

    Sometimes when you set up Dualwrite, lines in the databases does not sync correctly in the Initial Sync and then you need to help them along a bit. In order to “touch” (edit them to force a sync) Products and Released Products in FnO you simply go to the UI for these in Product information management. There is no “workspace” for Distinct Released Products.

    In order to trigger a sync of a Released Distinct Product to Products, you need to touch one of these fields:

    The easiest is to go to Products (not the Released Product) in FnO and edit the Description Field. That will trigger a sync.

  • Dualwrite: Missing order lines

    When setting up Dualwrite for orders and quotes and doing initial sync, sometimes all order/quote lines do not sync over correctly. Especially if you have historical orders that are already delivered.

    If an order is delivered i FO and the head of the quote/order is synced to CE, the lines will not sync. The result is that whenever you try to do something to that order (for instance invoice it), there is logic in CE, that sees that is Delivered and thus sets it to read-only. Depending on if this happens during initial sync or during Live sync, there are different methods to fix this.

    Initial Sync

    While you are initial syncing quotes/orders you can use a workaround in order to correctly sync lines to an invoices/delivered order/quote.

    The trick is to manipulate the sync mapping for the order/quote header and set all headers, temporarily, to open. NOTE: this is only temporary in order to get the lines to sync correctly.

    1. Open the DualWrite workspace and go the mapping for Dynamics 365 Sales order headers (salesorders).

    2. If it is started, stop the mapping.

    3. Find the SALESORDERPROCESSINGSTATUS line and change delivered and invoiced to 192350000 (this will set them to active in CRM).

    4. Click Save as to save the mapping. Give it a good description so you don´t use it by mistake.

    5. Perform the initial sync for Dynamics 365 Sales order headers (salesorders).

    6. Sync Dynamics 365 Sales order lines (salesorderdetails)

    7. Set the mapping for Dynamics 365 Sales order headers (salesorders) back to the correct mapping and perform a new initial sync.

    8. Start the mappings for Dynamics 365 Sales order headers (salesorders) and Dynamics 365 Sales order lines (salesorderdetails) without syncing it again.

    Live Sync

    When you are already live with the solution and you find an order that is missing lines, the issue is that you can not run initial sync, because that would destroy the data.

    To figure out if this is your issue, open the order in FnO and CE and compare them. If the order is missing lines or the entire order is missing from CE, go through these steps:

    1. Open the order in FnO
    2. Select the first line in the order and click Update line – Deliver remainder


    3. Set the Sales Quantity and Inventory Quantity to 1 and click OK


    4. The status of the order is not set to Open Order and the order should exist in CE with the line you made the change for.


    5. If there are more lines on the order in FnO which have not synced to CE, make a small edit to the line (add a . to the Text field). This will force it to sync.
    6. When the order is correct in CE, go back to the first line in FnO and click Update Line – Deliver remainder. Click Cancel quantity.

    The order is now back to the status Delivered.

  • Dual Write core application error-SecureConfig Organization (XXXX) does not match actual Dataverse Organization (YYYY)

    We are working with a a couple of customers that are running Dualwrite to sync between ERP and CRM.

    Today one of my colleagues called me and told me he could not create an account in an environment at one of these customers… he got a Dualwrite error 😮

    Dual Write core application error-SecureConfig Organization (XXXX) does not match actual Dataverse Organization (YYYY)

    (the names have been changed to protect the innocent)

    The weird thing is that this particular environment is not even connected with Dualwrite. It does not even have a D365FO app installed. It has however been refreshed from an environment that has Dualwrite active.

    The best practice, when refreshing environments with Dualwrite is that you reset the Dualwrite configuration and activate all of the mappings again. The reset is done from within the FnO Dualwrite configuration screen:

    Since this environment does not have a FnO app, there is no way to reset the configuration. We need to do this the hard way 🙂

    To fix this, do the following:

    1. Browse to https://make.powerapps.com and select the correct environment

    2. Go to Tables, view all tables and find the table called Dual Write Runtime Configuration. This table contains the Dualwrite configuration. Usually when you are resetting the Dualwrite connection after a refresh this table is emptied.

    3. Open the table, select all the rows and delete them.

    Links:

    F&O 💙 Power Platform – Database Refresh – Carina M. Claesson

    Dual Write – Organization does not match actual Dataverse Organization

  • App Insights for FnO in 15 Minutes

    When LCS is being deprecated eventually, we will loose our main source of out of the box monitoring and telemetry for Dynamics 365 for Finance and Supply Chain. Fortunately Microsoft has a plan and D365Fo is now able to connect and sent telemetry to Azure Application insights.

    Application Insight is Microsoft’s service for Telemetry and Insights. It receives data, stores it in a database and you run queries against it and build dashboards to see health of your environment. Most Azure Services can also sent telemetry to Application Insights, this means that you will have a "single pane of glass" where you can see D365FO and Integration Services in the same timeline.

    When I talk to my customers, most of them think that is a hard thing to set up… in this post I will show the steps and do it in 15 minutes:

    1. Create a new App Insights Instance

      Pasted image 20250514090510.png
      Wait for it to finish

    2. Set retention of data. If you are doing the setup for test, dev or lab it is a great idea to limit the amount of data that is saved (since that is what drives cost)

      1. Go to the Analytics Workspace
        BlogPost - Appinsights in 15 Minutes.png
      2. Click Usage and Estimated Cost
        BlogPost - Appinsights in 15 Minutes-1.png
      3. Set a Daily Cap to limit the amount of data collected per day
        BlogPost - Appinsights in 15 Minutes-2.png
      4. Set the time data will be retained
        BlogPost - Appinsights in 15 Minutes-3.png
    3. In FnO, activate the Feature "Monitoring and Telemetry"
      Pasted image 20250514090844.png
    4. In Fno Go to Monitoring and Telemetry in System Administration
    5. Activate all the checkboxes
      Pasted image 20250514091013.png
    6. In Environments, create your environemtn

      1. ID in LCS or in PPAC
      2. Set Mode
      3. Save
    7. In Application Insight Registry

      1. Enter instrumentation Key from Azure
      2. Enter the Connection String
    8. Verify functionality

      1. Click around in FnO
      2. In the Log Analytics Workspace, click Logs and dismiss the pop-up
      3. Click Page Views and choose run
        BlogPost - Appinsights in 15 Minutes-4.png
      4. Now you have data 🙂
        BlogPost - Appinsights in 15 Minutes-5.png
        This was a really quick setup (it actually took 15 minutes, including the initial draft of the blog post) of App Insights and as you might imagine now we are at the point where the real work starts. Making sense of your data is the real job.

    Microsoft Fasttrack has released a bunch of ready-made reports and dashboards that you can use to get started. These are made for Azure Data Analytics which I will set up in a later blogpost. There are also a whole bunch of new feature coming that we will also look into in later posts.

    Good Luck getting started with Application Insights

  • Excel Addin – A superpower

    Since Microsoft released I have made heavy use of a Excel Addin for Dynamics 365 for Finance and Supply Chain. It is really an amazing tool for performing bulk edits.

    One of the issues that I see a lot when setting up DualWrite for customers, is that Customers have their own account number set as pointing to themselves

    This is not an option since Dataverse does not allow circle references in a table. As far as I have understood (when asking my finance colleagues) emptying the invoice account field is not a problem, since the account defaults to itself as invoice account. The can however be accounts that have a different invoice account set, and those of course should not be removed.

    I usually use Excel Addin to identify and remove the invoice account where it should be removed.

    Open Customers in Excel

    Create a Conditional Access Rule

    1. From the Banner Meny go to Home – Conditional Formatting – Manage Rules

    2. Click New Rule… Choose Use Formula to determine which cells to format

    3. Enter the formula =$D2=$G2 and choose Format to change formatting to Fill with Red

    Change Applies to include all your rows (in my ca

    Filter by color

    Delete the affected fields

    Publish the data back to FnO

  • Azure Risky Logins for Guests

    A while ago, one of my colleagues contacted me with a login issue.

    The colleague was trying to log into a customers environment (where she is a guest user) with her company account (from our company). When trying to login, this error appeared:

    In Microsoft Entra ID, the is a functionality called Risky Sign-ins. Users that try to log in a “weird” way, for instance login from a Dutch IP one minute after login from a Swedish IP (there is a link at the bottom of the post with more detailed information.

    This information is logged in EntraID and (sometimes) acted upon. The reason i say sometimes, is because the action part requires an EntraID P2 license.

    When the colleague contacted me, I thought that this should not be happening, because we do not have EntraID P2 licenses for our users.

    After some digging and looking at the colleagues account, in the Azure Portal, i saw that it had a risky login and when I cleared it, it started working.

    Apparently the information about risky login follows the guest accounts over to our customers tenant and the customer had enforcement of risky users enabled… well, I learned something today as well 🙂

    Links:
    https://learn.microsoft.com/en-us/entra/id-protection/concept-identity-protection-risks

  • Basic SKU Public IP addresses will be retired on 30 September 2025

    Microsoft has announced that all Basic SKU Public IP addresses in Azure will be retired on 30 September 2025. If you’re currently using Basic SKU IPs, it’s time to start planning your upgrade to the Standard SKU to avoid service disruptions. This change affects virtual machines, load balancers, and other resources relying on Basic IPs—so early action is key.

    Basic vs Standard Public IPs (Source: Microsoft Learn)

    AspectStandard SKU Public IPBasic SKU Public IP
    Allocation MethodStaticIPv4: Dynamic or Static<br>IPv6: Dynamic
    Security ModelSecure by default (closed to inbound traffic unless explicitly allowed via NSG)Open by default (NSG optional)
    Availability ZonesSupported (non-zonal, zonal, or zone-redundant)Not supported
    Routing PreferenceSupportedNot supported
    Global Tier SupportSupported (via cross-region load balancers)Not supported
    Standard Load BalancerSupportedNot supported
    NAT Gateway SupportSupportedNot supported
    Azure Firewall SupportSupportedNot supported

    Basic vs Standard Load Balancer (Source: Azure Docs)

    FeatureStandard Load BalancerBasic Load Balancer
    ScenarioHigh performance, ultra-low latency, zone-aware, cross-regionSmall-scale apps, no zone support
    Backend Pool TypeIP-based, NIC-basedNIC-based
    Protocol SupportTCP, UDPTCP, UDP
    Health ProbesTCP, HTTP, HTTPSTCP, HTTP
    Availability ZonesZone-redundant, zonal, non-zonalNot available
    DiagnosticsAzure Monitor multi-dimensional metricsNot supported
    HA PortsAvailableNot available
    Secure by DefaultClosed to inbound flows unless allowed via NSGOpen by default
    Outbound RulesDeclarative outbound NAT configurationNot available
    TCP Reset on IdleAvailableNot available
    Multiple FrontendsInbound and outboundInbound only
    Management OperationsMost < 30 seconds60–90+ seconds
    SLA99.99%Not available
    Global VNet Peering SupportSupportedNot supported
    NAT Gateway & Private LinkSupportedNot supported



    In order for your VMs to continue to function after September 30th 2025 you need to update this.

    How Do I Know

    To see which VM has the old SKU of IP. Go to the Azure Portal and search to Public IP in the top search bar. You will get a list where all Public IPs are listed.

    What do I need to do?

    If the VM is OLD and only used for development, it is fairly easily replaced. Either you just reploy it from LCS (the new VM will have the correct IP SKU) or if you are up for it, you can deploy one of MS fancy new Universal Development Environments and then you will not have to worry about the infrastructure again.

    If you need to keep the VM, there is an option to update the IP address, however, all of the VMs that I have needed to update were created from LCS and all of those have a loadbalancer that also needs to be updated.

    Upgrading the LoadBalancer

    Since all of the VMs deployed from LCS have a loadbalancer and if you have an older VM, with a legacy IP, chances are that you also have a Basic LoadBalancer. Since we cannot have a Standard IP connected to a Basic LoadBalancer, we need to update them both. Fortunately there is a nice script to do this.

    Start a Cloud Shell (Powershell) in the Azure portal and import the module

    Install-Module -Name AzureBasicLoadBalancerUpgrade -Scope CurrentUser -Repository PSGallery -Force

    Run the script in validation mode to validate that all prerequsites are in please (Issues that I ran into are documented below):

    Start-AzBasicLoadBalancerUpgrade -ResourceGroupName [ResourceGroupName] -BasicLoadBalancerName [LoadBalancerName] -validateScenarioOnly:$true

    If that goes through without a hitch, run the same script but without the ValidationScenarioOnly switch

    Start-AzBasicLoadBalancerUpgrade -ResourceGroupName [ResourceGroupName] -BasicLoadBalancerName [LoadBalancerName]

    When you run the update script for the LoadBalancer, it will also update the Public IP to a Standard SKU

    Missing Backend Pool

    On some of the VMs I have updates, I experienced that the LoadBalancer configuration was missing a Backend Pool and that the VM was not in that non existing pool.


    To add the pool and the VM, go to the LoadBalancer, open Settings – Backend Pools, click add. Give the pool a name (vm-backend-pool) and add the VM to it by clicking Add

    Updating the IP

    To update the IP you will need to temporarily disassociate it from the VM and the reconnect it after the update. These are the steps to do it:

    1. Associate the IP from th eresources it is connected to

    Links
    Upgrade a public IP address | Microsoft Learn

    Upgrade from Basic to Standard with PowerShell – Azure Load Balancer | Microsoft Learn

    Upgrade Basic Public IP Address to Standard SKU in Azure | Microsoft Learn

    Azure Load Balancer SKUs | Azure Docs

  • Using Open Source Software in your Dynamics Implementation

    The idea of this article started for a couple of reasons: The first thing that happended was that Alex Meyer released his D365FO Admin Toolkit on GitHub. The second thing that happened was that I read the brilliant article Scary dangerous creepy tools by Jonas Rapp) and these two things made me think about the Benefits and Challenges of using Open Source in Dynamics 365 for Finance and Supply Chain. (Since then there have been others such as Jonas Feddersen Melgaard´s D365FinanceToolbox)

    First of all I will dive into some background… About 10 years ago, I left the “IT Infrastructure” world and ventured into the Dynamics world. On the infrastructure side, Open Source Software is a big thing. The majority of web servers on the internet, runs on Linux, a lot of our Internet appliances (such as firewalls and routers) runs on Linux, more than half the worlds cell phones has a base in Open Source and a lot of components such as Curl, OpenSSH and Mermaid are used by millions of business users every day, since they are all baked into commercial products. In fact, 60% of all compute cores in Microsoft Azure runs some version of Linux.

    So the question is; why is it OK to use Open Source Software, built by the community, everywhere else but not in Dynamics… “Because it is our super-duper critical ERP System of course!!!!”. Well I would argue that there are more important systems in your organization (not to belittle your ERP system) that are using at least a couple of Open Source components. That means that the actual issue is not the code itself… it is something else. In this article we will try to understand the blockers and why the might not be relevant.

    Mentioning the fact that a lots of commercial closed source software uses Open Source components, I agree, is a bit dis-honest. However it makes a good point and I think it puts a finger on the real issue here: Responsibility. When a company embeds a 3rd party component in the software, they assume responsibility for it. They agree to patch it (which is not always done) and they agree to take responsibility for the end product towards the customer. We will come back the question of responsibility later in this text.

    The Benefits

    There are a couple of benefits of using software, made by someone else, in our solution. The most obvious one is the same as the argument for ISV software. We do not need to start building something from scratch and that means that we can free up time for our project and for our developers to do other things.

    There is also the the quality argument. If someone has built it and many other uses it, the risk of it being broken is smaller than if everyone build their own solution to a common problem. Working iteratively on a common software base over time will hopefully make it less likely to break. Another argument here will be “But we are solving our own, unique issues” and that might be so… but not all of your challenges are unique. If you have an issue in Dynamics, then it might be that others have the same issue and and that they need to solve it too.

    There is also the question of missing features in the product. When Microsoft add new features to Dynamics, they need to prioritize them and if not enough organizations wants a feature, then it will not bubble to the top in the priority list and thus it will not be built. Having community developed features will help with bridging the gap and will also act as an indicator to Microsoft of what the customers want in the product. On the consumer side of tech, there is a concept called Sherlocking. That is when (In this case) Apple implements a function, that a 3rd party software developer has built, into iOS or MacOS.

    The Challenges

    Earlier I compared Open Source Software to ISV solutions and to be honest there is one big difference… responsibility. When you buy an ISV solution from a vendor or you let a partner build and implement your solution for you there is always someone else that assumes responsibility for the code written. But as for all contract there are always disclaimers… this applies even to to the license agreement of Dynamics. There are some thing, not covered by the agreement. The responsibility always lands on the end customer in the end and you as an end customer need to be ready to assume that responsibility. If we assume that the responsibility falls on the customer in the end, there is basically no difference between Microsoft-, ISV-, Partner-, Open Source- or Customer created code. We still need to test it and make sure that it is maintained and updated. The main difference is that we (as an organization) can not affect Microsoft’s, the ISVs or (in some cases) the Partners Code. We are however able to make changes to the Open Source Solution.

    I know that there are ISVs out there that supply the source code for their solution… Is that the same as using Open Source? Well, not exactly, but sort of… There are up and down sides of this. If we buy the solution from the vendor and we have a support agreement, we should try to stay away from editing the code; it blurs the lines of responsibilities. With that being said there is still a benefit in that we are able to speed up the troubleshooting process, because we are able to debug, and help provide the solution to the vendor. The real benefit of getting access to the codebase for an ISV solution is however if something happens the vendor and they go out of business. In that case we can choose to continue to support the solution ourselves.

    The Commitments

    As we have seen in this article, there are some thing we need to think about when we start using Open Source Software. As always we need to make sure the software holds up to the same level of quality that we need, we need to keep it updated (and with that comes of course testing and code review, in the same way as with our own code), but I also think that there is another level of commitment here and that is that if we find a bug in the code, we should also be a “good citizen” of the community and at lease report a bug (maybe even with a proposed solution) or even write a fix and submit a pull-request back to the project to get the fix into the code base… if it benefits us, it will probably benefit others.

    “So that means that we should use our precious time writing code for others?” Yes, with the time we save having others write code and test it for us, we absolutely should pitch in and help. I am absolutely convinced that we will spend less time in the long run while at the same time helping others do the same.

    The Conclusions

    Using 3rd Party Tools, always needs to be a deliberate choice and going with an Open Source Solution comes with its own challenges, but we also need to understand that building all of our own customizations from scratch, means that we will be using a “one-off” solution that not always adhere to best practices. In that case we are on our own, but when we use a solution that is built by the community, at least, we can figure out the solution together.

  • Troubleshooting Dualwrite Microsoft.Dynamics.Integrator.Exceptions.IntegratorClientException

    Currently I am in the middle of installing Project Operations for a customer. In order to provide data to Project Operations we need to use Dualwrite to move data from Dynamics 365 for Finance and Supply Chain into Dataverse, which Project Operations uses as its database.

    Yesterday I found a weird Dualwrite issue. In order to sync Customers, we also need to sync the entity CDS Contacts V2 (contacts). I started the initial sync… after running for around 6 (!!) hours it failed with the following error.

    Type=Microsoft.Dynamics.Integrator.Exceptions.IntegratorClientException, Msg=Type=Microsoft.Dynamics.Integrator.Exceptions.IntegratorClientException, Msg=FinOps export encountered an error.(Type=Microsoft.Dynamics.Integrator.Exceptions.IntegratorClientException, Msg=Export failed, Please check execution for project DWM-d91cec93-bcf1-4a8e-a7fa6b0615e195c45fb9bb52d8690665b9c_0 and execution id ExportPackage-9/2/2025 7:23:39 AM-a41d84f0-e619-4a43-83db-d4f6a4855b97 in FnO. Error details Type=Microsoft.Dynamics.Integrator.Exceptions.IntegratorClientException, Msg=F&amp;O export encountered an error. Please check project and execution ExportPackage-9/2/2025 7:23:39 AM-a41d84f0-e619-4a43-83db-d4f6a4855b97 in F&amp;O)

    I updated mappings and refreshed the entity list (as you do) and reran it, with the same issue.

    Initial sync uses the Data Management Framework (DMF) to move the data to Dataverse so I thought I should look at the execution logs, for the DMF project. Then I filtered the list, it did not exist (!?!?!?!)

    The next step, I tried to manually export CDS Contacts V2 (contacts) from DMF. I finally got a useful error!!

    That lead me to go to the Entity List in DMF… there I found something strange:

    Normally the status for the entity should be enabled… it was not. I then went to the License page in FnO

    Turns out the customer has disabled a lot (!) of configuration keys and one of them is CDS Integrations… After entering Maintenence Mode and Enabling the key, the entities were still disabled. To see the correct status, you need to do a Entity List Refresh from DMF – Framework Parameters

    After that the sync went through just fine

    Todays learnings is around Configuration Keys… Do not disable them if you are not able to oversee the full consequence of doing so