Hello everyone,

With the upcoming end of TLS 1.0 and 1.1 support there are some changes that will need to be made in Dynamics GP products in order to maintain compatibility.  In this article I will be covering how to create an authorization store in Active Directory to use with Web Services for Microsoft Dynamics GP.

  1. Start > Run type AzMan.msc and click OK to open the Authorization Manager window
  2. Click on Action > Options…, click Developer Mode and click OK
  3. Click on Action > New Authorization Store… 
    1. Select Active Directory or Active Directory Application Mode (ADAM)
    2. Use either Schema version
    3. Store name is in a format of:

      CN=GPWebServices,CN=Program Data,DC=CONTOSO,DC=COM

      Where contoso.com is the FQDN of the domain.


        4. Click OK to close the window

        5. You’ll automatically be connected to your new store. Otherwise you can connect by going to Action > Open Authorization Store.., selecting Active Directory and entering your string or using the Browse.. button and selecting it there

        6. If someone other than the user who created the store will be installing GP Web Services you’ll need to give them permissions

            a. Right-click on GPWebServices store and select Properties

            b. Select the Security tab and add users to the Administrator role as necessary

When installing Web Services for Dynamics GP choose the Active Directory security store option (ADAM is only viable for upgrades from versions that previously used ADAM) and fill in the blanks:

  1. Server: your domain controller
  2. Port: 389
  3. Partition: The string you entered when creating the security store (e.g. CN=GPWebServices,CN=Program Data,DC=CONTOSO,DC=COM)


After the install completes you will use the same Dynamics Security Console to set Role Assignments and change Policy Behaviors.  The only difference is that behind the scenes Dynamic GP Web Services will be pointing to that partition in Active Directory rather than a SQL Server database.