Skip to main content

Notifications

Dynamics 365 Community / Forums / Commerce forum / Issues with Activating...
Commerce forum
Answered

Issues with Activating MPOS on Development VHD 10.0.24 onwards

editSubscribe (0) ShareShare
ReportReport
Posted on by MYGz 1,794

Hi,

Renaming VHD 10.0.24 causes lot of issues.

Is there a way to make it work with some post rename steps?

 

---------------------

Update: The issue was not with Renaming.

The issue was with VHD10.0.24 onwards. There are few steps required to successfully active MPOS/CPOS on the VM. I have documented the steps for 10.0.24. But there are new challenges on 10.0.37. I will try to document the changes for 10.0.37 also in this thread.

 

Best Regards,

Categories:
Store operations and POS App
  • Shafeeque Mohammed Profile Picture
    Shafeeque Mohammed 6,055 Super User on at
    Issues with Activating MPOS on Development VHD 10.0.24 onwards
    Moving the post to Commerce forum
  • MYGz Profile Picture
    MYGz 1,794 on at
    Issues with Activating MPOS on Development VHD 10.0.24 onwards
     
    Super. Thanks a lot. I will try out the steps.
  • Verified answer
    jsmithvee Profile Picture
    jsmithvee 16 on at
    Issues with Activating MPOS on Development VHD 10.0.24 onwards
    Alright, just to get everything into a single post, here are the steps I take to get the latest (10.0.0.37 at the time) vhd working, with MPOS/Store Commerce activated.
     
     
    1. Download 10.0.0.37 vhd from Shared Asset Library
    2. For me, I use vmware workstation, so I need to convert it, so WSL: 
      1. qemu-img convert FinandOps10.0.37.vhd -O vmdk FinandOps10.0.37.vmdk -p
    3. Register new Azure App, with 2 Web redirect URIs. Once created, make note of the Application (client) ID.
      1. https://usnconeboxax1aos.cloud.onebox.dynamics.com/
      2. https://usnconeboxax1aos.cloud.onebox.dynamics.com/oauth/
    4. On the desktop, run the shortcut as admin to generate self-signed certs. Paste in the client ID from step 3, and answer No to existing certs.
    5. In powershell running as admin, run:
      1. Install-Module AzureAD
    6. Next we need to run the RetailTenantUpdateTool. First however, to get rid of cert errors we need to edit C:\RetailSDK\Tools\RetailTenantUpdateTool.ps1
      1. Append -TrustServerCertificate to the invoke-sqlcmd on line 48
      2. Save and close
      3. Run the desktop shortcut RetailTenantUpdateTool as admin
      4. Authenticate.
    7. Run desktop shortcut AdminUserProvisioning as admin to add yourself as an admin
    8. Once logged in, you’ll see lots of errors when attempting to visit the ‘Channel Database” module, e.g. No certificate found for id '7366E25DC94FA8A400FA0037FFF3BB300D9482D4'. The required data encryption certificate was not found when trying to edit the Database connection profile table and the ConnectionString field…
      1. Run SSMS as admin, and run the query found below on the AXDB database.
      2. https://dynamicsexemplified.wordpress.com/2021/08/10/dealing-with-crypto-encryption-error-in-dynamics-365-finance-and-supply-chain-tier-1-developer-machine/
      3. iisreset
    9. If you now go look at the Channel Profile page to get the correct Retail Server URLs, you’ll see the URLs are all set to https://MIGRATION_VALUE
      1. We need to run the environment retarget  scripts from shared asset library. I’ve seen reference many places to it NOT being needed, but my experience says otherwise.
      2. Download, extract, and we need to edit a file to prevent certificate trust issues
      3. Edit RetailServer\EnvironmentRetarget\RetargetRetailServer.ps1
        1. On line 50 change $env:COMPUTERNAME to ‘localhost’ so the check now reads:
        2. $isLocalSql = ($retargetingParameters.SqlServerInstance -eq 'localhost')
      4. Save and either run the script directly within ISE, OR, run the retail retarget script "dot-sourced":
        1. powershell.exe -noexit -file .\RetargetRetailServer.ps1
    10. If you check the ping status URL, you’ll see RealtimeServiceCheck is failing. We need to open and edit:
      1. C:\RetailServer\webroot\bin\CommerceRunTime.Config
      2. Locate this line: <add key="audienceUrn" value="spn:00000015-0000-0000-c000-000000000000" />
      3. Replace the Number values with the same Azure AD Application(Client) ID value that was created at the beginning of the deployment.
      4. Save and iisreset
      5. RealtimeServiceCheck should now be green.
      6. https://usnconeboxax1ret.cloud.onebox.dynamics.com/healthcheck?testname=ping
    11. We need to run a 9999 full sync from the Channel Database page. But, first, to make sure things are working properly,
      1. run the Azure Storage Emulator from the start menu. Should initialize, etc. If not, download and repair v.5.10 and reboot. Run the Azure Storage Emulator and it should initialize properly now.
      2. Open the backoffice and get to the channel database module, in the Data Synchronization section, make sure the Default Channel database batch job status is Waiting. If its set to Withhold, running the 9999 and other jobs wont push through, and you’ll get errors when trying to activate such as “DA1023 - Could not resolve identity. The Microsoft Entra ID account is not mapped to an employee in Retail headquarters.” So, change the status to Waiting.
      3. From the channel database page, run a 9999 full sync.
    12. We have fixed just about everything, but activating MPOS will still fail with a DA3001 error. This is because we need a new certificate and a loopback exemption for the MPOS app. You can use fiddler classic to add the exemption, or, you can add it manually (for 10.0.0.37 Sealed MPOS).
      1. Install MPOS from powershell, then run the Install shortcut on the desktop
      2. Command prompt as admin:
      3. CheckNetIsolation LoopbackExempt -a -n="Microsoft.Dynamics.Commerce.Pos_8wekyb3d8bbwe"
        1. https://blog.shafeeque.in/enable-loopback-exemption-for-dynamics-365-retail-mpos-the-easy-way/
      4. The retailserver site in IIS is using the aos certificate, so the name mismatches. Fix that by creating a new cert and binding it to the retailserver site.
        1. https://ax.docentric.com/how-to-configure-a-safe-connection-to-a-d365fo-in-a-local-development-environment/
    13. You should be able to activate CPOS, MPOS, etc. now!
    14. Download the latest service update – 10.0.39 at time of writing this. Make sure to “unblock” the zip file in its properties before unpacking.
    15. Edit the DefaultTopologyData.xml file to include all the modules installed, e.g.
    <ServiceModelList>
    <string>ALMService</string>
    <string>AOSService</string>
    <string>BIService</string>
    <string>DevToolsService</string>
    <string>DIXFService</string>
    <string>PayrollTaxModule</string>
    <string>PerfSDK</string>
    <string>ReportingService</string>
    <string>RetailCloudPos</string>
    <string>RetailHQConfiguration</string>
    <string>RetailSDK</string>
    <string>RetailSelfService</string>
    <string>RetailServer</string>
    </ServiceModelList>
     
    1. In command prompt as admin, in the update folder:
      1. AXUpdateInstaller.exe generate -runbookid="OneBoxDev" -topologyfile="DefaultTopologyData.xml" -servicemodelfile="DefaultServiceModelData.xml" -runbookfile="OneBoxDev-runbook.xml"
      2. AXUpdateInstaller.exe import -runbookfile=OneBoxDev-runbook.xml
      3. AXUpdateInstaller.exe execute -runbookid=OneBoxDev
    2. Updated to latest version, and everything should be working now.
    3. Note: on step 15 I generally don’t include the MROneBox module because it always errors during the update. IF you want to include that, you will need to first run the MRServer_x64.msi setup in the extracted MROnebox/Scripts folder and then run the update or -rerunstep the failed MROneBox step. If that still errors, you need to run the ConfigureMRDatabase script in the MROnebox/Scripts/Update folder:
      1. .\ConfigureMRDatabase.ps1 -NewAosDatabaseName AxDB -NewAosDatabaseServerName new_name -NewMRDatabaseName ManagementReporter -NewAxAdminUserPassword AOSWebSite@123 -NewMRAdminUserName MRUser -NewMRAdminUserPassword MRWebSite@123 -NewMRRuntimeUserName MRUSer -NewMRRuntimeUserPassword MRWebSite@123 -NewAxMRRuntimeUserName MRUser -NewAxMRRuntimeUserPassword MRWebSite@123
      2. To get the password: C:\AOSService\webroot\bin\Microsoft.Dynamics.AX.Framework.ConfigEncryptor.exe -decrypt C:\retailserver\webroot\web.config

    Sources:
    https://ax.docentric.com/how-to-configure-a-safe-connection-to-a-d365fo-in-a-local-development-environment/
    https://blog.shafeeque.in/enable-loopback-exemption-for-dynamics-365-retail-mpos-the-easy-way/
    https://learn.microsoft.com/en-us/dynamics365/fin-ops-core/dev-itpro/dev-tools/vhd-setup
    https://dynamicsexemplified.wordpress.com/2021/08/10/dealing-with-crypto-encryption-error-in-dynamics-365-finance-and-supply-chain-tier-1-developer-machine/
    https://learn.microsoft.com/en-us/dynamics365/fin-ops-core/dev-itpro/migration-upgrade/vso-machine-renaming
    https://learn.microsoft.com/en-us/dynamics365/fin-ops-core/dev-itpro/migration-upgrade/upgrade-latest-platform-update
    https://nuxulu.com/2020-04-06-getting-onebox-vhd-dynamics-365-finance-and-operations-virtual-machine/
     
  • MYGz Profile Picture
    MYGz 1,794 on at
    Issues with Activating MPOS on Development VHD 10.0.24 onwards
    Hello @jsmithvee,
     
    Can you document the steps here. 
     
    I didn't needed the VM activation for long. But now I need to activate MPOS/CPOS on VM. I'm on 10.0.38(preview) (updated 10.0.37 to 38).  I tried the previous steps. I'm unable to run the retailretarget script now. Also facing another issue, forgot the App and thus AppID in the AppRegistration list :P there are few of them. Is there a way to find out from the certificate information which AppId was used?
     
    Appreciate if you can you document the steps here. Raising Microsoft ticket takes quite some time.
     
    Thanks
  • jsmithvee Profile Picture
    jsmithvee 16 on at
    Issues with VM renaming (10.0.24)
    This all needed slight additions for the 10.0.37 dev vhd, because of SQL cert issues... Needed to put -TrustServerCertificate in a few places.
     
    Ultimately, using the previous info and the TrustServerCertificate parameter, was able to get everything working properly in the HQ side of the latest vhd 10.0.37.
     
    I am able to activate CPOS, but NOT MPOS. Just get a DA3001 generic error. Did anyone in this thread activate MPOS or Store Commerce successfully?

    Edit:
    Tried this twice, so not sure why this works, but open MPOS and attempt to activate... Get the DA3001 error. Leave that up.

    Install Fiddler Classic, open WinConfig button, then check the box for Microsoft POS, Save Changes, flip back to MPOS and hit Retry. Immediately I get the login/authentication screen. Close Fiddler and finish Activating MPOS. No clue why this works, but I've tried it twice from a brand new 10.0.37 vhd image, and same result. MPOS hangs with DA3001, but the second I open fiddler and check the MPOS box in winconfig section, MPOS activates, and then I can close/remove fiddler and everything works fine. How odd.
  • Suggested answer
    Mohammed Alwahhashi Profile Picture
    Mohammed Alwahhashi 15 on at
    RE: Issues with VM renaming (10.0.24)

    thanks , that worked for me perfectly ,

  • MYGz Profile Picture
    MYGz 1,794 on at
    RE: Issues with VM renaming (10.0.24)

    Glad it helped.

  • Verified answer
    erptechnician Profile Picture
    erptechnician 50 on at
    RE: Issues with VM renaming (10.0.24)

    Mohammad,

    Thank you so much for taking the time to document the resolution to this issue! I had been struggling with a separate but related issue (Error activating retail cloud POS on OneBox version 10.0.24: DA1023 - Could not resolve identity). My issue was also caused by the same certificate error you reported in your post above.

    The solution you provided almost worked for me, but I had to modify it slightly:

    1. Run RetailRetargetScript.
    2. Edit CommerceRunTime.Config.
    3. Run RetailTenantUpdateTool with Administrator privileges from OneBox desktop.
    4.  Restart IIS.

    I had previously run RetailTenantUpdateTool before doing Step #1, but I had to run it again after RetailRetargetScript to get everything working properly in the Commerce/Retail module of my OneBox.

  • Saravanan123 Profile Picture
    Saravanan123 20 on at
    RE: Issues with VM renaming (10.0.24)

    Thanks gents. it helped for me & saved time too. 

  • MYGz Profile Picture
    MYGz 1,794 on at
    RE: Issues with VM renaming (10.0.24)

    Omais Afzal

    Find "Default channel database batch job" in batch jobs. And check if it's status is waiting or not. Change it to waiting if it's not.

Helpful resources

Quick Links

Take the Community feedback survey!

Answer this brief 15-question survey about your Community experience…

Demystifying Copilot: Service Edition with Sundar Raghavan

Sundar answers more questions about Copilot for Service...

Dynamics 365 Business Central vs Finance and SCM

Take a look at the key differences between Business Central and…

more Community News

Leaderboard

#1
Andre Arnaud de Calavon Profile Picture

Andre Arnaud de Cal... 283,375 Super User

#2
Martin Dráb Profile Picture

Martin Dráb 223,308 Super User

#3
nmaenpaa Profile Picture

nmaenpaa 101,140

Leaderboard

Featured topics

Product updates

Dynamics 365 release plans