Share
ReportWith report 14.x you might experience slow performance on report SAVEAS or SAVEASPDF with standard or custom layouts.
Within this version there are currently 2 parameters that needs to be tuned for high report performance
- CAS POLICY
It is warmly suggested to have explicitly set CAS Policy to true in the Microsoft.Dynamics.NAV.Server.exe.config file as it was in all versions before: add the key:
<NetFx40_LegacySecurityPolicy enabled="true"/>
Below an example
To know more about this parameter there are 2 interesting blog that would highlight its benefit:
In these blog, it is dissected and explained how CAS Policy influences performance and memory leaks.
Keeping a long story short
- From NAV 2013 onwards, CAS Policy has always been explicitly set to true to guarantee good performance on report execution.
- Starting from 14.x – remember that this was first a SaaS version up until CU 5 -, Dynamics.NAV.Server.exe.config file does not add explicitly CAS Policy parameter. This is typical with Sandboxes where CAS Policy must be disabled (set to false) to enable extension debugging through Visual Studio Code.
In production environments, it is warmly recommended to enabled it (set to true) to guarantee optimal performance.
Point b. is tightly related on Sandbox creation on the fly through Docker containers using DVD artifcats.
- MEMORY APP DOMAIN ISOLATION
Within RDLC report, you can use a code section to inject and execute VB.NET code (e.g. sedata, getdata, blanknumber, etc.). VB.NET code might open to potential security vulnerabilities that might expose memory to be dumped if not isolated.
That is why, within SaaS, all reports that do have a custom counterpart are using an isolated memory app domain, even though this might have an impact on report performance.
Considering On-Premises, since these are for their own nature self-protected – partners are taking care of development, data protection and security – there is not the real need (as it wasn’t for all past versions) to have report running in isolated app-domain, overall if they are running in single tenant (aka legacy) database mode.
This is also mentioned in the first blog listed before and memory app domain isolation could be (should be) disabled in the CustomSettings.config files as per the following
<add key="ReportAppDomainIsolation" value="false" />
ReportAppDomainIsolation parameter has been implemented since Dynamics NAV 2017.
Now a bit of automation with PowerShell.
If you have already automated your deployment procedure through PowerShell scripts, you could setup CAS Policy settings by parsing the exe config file through XML classes in the following way (Dynamics 365 Business Central Services must be in a stopped state) :
$serverExeConfigPath = 'C:\Program Files\Microsoft Dynamics 365 Business Central\140\Service\Microsoft.Dynamics.Nav.Server.exe.config'
[xml]$XmlDocument = Get-Content -Path $serverExeConfigPath
$nodeExists = $XmlDocument.configuration.runtime.SelectSingleNode("./NetFx40_LegacySecurityPolicy")
if ($NodeExists -eq $null) {
$netfxNode = $XmlDocument.CreateElement('NetFx40_LegacySecurityPolicy')
$XmlDocument.configuration.runtime.AppendChild($netfxNode) | Out-Null
$realNetFxNode = $XmlDocument.configuration.runtime.SelectSingleNode("./NetFx40_LegacySecurityPolicy")
$realNetFxNode.SetAttribute("enabled","true")
$XmlDocument.Save($serverExeConfigPath)
write-host "NetFx40_LegacySecurityPolicy switch added and set to true"
}
else {
write-host "NetFx40_LegacySecurityPolicy was already set"
}
Setting ReportAppDomainIsolation is even easier since you might use PS cmdlet from the Dynamics 365 Business Central Administration Shell (remember to restart the service afterwards):
Import-Module 'C:\Program Files\Microsoft Dynamics 365 Business Central\140\Service\NavAdminTool.ps1'
Set-NavServerConfiguration BC170 -KeyName "ReportAppDomainIsolation" -KeyValue false
Below how it should looks like in the admin console
All responses (
Answers (
1,452
