Microsoft Dynamics GP Fall 2020 - TLS 1.2
Like
Share
ReportAnother reason why we are excited for the Microsoft Dynamics GP Fall 2020 release is the fact that it is going to address functionality that will affected by the upcoming retirement of the TLS 1.0 and 1.1 protocols. To refresh your memory on this, we published the following blog on some limitations with various Dynamics GP functionality when TLS 1.0 is disabled:
https://community.dynamics.com/gp/b/dynamicsgp/posts/dynamics-gp-and-tls-1-0
With the Fall 2020 release the following features will now be able to function with TLS 1.0 and 1.1 disabled:
- E-mailing from within Dynamics GP when using both the Exchange Server Type as well as the SMTP e-mail that is used for the Workflow feature in Dynamics GP
- The Microsoft Dynamics GP Web Client
- Web Services for Microsoft Dynamics GP
NOTE: Web Services for Microsoft Dynamics GP still requires TLS 1.0 when using a SQL Server database for the Authorization Store. If you reinstall Web Services for Microsoft Dynamics GP to an Active Directory partition per this blog article you can operate with TLS 1.0 and 1.1 disabled.
In terms of functionality that still requires TLS 1.0, the refreshable Excel reports that can be deployed from Dynamics GP are still using the SQLOLEDB provider, which requires TLS 1.0. You can manually update the connection string in your Excel files to use the SQLNCLI11 provider as a workaround.
NOTE: Required for VAT - Making Tax Digital Reference guide - HMRC Developer Hub - GOV.UK
TLS standards HMRC APIs are only accessible over Transport Layer Security (TLS). For example, URLs that begin with https://.
Applications must support TLS 1.2 or higher to avoid known weaknesses in previous versions.
If you have issues logging into Dynamics GP with TLS 1.2
Have you tried the Native Client driver yet, in a new ODBC DSN?
https://www.microsoft.com/en-us/download/details.aspx?id=50402
As it mentions in the notes at the bottom of this page:
Note that Microsoft will not be releasing a SQL Server 2014 or later version of the SQL Server Native Client. The SQL Server 2012 Native Client (v11, e.g. sqlncli11.dll), can continue to be utilized by SQL Server 2014 and later versions.
Uninstall any currently installed SQL Native Client drivers from Control Panel unless something else is using them, then install these Native Client drivers, to then setup a 32-bit ODBC DSN to use with Microsoft Dynamics GP.
Download and install this version of the SQL Native Client driver, then re-create the ODBC DSN to use this new driver and verify the DSN successfully connect to your SQL Server instance.
For more documentation on our new features please check out our Microsoft Dynamics GP New Feature Blog Series!
Thanks!
Lucas Miller
Microsoft Dynamics GP
Comments
-
After my client’s GP version 2018 year-end 2020 update was applied, they were no longer able to email EFT remittances from within GP. This was working fine prior to the year-end update. Now when they try to open Email Settings or process an email EFT remittance, when you type in the correct Exchange/AD credentials, it says “Login Failed: check your login information and try again.” Nothing else we know of has changed outside of the GP year-end update. Both Windows 7 with Outlook 2010 and the Windows 10 with Outlook 2013 computers have the same behavior. The Outlook bit level is 32-bit, and we’ve tried both Exchange (what it was set to) and MAPI, with no success. We’ve validated that the Exchange EWS URL is correct and responding, and that AutoDiscover is working properly. We’ve tried the Login ID with the UserID only, the Domain\UserID format and UPN format (userID@domain.tld) as well. One item of note is that they have an older Exchange environment – Exchange 2010 running on Windows Server 2008 R2. Since this version is out of support and doesn’t have TLS 1.2 turned on by default (and they have not turned it on), could this be the issue? Does this latest year-end update force all GP communications to use TLS 1.2, or at least the email portion? Also, if yes, is there a way to temporarily allow GP to use an older TLS version?
*This post is locked for comments