JohanPersson.nu

My Digital Brain

  • Validating SSRS settings in AX 2012 fails

    Tonight one of my colleagues called me having issues with validating the SSRS setup for an old AX 2012 R3 environment. Unfortunately it had been many years since I even touched a 2012 server which meant I had to turn to my trusted advisor… Google 🙂

    The error he got was this:
    “Make sure that SQL Server Reporting Services is configured correctly. Verify the Web Service URL and Report Manager URL configuration in the SQL Reporting Services Configuration Manager.”

    Image

    The problem is caused by UAC end there are 2 “solutons”

    1. Turning off UAT (which is absolutely NOT recommended).
      Error when validate settings in Report servers by any admin account which is not account used to install the AX reporting services extensions. – Microsoft Dynamics AX Forum Community Forum
    2. Running the AX client as Administrator. To do this right-click the AX 2012 Client (it has to be the client and not the .axc file) and slect “Run as Administrator”
      AX2012R2 SSRS Validation error as make sure the SQL Server Reporting Services is configured correctly – Microsoft Dynamics AX Community

    That is it for today

  • Can not create default Keyset when using AXBuild

    We have a large deploy with a customer this week which is a very bad time for AXBuild to stop working… really bad time. And ofcourse that is what happened Smile (screw you Murphy). There are of course other ways to to a compile in AX byt doing it from within AX is really slow so AXBuild is much nicer and faster.

    The problem was that when I launched AXBuild the process kept crashing with this error:

    clip_image002

    I also got the following events in Event viewer:

    Error 14.11.2016 17:49:05 Dynamics Server 01 110 None
    Object Server 01:
    Can not create default Keyset. Error code -2146893809.

    Error 14.11.2016 17:49:05 Dynamics Server 01 110 None
    Object Server 01:
    The license information can not be decoded.

    Error 14.11.2016 17:49:06 .NET Runtime 1026 None
    Application: Ax32Serv.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception
    Exception Info: System.Runtime.InteropServices.SEHException
    Stack:
    at <Module>.wmainCRTStartup()
    at <Module>.wmainCRTStartup()

    When doing research we found that this is most likely a permissions issue and I got somen hints on what to check:

    • Are you running elevated: Check
    • Are you local admin on the AOS computer: Check
    • Is the AOS user local admin on the AOS computer: Check
    • Check AOS user permissions on the AX database and modelstore: Check

    I was not able to find the solution so I resorted to Microsoft Support and they sait the same thing… it is a permission issue. So finally I fired up ProcessMonitor (which I don’t do often enough) and the it was after some looking around and filtering. I filtered out everything except the Ax32Serv.exe process and I also removed the SUCCESS lines.

    The issue was that my user (the one doing the the compiling) got access denied on a file in the folder:

    C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys

    I changed the permission on the file and Presto! (or as one of my colleugues said – I am going to get a Cappuchino with cinnamon)

    The compile is running and things are good

    /Johan

  • Instaling .NET Framework 3.5 on Windows Server 2012… without install media

    Today I hade a small issue a a customer which I thought I write down since repetition is a good thing…

    I was installing SQL on a Windows Server 2012 and I needed .NET Framework… this tends to be a little tricky since I did not have the media… So here we go.

    1. Start the Group Policy Editor
    2. Go to Computer Configuration – Administrative Templates – System
    3. Enable Specify settings for optional component installation and component repair and select Contact Windows Update directly to download repair content
    4. Use dism.exe /online /enable-feature /featurename:NetFX3 /all to start the install and wait for it to finish

    That is all for today

    /Johan

  • Nice to know: What is going on during logon

    When you are logging onto a Windows machine you will sometimes notice that it is taking a long time… usually you just blame GPOs and move on… If you want to get a hint on what´s taking so long you can set a GPO setting which turns on detailed information during logon

    image 

    There are two different settings depending on which OS you are running (pre 2008R2/2012 or later)

    You will find the setting in gpedit under Computer Configuration – Administrative Templates – System

    The setting is called:

    Pre 2012: Verbose vs normal status messages

    Post 2012: Display highly detailed messages

    /Johan

  • Active Directory Based Activation

    In Windows 2012 there is a new method of activating Windows Servers/Clients and Office. The method is called Active Directory Based Activation and is an alternative to KMS and MAK activation. It works by adding a Activation Object to Active Directory which activates computers joined to the domain.

    1. First we need to install the Volume Activation Tools from Server Manager (Volume Activation Tools is just the tool to create the activation objects in AD. Active Directory Activation does not require any server components)
    2. Second we need to add the KMS key. And activate it

      SNAGHTMLe915e53

    3. To install an office key you will need to download and install Microsoft Office 2013 Volume License Pack
    4. When the install is done the Volume Activation tool will pop up and allow you to add the key

    Note 1: The Windows Server 2012 R2 key will also activate clients

    Note 2: Active Directory based activation works for Windows 8/8.1, Windows Server 2012 / 2012 R2 and Office 2013. For older versions you will need a KMS server.

    Note 3: Since the activation object is stored in AD it is replicated to all DCs which means that all DCs can act as an activation server

    Links

    http://support.microsoft.com/kb/2781538
    http://blogs.technet.com/b/askpfeplat/archive/2013/02/04/active-directory-based-activation-vs-key-management-services.aspx
    http://blogs.technet.com/b/odsupport/archive/2012/11/07/how-to-setup-active-directory-based-activation-host-for-microsoft-office-2013.aspx

  • Password Reset in RDWeb

    Today I will take a short look at enabling password reset using the rdweb component in Windows Server 2012.

    This functionality is built in to Remote Desktop but it it not enabled by default. In this article we will look at enabling it and also creating a link to it on the login page

    We start of by enabling the Password Reset feature.

    1. Start IIS Manager on your RDWeb Server
    2. Browse to [Server Name] – Sites – Default Web Site – RDWeb – Pages
    3. Open Application Settings
    4. Change the property PasswordChangeEnabled to true
    5. To test the password reset functionality browse to
      https://[Servername]/RDWeb/Pages/en-US/password.aspx
      and you will se this

      image 

    When  a user tries to log in using an expired password they will get this:

    Now, to enable the link on the login page…

    1. Using an elevated notepad (or tool of your choice) edit the file

      C:\Windows\Web\RDWeb\Pages\en-US\login.aspx

    2. Go down to line 583 and add the following line

      <a href=https://[ServerName]/RDWeb/Pages/en-US/password.aspx>Password Reset Utility</a>

    3. Save the page
    4. Browsing to the login page for RDweb and verify the change

    /Johan

    Links

    http://ryanmangansitblog.com/2013/03/11/add-password-reset-feature-to-remote-desktop-web-access-2012/
    http://blogs.msdn.com/b/rds/archive/2014/06/04/failed-logons-due-to-expired-passwords-password-change-functionality-in-rd-web-access.aspx

  • Stand-alone Remote Desktop

    Idag fick jag ett samtal från en kund som hade lite problem med att sätta upp en stand-alone Terminal Server i Windows Server 2012… Problemet var att i 2012 saknas se verktyg man är van att använda i 2008 R2 för att administrera Remote Desktop och tack vare det kunde han inte konfigurera kopplingen mellan session host och licenserver vilket betydde att eftersom TS inte hittade några licenser så slutade den ta emot inloggningar.

    Lösningen är att manuellt stoppa in en referens till licensservern. Man gör så här:

    1. Starta Group policy editorn pĂĄ terminalservern (gpedit.msc)

    2. Gå till Conputer Settings – Administrative Templates – Windows Components – Remote Desktop Services – Remote Desktop Session Host – Licensing

    3. Ă–ppna Use the specified Remote Desktip license server

    4. Sätt policyn till Enabled och ange adressen till licensservern. I vårt fall Localhost.

    image

    5. Stäng Group Policy Editor och kör gpupdate /force

    6. Om det fortfarande inte fungerar, testa starta om servern så att alla tjänster startas upp korrekt.

    PS Glöm inte bort att öppna eventuell brandväggsport för licensservern

    Länkar

    http://technet.microsoft.com/en-us/library/cc770585.aspx
    http://social.technet.microsoft.com/Forums/windowsserver/en-US/7a57249a-97bd-4382-9161-d7a8700c2691/does-anyone-know-the-appropriate-firewall-rules-to-allow-rd-license-server-access

  • Application request routing PÅ Windows Server Essentials 2012

    Jag har en Windows Server Essentials 2012 server hemma för min interna “produktionsmiljö”. Som de flesta andra sitter jag pĂĄ en vanlig internetlina med en dynamisk adress sĂĄ jag funderade lite om man kunde använda Application Request Routing (ARR) för att utnyttja samma adress för att komma ĂĄt min labmiljö… Jag fick idĂ©n när jag lekte runt lite med onpremise exchange i Essentials för kunds räkning. SĂĄ jag fĂĄr väl helt enkelt testa.

    Jag börjar med att ladda ner ARR komponenten och installera den i min server. (X86 version, X64 version).

    Installationen är i stil med Next-Next-Finnish

    image

    Ladda ner och installera Web Platform Installer…

    image

    Lägg till Application Request Routing 3.0…

    image

    … och du får en del annat på köpet så som URL Rewrite mm.

    image

    När installationen är klar, klicka Finish och stäng Web Platform Installer.

    När installationen av Application Request Routing är klar, starta IIS Manager. Markera noden för din webserver.

    image

    I den högra panelen, dubbelklicka på Application Request Routing.

    image

    I Actions panelen klicka Server Proxy Settings

    image

    Markera Enable Proxy och verifiera att HTTP version är satt till Pass through. I actions panelen klicka Apply för att spara

    Starta utforskaren och skapa en ny tom mapp där du har dina websiter (default C:\InetPub). I IIS Managern skapa en ny site som pekar till katalogen. Döp den till sam´ma namn som den site du skall skapa en reverse proxy för.

    image

    Min site använder SSL och behöver därför ett certifikat. Installera SSL certifikatet på Reverse Proxy Servern. Högerklicka på den nya siten och välj Edit Bindings för att konfigurera certifikatet. Eftersom jag använder SSL aktiverade jag även Require Server Name Indication och angav FQDN för Servern

    Markera den nya siten och dubbelklicka URL Rewrite i mittpanelen. I Actionpanelen klicka Add Rule(s), välj Reverse Proxy och klicka OK.

    image

    Ange URLen till den site du vill omdirigera till (det är viktigt att den finn tillgänglig och kan namnupplösas internt för servern som skall fungera som Reverse Proxy)

    Nu kommer du att kunna surfa till siten på insidan genom den server som är Reverse Proxy

  • MDT SQL problem… Man är inte så lite glömsk

    Idag satt jag och stångade skallen blodig mot ett problem… Min MDT 2012 ville inte koppla upp sig mot min databas. Rättigheterna stämde, brandväggen öppnad på port 1433… vad strular nudå??

    Lite fakta om min installation

    Version av SQL: 2012 Express
    Instans: MDT
    Protokoll: NamedPipes

    Insåg efter ett tag att det som gjorde att det strulade var att jag inte använda default instansen i SQL Express. Om man inte använder default instansen behöver man SQL Browser… detta hade jag kommit ihåg men det jag hade missat var att öppna porten för SQL browser i Windows brandvägg… Man måste öppna port UDP1434

    Jaja… nu skall jag väl inte glömma det igen Ler

    /Johan

  • Filmer…

    Jag har sedan en tid spelat in ett antal filmer för Microsofts räkning. Filmerna behandlar installation och konfiguration av utvalda funktioner i Windows Server 2012, Windows 8 och Microsofts Online tjänster… nu finns de på YouTube.

    Windows Server 2012 – Ă–versikt
    Installera Windows 8 och nya Office i Windows Server 2012
    Konfigurera Windows Server 2012
    Installera Windows Server 2012
    Konfigurera Windows Server 2012 för Remote Access
    Konfigurera Hyper-V i Windows Server 2012
    Installera Windows Server 2012 Essentials
    Konfigurera Windows Server 2012 Essentials
    Migrera frĂĄn Small Business Server till Windows Server 2012 Essentials
    Konfigurera Windows Backup
    Konfigurera Azure
    Konfigurera Office 365

    Mvh

    /Johan