Looks like I am bound to troubleshoot and maintain more today. But since that’s the case, I am having a chance to revisit what I have done while installing and configuring the current GP + CRM + Adapter + WebServices.
Having said that, I just cleared one issue and thought I would share post it.
When we install GP Web Services, a Local User Account called DynamicsGPAdm will be created and it will be added to IIS_WPG and IIS_IUSRS group.
It was all fine till I found that the Dynamics Security Console did not show the necessary details. All I was seeing is a big red X error message and with that a message saying “Console is corrupted or invalid data, blah blah blah…”. Honestly, I was extremely scared to see this, as I was under the impression that everything was fine. I still believe everything was fine, because my GP10-CRM4 Adapter is working as good as it was for the past 2 months.
I had to revisit what I had done to install and checked all IIS Security & Services Security. Everything was perfect till I saw one glaring gap.
The Local User Account DynamicsGPAdm was created with our Server’s Password Policy enforced on it. That means, typically:
1. This account has to change it’s password when it logs on to the server for the first time. (Never happened till date).
2. Password expires in such-and-such days. (The number of days had in fact exceeded in this case).
3. Must meet the Password Requirements. (It obviously didn’t).
Perfect. I kinda hit it on the nail this time.
I first changed the password of this User Account to meet the Password Requirements. Next I did as shown below:
Just make sure that once you install Web Services, the DynamicsGPAdm must be configured as above.
Significance of DynamicsGPAdm: This is the account which is configured in the Identity of DynamicsSecurityAdminServiceAppPool IIS Application Pool, which is the base for Dynamics Security Service and Console.