#GPPT Adding Multi Factor Authentication to the Microsoft Dynamics GP application

Microsoft Dynamics GP has added support for Multi Factor Authentication (MFA) to the emailing functionality inside Dynamics GP to allow it to connect to Microsoft Exchange, now that simple authentication is no longer supported.

However, there is no MFA functionality for logging into the Microsoft Dynamics GP application itself… until now.

Using GP Power Tools Developer Tools module, with a single after login trigger, it is possible to force the request to connect to Microsoft Exchange and close GP if the connection is not authenticated.

Using a trigger that runs after logging in, GP Power Tools will ask the user to enter the login credentials to connect to Microsoft Exchange.

If MFA is configured, it will use the new Sign in to your account window:

If the login is not completed successfully, you will get one dialog from the MFA system:

And then the dialog from GP Power Tools, after which GP will close:

If MFA is not configured yet, it will use the old Exchange Web Services (EWS) mode with the following Exchange Log On window:

And will display the following message if the Login is not completed successfully and GP will close:

A successful login will allow Dynamics GP to continue as normal, without requiring the extra login when sending emails, as the session has already logged in to Microsoft Exchange.

Here is the Project Setup window for the project. If you wish to change which users are exempted from the MFA check, use the Users Button at the project level. Currently the ‘sa’ user is excluded from the project.

Here is a quick summary of the components in the project:

Trigger LOGIN MFA

Trigger which runs after all background processes are completed using the Trigger Attach mode: After Login Event (After Background).

NOTE: This is designed to be used with the GP Power Tools Administrator Settings option to Prevent user activity until login processes have completed, which shows the following dialog.

If you want the MFA login to appear earlier (and are not using the option to wait), you can change the Trigger Attach mode to just After Login Event.

Message LOGIN MFA
Message with the wording to use when displaying the forced exit message. Supports a multi-lingual environment. Just add the wording for other languages as desired.

Downloading and Installing

Download the example code and import using the Project Setup window (now possible for first time imports with Build 28.8 onwards), or use Configuration Export/Import window (for older builds):

• GP Power Tools Settings Login Mfa.dbg.zip

The code will be active on next login or after switching companies, or you can use start the triggers manually from the Project Setup window.

More Information

For more information see:

• GP Power Tools Portal: http://winthropdc.com/GPPT
• GP Power Tools Samples: http://winthropdc.com/GPPT/Samples
• GP Power Tools Videos: http://winthropdc.com/GPPT/Videos

If you haven’t done so already, update to GP Power Tools Build 29 or later to get all the latest features and resolve the Security Vulnerability issue.

Enjoy

David

This article was originally posted on http://www.winthropdc.com/blog.