You’re offline. This is a read only version of the page.
120
I have a customer who switched from Basic to Modern Authentication. When emailing using Basic Authentication the emails in the SY04920 work but once they add in the Application Client ID it still works but it uses their individual email address rather than the address in the SY04920. Is there something additional I need to do to have it continue to use the SY04920.
Good Afternoon kbauley,
Here are Azure/Dynamics GP Steps.
https://learn.microsoft.com/en-us/dynamics-gp/whats-new/multi-factor-authentication
It does require the user to be updated to Dynamics 18.4-5.
Thank you,
Sonny Pawchuk
By default, when a user logs into Dynamics GP and attempts to email or access some email windows in the application, they'll be prompted with the 'Sign In To Your Account' windows where they enter the Exchange email address, password and then if enabled, the MFA challenge for that account. Dynamics GP will then proceed to use that account for any emailing functionality for as long as the user is logged into Dynamics GP.
Once signed in with an Exchange account, GP will continue to use that account, there isn't any way to get prompted again for different credentials, unless the authentication fails.
Thank you for the reply and that does make sense as they are logging into the terminal server as themselves using AD credentials. So at this time is there no way to log into the terminal server using their AD credentials and then use the account payable account within GP to send those emails?
I think why it is giving me the option to log in using the accounts payable is because of security reasons I had to create and use a local account on the terminal server to test the email functionality. Doing it that way it does not already have AD credentials so then must ask for them I am assuming.
With Modern Auth, we're really not caching login information like we used to in the SY04920 table using the 'old' Exchange email functionality. The only thing we're holding onto with Modern Auth is the app client ID you put in each company email settings window, held in the SY04900 company table.
The 'Sign in to your account' window is expected, but I can't say I've seen the 'Windows Security' window you're seeing follow it, usually it's the same windows asking for email address, password and then multi-factor authentication challenge, if enabled.
What I'm expecting is happening is that you have AD users linked to an account such as JohnDoe@Contoso.com and they create a new user Accounts Payable in AD with an email address of AP@Contoso.com.
When 'Accounts Payable' is logged onto the server, and attempts to use Modern Auth in Dynamics GP, it automatically fills in the AP@Contoso.com address, same as for my John Doe example will auto populate w/ JohnDoe@Contoso.com when using modern auth.
The issue comes when logging in as JohnDoe@Contoso.com and attempting to email as AP@Contoso.com.
To use AP@Contoso.com, they would need to login as the Accounts Payable user account for AD.
I know we've had a case or two with this type of issue and are looking into it further. It's more an O365 setting, usually impacted more when ADFS is in use. More specific, it is the Azure AD that controls the login for O365.
So we are running into the same issue emailing out EFT Remittance. When the user goes to email the remittance the login screen pops up and she enters our account payable email address then it says it is taking her to our organization's sign-in page but doesn't actually take her anywhere as it just closes and sends out the emails from her email address.
The first time she did this after switching to modern authentication she didn't use the accounts payables and used her login information, is her info being cached somewhere within GP? I have cleared out all windows saved credentials and all browser data on the terminal server for this user (all users log into a terminal server to user GP). I have even completely removed her profile from the terminal server and had her log back in with no change. I have also clicked on forget her credentials in the exchange login window with no change.
Now if I log into GP as say sa or myself I get the second window below after it says 'Taking you to your organization's sign-in page'. I then enter the account's payables info and it sends from the proper email address and not from my email address.
Any ideas on why this user will not get logged into our accounts payable account and emails keep going out user her email address?
1st Login prompt
2nd prompt when logged in as my account or sa, the user does not get this second window asking for credentials
If you're using Modern Authentication, the SY04920 table is no longer used, thus isn't valid.
With Modern Auth, they'll be prompted with 'Sign in with your account' windows, not the 'Exchange Log On' window any longer. They'll get one window for their email account, one for their password and then one if they're using multi-factor authentication.
The email will be sent using that account that they enter when prompted and will continue to do so until they log out of Dynamics GP for that session.
This is also true of Workflow email when Modern Auth is enabled. The exception to this is if approving workflows via email links/Web Services, that will continue to use the SMTP server and account specified in the Workflow Setup window.
Modern Auth is also available for the first time in Web Client, once you update to the Oct 2022 release/GP 18.5
Let me know if you have any questions.
Thanks
Stay up to date on forum activity by subscribing. You can also customize your in-app and email Notification settings across all subscriptions.
#1
André Arnaud de Cal...
291,240
Super User 2024 Season 2
#2
Martin Dráb
230,149
Most Valuable Professional
#3
nmaenpaa
101,156
Share
Report
All responses (
Answers (