Install and Configure A Microsoft Dynamics AX Enterprise Portal Server

Installing and Confguring
Microsoft Dynamics AX Enterprise

Portal
White Paper
This document describes ho to install and confgure
Microsoft Dynamics AX Enterprise Portal !"# for Microsoft
Windos $harePoint $er%ices &"# and Microsoft '(ce
$harePoint $er%er"
Date) *une+ ,##-

Contents
Introduction 4
Recommendations 4
Create the Business Connector Proxy account in Active
Directory 4
Install Internet Information Services5
Enable A$P".ET ,"#/
Prepare SQ Server 5
Confgure $01 $er%er ,##/ /
Confgure $01 $er%er ,### ith $P! 2
Install and con!"ure #indo$s SharePoint Services or
%&ce SharePoint Server '
Con!"ure ASP()*+ ,
Add the Business Connector proxy account to the
appropriate #indo$s "roups -
Con!"ure IIS for *nterprise Portal -
Install *nterprise Portal .
Con!"ure and Deploy *nterprise Portal /0
Create an *nterprise Portal site/0
*na1le internal users to access the site //
3ser enlistment 44
3ser relations 44
3ser groups 4,
2erify access /3
*na1le external users to access the site /3
$et up your Internet5facing topology for e6ternal users 4&
$et up a traditional perimeter netor7 for Enterprise Portal 4&
E6ternal user enlistment ,#
I.$TA11 A.D C'.8I93:E A MIC:'$'8T D;.AMIC$ E.TE:P:I$E P':TA1 $E:<E:
,
E6ternal user relations ,#
3ser groups ,#
2erify security and access 3/
Appendix A4 +rou1leshootin" *nterprise Portal 33
Appendix B4 Con!"ure document mana"ement for
*nterprise Portal 35
$pecify hich documents to include in the list of latest documents ,/
Confgure document types and categories ,2
Appendix C4 Set up transaction summaries for
*nterprise Portal 3'
Confgure transaction summaries ,2
Appendix D4 Administer product "roups 3,
$et up product groups ,-
$etting up product group and item presentations ,=
$et up product group or item presentations ,=
Appendix *4 Set up search for *nterprise Portal 3.
$et up the search inde6es ,>
Enable search for $01 $er%er and Windos $harePoint $er%ices &#
Appendix 54 A1out *nterprise Portal roles and user
"roups 6/
:oles and corresponding user groups &4
Employee role &,
$ales role &,
Consultant role &&
<endor role &&
Customer role &!
9uest role &!
Administrator role &!
&
Introduction
3se this document to install and confgure Enterprise Portal for
Microsoft Dynamics AX !"# or Microsoft Dynamics AX !"# ith $er%ice Pac7 ?$P@ 4 on a
computer that is running a Microsoft
A
Windos $er%er
A
,##& operating system"
Recommendations
Before you start to install or confgure Enterprise Portal+ e recommend you do the
folloing)
Install the core Microsoft Dynamics AX components ?fle ser%er+ obCect ser%er+ client+
and database@ before you set up and confgure Enterprise Portal" 8or more
information+ see the Microsoft Dynamics AX Implementation 9uide"
<erify that the core Microsoft Dynamics AX installation meets all reDuirements+ such
as Acti%e Directory
A
directory ser%ices being confgured in nati%e mode" 8or more
information+ see Eardare and $oftare :eDuirements"
<erify that the computer is not a 2!5bit computer" Enterprise Portal is currently not
supported on 2!5bit computers"
Install all ser%ice pac7s for Microsoft
A
$01 $er%erF+ if applicable"
<erify that the computer is not confgured as a Microsoft Dynamics AX reporting
ser%er" The process of updating and generating report models on a report ser%er can
consume memory and processing resources+ hich might interrupt the a%ailability of
your Enterprise Portal site" 8or more information+ see $et up and confgure ad hoc
reporting"
3ninstall Internet *xplorer *nhanced Security Con!"uration ?$tart G Control
Panel G Add or :emo%e Programs G AddH:emo%e Windos Components@"
Create the Business Connector Proxy account in Active
Directory
The Business Connector pro6y account is a Microsoft Windos domain account that
enables Business Connector to act on behalf of Microsoft Dynamics AX users hen users
authenticate ith the Application 'bCect $er%er ?A'$@ %ia a Web broser" ;ou must set up
and confgure the pro6y account+ as described here+ to enable remote users to connect to
Microsoft Dynamics AX by using Enterprise Portal"
1. Create a uniDue user in Acti%e Directory as domainIusername" This user must not
ha%e the same name as an e6isting user in Microsoft Dynamics AX" 8or the procedure
to add a ne user+ see the Acti%e Directory documentation"
," Assign a passord to the user"
3. 'ptional" If you donJt ant the passord for this account to e6pire+ select Pass$ord
does not expire"
4. $elect the )o interactive lo"on ri"hts option"
/" Close Acti%e Directory"
!
Install Internet Information Services
Internet Information $er%ices ?II$@ is the Web platform that hosts Microsoft
A
Windos
A

$harePoint
A
$er%ices ?W$$@ and Enterprise Portal" If you do not install II$+ you can not
install W$$ or Enterprise Portal"
/( Clic7 Start+ clic7 Control Panel+ clic7 Add or Remove Pro"rams+ and then clic7
Add7Remove #indo$s Components"
3( $elect Application server+ and then clic7 Details"
6( $elect ASP()*+ ?and 7eep all other default selections@"
4( $elect Internet Information Services 8IIS9+ and then clic7 Details"
5( <erify that the 5rontPa"e 3003 Server *xtensions chec7 bo6 is cleared"
'( Clic7 %: to complete the installation"
*na1le ASP()*+ 3(0
When you install II$+ A$P".ET 4"4 is enabled" 3se this procedure to enable %ersion ,"#"
/( At the command prompt+ open the folloing directory)
IWI..TIMicrosoft".ETI8rameor7I%,"#"/#-,-
3( Type)
aspnet;re"iis(exe <iru <ena1le
6( After the installation is complete+ type iisreset+ and then press Enter"
Prepare SQL Server
;ou can use Microsoft $01 $er%er ,##/ or Microsoft $01 $er%er ,### ith $er%ice Pac7 !
?or later@ to store information in Microsoft Dynamics AX !"#" ;ou must confgure your $01
ser%er as described here to support Enterprise Portal" If you install Microsoft Windos
$harePoint $er%ices or Microsoft
A
'(ce $harePoint
A
$er%er ith the Microsoft $01 $er%er
,### Des7top Engine ?M$DE@+ you cannot use the search functionality of Enterprise
Portal"
Important On systems that use an Oracle database for Microsoft Dynamics AX, you
must use MSDE for Windos Share!oint Ser"ices"
Confgure $01 $er%er ,##/
1. 'pen Microsoft $01 $er%er Management $tudio ?Start G All Pro"rams G =icrosoft
SQ Server 3005 G =icrosoft SQ Server =ana"ement Studio@"
#. In the left pane+ right5clic7 the $01 ser%er+ and then clic7 Properties"
3. Clic7 Security"
4. 3nder Server Authentication+ clic7 #indo$s Authentication =ode+ and then
clic7 %:"
$. In the left pane+ e6pand the Security node"
%. :ight5clic7 o"ins+ and then select )e$ lo"in"
&. In the o"in name bo6+ enter the name of the Business Connector pro6y as
domainIuser name"
'. In the Default Data1ase list+ select the Dynamics AX database"
(. Clic7 Server Roles+ select d1creator+ and then clic7 %:"
/
Con!"ure SQ Server 3000 $ith SP4
1. 'n the computer that is running $01 $er%er ,### ith $P!+ open Enterprise Manager
?Start G All Pro"rams G SQ Server G *nterprise =ana"er@"
#. In Enterprise Manager+ e6pand =icrosoft SQ Servers+ and then e6pand SQ
Server >roup"
3. :ight5clic7 the $01 $er%er+ and then clic7 Properties"
4. 'n the Security tab+ in the Authentication section+ select #indo$s only+ and then
clic7 %:"
$. In the left pane+ e6pand the Security node"
%. :ight5clic7 o"ins+ and then select )e$ lo"in"
&. In the o"in name bo6+ enter the name of the Business Connector pro6y as
domainIuser name"
'. In the Default Data1ase list+ select the Microsoft Dynamics AX database"
(. Clic7 Server Roles+ select d1creator+ and then clic7 %:"
Install and confure !indo"s SharePoint Services or
#$ce SharePoint Server
This section describes ho to install and confgure Windos $harePoint $er%ices &"# and
'(ce $harePoint $er%er" Windos $harePoint $er%ices &"# is a free donload from
Microsoft" If you intend to use $harePoint $er%er+ you must purchase a license"
Install #indo$s SharePoint Services or %&ce SharePoint Server? and
run the con!"uration $i@ard
4" If Windos $harePoint $er%ices ,"# is currently installed on your ser%er+ uninstall it" In
Control Panel+ clic7 Add or Remove Pro"rams"
," 3ninstall II$+ and reinstall II$ by using the procedure earlier in this document"
&" If you ha%e already installed a Microsoft Dynamics AX client on this computer+ %erify
that the Ax63(exe(con!" fle e6ists in this location on your ser%er) K$ystem Dri%e
KIProgram 8ilesIMicrosoft Dynamics AXI!#IClientIBin" If the fle does not e6ist+ locate
it on your Microsoft Dynamics AX D<D ?in the I:etailIBin directory@ and copy it to the
specifed location"
!" Install the Microsoft
A
".ET 8rameor7 &"# by folloing the instructions at the
Microsoft Donload Center"
/" Install Windos $harePoint $er%ices &"# by folloing the instructions at the Microsoft
Donload Center+ or install $harePoint $er%er by using the product D<D" When you
are prompted+ select the Basic installation"
2" After the installation is complete+ select the option to run the SharePoint Products
and +echnolo"ies Con!"uration iLard"
-" Clic7 )ext"
=" After the iLard completes+ clic7 5inish" $harePoint opens the default team site"
Set the SharePoint authentication provider
Enterprise Portal reDuires Integrated Windos authentication" 3se this procedure to
specify Integrated Windos authentication in Windos $harePoint $er%ices"
4" 'pen the SharePoint Central Administration page ?Start G Administrative
+ools G SharePoint 6(0 Central Administration@"
2
," Clic7 the Application =ana"ement tab"
&" 3nder Application Security+ clic7 Authentication Providers"
!" Clic7 Default" The *dit Authentication page opens"
/" 3nder IIS Authentication Settin"s+ %erify that Inte"rated #indo$s
authentication is selected+ and then select )+="
2" Clic7 Save"
-" Clic7 the %perations tab"
=" 3nder Security Con!"uration+ clic7 Service accounts+ and then clic7 #e1
application pool"
>" In the #e1 Service list+ select #indo$s SharePoint Services #e1 Application"
4#" In the Application Pool list+ select SharePoint < -0+ and then select Con!"ura1le"
44" In the Aser name bo6+ enter the BC pro6y username as domainIuser name"
4," Enter the BC pro6y passord+ and then clic7 %:"
4&" Clic7 Start+ clic7 Run+ type inetm"r+ and then press E.TE: to open Internet
Information $er%ices Manager"
4!" In the left pane+ e6pand the local computer+ e6pand Applications Pools+ right5clic7
the SharePoint Central Admin 26 pool+ and then clic7 Properties"
4/" Clic7 the Identity tab+ and then clic7 Con!"ura1le"
42" Enter the BC pro6y credentials as domainIuser name+ and then clic7 %:"
4-" At the command prompt+ type iisreset 7noforce+ and then press Enter"
Confgure ASP.NET
;ou must ma7e the folloing confguration changes in the Web"confg fle so A$P".ET can
properly e6ecute reDuests for Microsoft Dynamics AX data using Enterprise Portal"
Changes to the Web"confg fle ha%e been noted in 1old font"
1. In a te6t editor li7e .otepad+ open the Web"confg fle" The fle is typically located in
the K$;$TEMD:I<EKIInetpubIroot folder or the K$;$TEMD:I<E
KIInetpubIrootIssI<irtualDirectoriesI=# folder"
#. Press CT:1M8 to open the 5ind dialog bo6"
&" 8ind the folloing tag)
Ntrust le%elOPW$$QMinimalP origin3rlOPP HG
4. :eplace the tag ith this tag)
Ntrust le%elOPW$$Q=ediumP origin3rlOPP HG
$. 8ind the folloing tag)
Nhttp:untime ma6:eDuest1engthOP/4,##P HG
%. :eplace the tag ith this tag)
Nhttp:untime execution+imeoutBC'000C ma6:eDuest1engthOP/4,##P HG
-" Add the folloing items to the list of NsafecontrolsG)
-
<SafeControl Assembly="Microsoft.Dynamics.WebParts, Version=4.0.0.0,
Culture=neutral, Publicey!o"en=#$bf#%&'a(#'4e#&"
)ames*ace="Microsoft.Dynamics.WebParts" !y*e)ame="+" Safe="!rue" ,-
<SafeControl Assembly="Microsoft.Dynamics.Clr.ri(/e, Version=4.0.0.0,
Culture=neutral, Publicey!o"en=#$bf#%&'a(#'4e#&" )ames*ace="Clr0ntero*"
!y*e)ame="+" Safe="!rue" ,-
'. To sa%e your changes+ press CT:1M$"
(. Close the Web"confg fle"
1). At the command prompt+ type iisreset 7noforce+ and then press Enter"
Add the Business Connector proxy account to the
appropriate !indo"s roups
1. 'pen Computer =ana"ement ?Start G All Pro"rams G Administrative +ools@"
#. E6pand ocal Asers and >roups+ and then clic7 >roups"
3. :ight5clic7 the Performance =onitor Asers group+ and then clic7 Add to "roup"
4. Clic7 Add"
$. Enter the BC pro6y name as domainIuser name+ and then clic7 %:"
2" :epeat this process for the folloing groups)
Poer users
II$QWP9
W$$QWP9
Confure IIS for %nterprise Portal
Complete the folloing procedures+ in order+ to confgure II$ authentication and
application pool settings for Enterprise Portal"
Set IIS to use #indo$s Inte"rated authentication
4" Clic7 Start+ clic7 Run+ type inetm"r+ and then press E.TE: to open II$ Manager"
," :ight5clic7 the #e1 sites directory+ and then clic7 Properties"
&" 'n the Directory Security tab+ in the Authentication and access control section+
clic7 *dit"
!" $elect Inte"rated #indo$s authentication+ and then clic7 %:"
/" Accept the changes for all Web sites"
Set the application pool identity
4" In the left pane of II$ Manager+ e6pand Application Pools"
," :ight5clic7 the $harePoint $er%ices content application pool ?not the administration
application pool@+ and then clic7 Properties"
&" 'n the Identity tab+ select Con!"ura1le"
!" Enter the Business Connector pro6y account username and passord as domainIuser
name"
/" Clic7 Apply+ and then clic7 %:"
=
2" :ight5clic7 the $harePoint $er%ices application pool again+ and then select Recycle"
2erify that the #indo$s SharePoint Services sites are usin"
ASP()*+ 3(0
4" In the left pane of II$ manager+ e6pand the #e1 sites directory"
," :ight5clic7 the SharePoint D -0 site+ and then clic7 Properties"
&" Clic7 the ASP()*+ tab"
!" In the ASP()et version list+ %erify that v3(0(50,3, is selected" If it is not selected+
select it no"
Note *f you do not ha"e the o+tion to select v2.0.5.727, restart **S ,at the
command +rom+t, ty+e iisreset, and then +ress Enter-. After **S restarts, select
v2.0.50727 in the ASP.NET version list.
/" Clic7 %:"
2" :epeat this process for the SharePoint Central Administration 6(0 site"
-" At the command prompt+ type iisreset 7noforce+ and then press Enter"
Install %nterprise Portal
4" Insert the Microsoft Dynamics AX D<D into your computerJs D<D dri%e" If the
Microsoft Dynamics AX $etup WiLard does not open automatically+ double5clic7 the
Autorun(hta fle in the root directory of the D<D"
," 'n the Select installation type page+ clic7 Custom installation+ and then clic7
)ext"
&" 'n the Select computer role page+ select *P server+ and then clic7 )ext to
complete the iLard"
Confure and Deploy %nterprise Portal
1. In the Microsoft Dynamics AX client+ open the Enterprise Portal Confguration WiLard
?Administration G Setup G Internet G *nterprise Portal G Con!"uration
#i@ard@"
#. Clic7 )ext"
3. 'n the Con!"ure user "roups page+ specify the groups that you ant to use" The
list shon in the iLard is based on a%ailable licenses"
4. 'n the Con!"ure the Business Connector Proxy page+ enter the Business
Connector pro6y credentials"
$. 'n the =ap document types to document cate"ories page+ select a document
category for each document type in the list" ;ou can perform this mapping later" 8or
more information about document categories and document management+ see
RAppendi6 B) Confgure document management for EPS later in this document"
%. 'n the Con!"ure module document cate"ories page+ right5clic7 each module to
hich you ant to add a category+ clic7 )e$ cate"ory+ and select a category"
&. 'n the Con!"ure document mana"ement page+ type the number of days that
documents should be included in the list of latest documents"
'. 'n the Con!"ure transaction summaries page+ specify a schedule for generating
transaction summaries that are displayed on EP"
>
(. Clic7 )ext to complete the iLard" The =ana"e *nterprise Portal Deployments
form opens"
1). $elect *na1led for your $harePoint content site+ for e6ample+ htt+.// servername"
Create an %nterprise Portal site
1. In the Microsoft Dynamics AX client+ open the #e1 sites form ?Administration G
Setup G Internet G *nterprise Portal G #e1 sites@"
#. Clic7 Create site" The Create Site Collection page opens"
3. Ensure that the SharePoint D -0 site is the acti%e Web application" In the #e1
Application list+ select Chan"e #e1 Application"
4. $elect the SharePoint D -0 application+ and then clic7 %:"
$. Enter a name ?for e6ample+ companynameQEP@"
%. Enter a Web address ?for e6ample+ htt+.// servername /sites/E!@"
&. 3nder +emplate Selection+ clic7 Custom+ and then select one of the folloing
options)
'ption Description
Microsoft Dynamics Enterprise Portal Create personaliLed+ role5based Web
portals so that specifc customers+
%endors+ business partners+ and
employees can access business
information and conduct transactions"
Microsoft Dynamics Public Create Web sites for customers and
prospecti%e customers" ;ou can publish
rele%ant product and campaign information
from Microsoft Dynamics AX+ or create
sur%eys that store data in
Microsoft Dynamics AX" By default+
Customer Web allos anonymous access
to the site"
'. Clic7 %:"
>" Enter administrator details"
1). 1ea%e Quota +emplate set to )o Quota+ and then clic7 %:" Windos $harePoint
$er%ices &"#H$harePoint $er%er creates the Web site"
11. Clic7 the 3:1 on the +op<evel Site Successfully Created page"
1#. 'n the Re"ister Site page+ select a company ith hich you ant to associate the
site+ and then clic7 Re"ister"
%na&le internal users to access the site
By default+ only the administrator ho installed and deployed Enterprise Portal can
access the site" To grant internal users ?employees of your organiLation or company@
access to the site+ you must do the folloing)
4" <erify that the user is listed on the Asers form in Microsoft Dynamics AX
," $pecify the userJs relation to the company ?internal@ on the Aser relations form
&" Add each user to an Enterprise Portal group on the Aser "roups form
4#
Aser enlistment
<erify that each user is listed on the Asers form in Microsoft Dynamics AX" If the user is
not listed+ then add the user no"
4" 8rom a Microsoft Dynamics AX client+ open the Asers form ?Administration G
Asers@"
," 'n the %vervie$ tab+ create ne users+ or clic7 Import to access the Active
Directory Import #i@ard"
Aser relations
When you set user relations+ you)
$pecify the user type ?internal or e6ternal@
Associate the user ith a Web site
Assign the user to a site group ?hich determines the userJs permissions for
adding+ deleting+ or editing the Enterprise Portal site using $harePoint $er%ices@
To set user relations
13. 0rom a Microsoft Dynamics AX client, o+en the User relations form
,Administration 1 Setup 1 User relations-.
14. 'n the %vervie$ tab+ clic7 the #i@ard button"
1$. Complete the iLard to specify user relations and thereby enable internal users to
access the Enterprise Portal site"
Aser "roups
After you ha%e added a user on the Asers form and specifed relations on the Aser
relations form in Microsoft Dynamics AX+ you must add each user to a group" 9roup
permissions determine hat data a user sees on Enterprise Portal" If a user does not
belong to a group in Dynamics AX+ the user cannot access the Enterprise Portal site" If a
user is a member of a group+ but that group does not ha%e Enterprise Portal5specifc
permissions+ then the user might be able to access the site+ but they might not see data"
Dynamics AX automatically creates se%eral Enterprise Portal groups hen you run the
Enterprise Portal Confguration iLard" Complete the folloing procedure to add each
user to an Enterprise Portal group and thereby grant that user access to the site"
1. 0rom a Microsoft Dynamics AX client, o+en the Users form ,Administration 1
Users-.
#. 'n the %vervie$ tab+ select a user"
3. 'n the >roups tab+ select all the user groups in the Remainin" "roups list that
correspond to the userTs Enterprise Portal roles"
8or more information about ho to determine hich user groups correspond to the
userTs Enterprise Portal roles+ see RAppendi6 8) About EP roles and user groupsS later
in this document"
4. Clic7 1E8T A::'W to mo%e the selected groups into the Selected "roups list"
/" Press CT:1M$ to sa%e changes"
'erify access
The internal user?s@ should no be able to access Enterprise Portal by entering the
Enterprise Portal 3:1 in a Web broser" If users ha%e trouble accessing the site+ %erify
44
group permissions in Microsoft Dynamics AX or see Appendi6 A) Troubleshooting
Enterprise Portal"
%na&le external users to access the site
By default+ only the administrator ho installed and deployed Enterprise Portal can
access the site" To grant e6ternal users ?%endors+ customers+ or employees ho are not
connected to your netor7@ access to the site+ you must do the folloing)
4" $et up your Internet5facing topology for e6ternal users
," $et up a perimeter netor7 for Enterprise Portal ?a traditional perimeter netor7 is
recommended o%er a standard perimeter netor7@
&" <erify that e6ternal users are listed on the Asers form in Microsoft Dynamics AX
!" $pecify the userJs relation to the company ?e6ternal@ on the Aser relations form
/" Add each user to an Enterprise Portal group on the Aser "roups form
Set up your Internet<facin" topolo"y for external users
1. 8rom a Microsoft Dynamics AX client+ open the *xternal #e1 users form
?Administration G Setup G Internet G *xternal #e1 users@"
#. $elect the type of Internet5facing topology that you are using+ and fll in the reDuired
information"
Set up a traditional perimeter net$orE for *nterprise Portal
A traditional perimeter netor7 enhances the security of your Enterprise Portal
computing en%ironment by using to frealls and to domain controllers to restrict
access to Microsoft Dynamics AX data" This section pro%ides an o%er%ie of such a
netor7 and describes ho to confgure ports on the freall de%ices and ho to
establish the appropriate trust le%el beteen domain controllers"
Important) If you donJt ha%e e6perience setting up and confguring netor7 security+
contact your Microsoft Certifed Partner for assistance" 8ailure to set up a perimeter
netor7 correctly can ma7e your computing en%ironment %ulnerable to security threats"
If a traditional perimeter netor7 is not a %iable solution for your Enterprise Portal
en%ironment+ consider setting up a standard perimeter netor7 by using Microsoft
Internet $ecurity and Acceleration ?I$A@ $er%er and a single freall de%ice" ;our Microsoft
Dynamics AX !"# D<D includes P.Confg$etup"e6e and the Microsoft Perimeter .etor7
Installation 9uide"doc to help you set up and confgure a standard perimeter netor7"
4,
%vervie$ of a traditional perimeter net$orE
A traditional perimeter netor7 contains to Acti%e Directory domain controllers
separated by freall de%ices in to distinct netor7s+ as shon in 8igure 4"
8igure 4) Traditional perimeter netor7
2he +erimeter netor3 contains the Enter+rise !ortal Web ser"er that is runnin4 *nternet
*nformation Ser"ices %.) and a Microsoft Acti"e Directory5 directory ser"ices domain
controller. 2he +erimeter domain controller contains any users ho are e6ternal to the
or4ani7ation and ho re8uire Enter+rise !ortal access. 2hese users are set u+ in the
+erimeter domain controller as follos.
E6ternal users ha"e no ri4hts in the internal domain.
E6ternal users cannot lo4 on locally.
E6ternal uses cannot access the netor3.
2he internal netor3 contains a com+lete installation of Microsoft Dynamics AX,
includin4.
An Acti"e Directory domain controller that contains all internal Microsoft
Dynamics AX users.
A database that stores Microsoft Dynamics AX data and a list of internal and
e6ternal Microsoft Dynamics AX users.
A Microsoft Dynamics AX A++lication Ob9ect Ser"er ,AOS-.
The internal domain controller has a one5ay trust ith the perimeter domain controller"
A one5ay trust means that information that is sent by the internal domain controller is
trusted+ but information that is sent by the perimeter domain controller is not trusted+
hich enhances netor7 security by ensuring that the perimeter domain controller is not
able to tell the internal domain controller hich users are internal to the domain or hich
users are administrators" If information that is sent by the perimeter domain as trusted+
a malicious user might compromise the internal domain controller and thereby access
data in the internal domain"
4&
Settin" up a traditional perimeter net$orE
This section describes ho to confgure ports and a one5ay trust for a traditional
perimeter netor7 that supports Microsoft Dynamics AX !"# Enterprise Portal"
Con!"ure ports
This section describes ho to confgure ports in the perimeter netor7 and the internal
netor7 so that users can access the appropriate Microsoft Dynamics AX information
through Enterprise Portal" Table 4 at the end of this section pro%ides a complete list of
ports and the associated direction+ connection+ and connection type information" 8igure ,
describes hich ports are used hen processing a reDuest for an Enterprise Portal Web
site"
8igure ,) A reDuest for an Enterprise Portal page
A reDuest is processed as follos)
4" By default+ the Enterprise Portal Web ser%er pic7s up the reDuest from the freall
on TCP port =# ?or !!& if your Web ser%er is confgured for $ecure $oc7ets 1ayer
U$$1V encryption@" The freall must+ therefore+ ha%e port =# or !!& open for
incoming Internet reDuests" All outbound tra(c is permitted+ hich means that all
ports are open for tra(c going from the perimeter netor7 to the Internet"
," After the Web ser%er recei%es the reDuest+ it sends the reDuest to the perimeter
domain controller on 3DP port /& to %erify if the user is an e6ternal or internal
user"
&" The perimeter domain controller and the internal domain controller communicate
by using %arious ports+ as shon in Table 4 at the end of this section"
!" The perimeter domain controller identifes the user and then returns the reDuest
to the Web ser%er on 3DP port /&"
/" The Web ser%er authenticates the user and then sends the reDuest to the A'$
ser%er on TCP port ,-4," The Web ser%er and the A'$ ser%er communicate by
using the Business Connector pro6y account"
2" The A'$ ser%er communicates ith the Dynamics AX $01 $er%er database on port
4!&&"
4!
-" After the A'$ retrie%es the necessary data from the database+ it returns the
reDuest to the Web ser%er on TCP port ,-4,+ by default"
=" The Web ser%er completes the reDuest by sending the internal page as defned in
the 3ser :elations form in Microsoft Dynamics AX to port =# or !!&"
Table 4) Ports for a traditional perimeter netor7 to support Microsoft Dynamics AX !"#
Enterprise Portal
Port Direction Connection +ype )otes
=# or !!&
?by
default@
InboundH
'utbound
Perimeter freall to the EP
Web ser%er
TCP <erify hich
ports are used
in your
en%ironment
,-4, ?by
default@
InboundH
'utbound
Enterprise Portal $er%er to
Microsoft Dynamics A'$ AX
TCP <erify hich port
is used in your
en%ironment
/& InboundH
'utbound
D.$ 3DP .one
4&/ 'utbound Internal domain controller to
perimeter domain controller
TCP .one
4&/ Inbound Perimeter domain controller
to internal domain controller
TCP .one
!!/ 'utbound Internal domain controller to
TCP .one
!!/ Inbound Perimeter domain controller
TCP .one
42&= 'utbound Internal domain controller to
TCP .one
42&= Inbound Perimeter domain controller
TCP .one
&=> 'utbound Internal domain controller to
3DP .one
&=> Inbound Perimeter domain controller
3DP .one
.one 'utbound Internal domain controller to
3DP
eDuals
domain
.one
.one Inbound Perimeter domain controller
3DP
eDuals
Domain
.one
If necessary+ use Telnet or .etmon to %erify these ports" 8or more information about
confguring freall ports+ see Eo to confgure a freall for domains and trusts"
Con!"ure D)S
The folloing procedures describe ho to confgure your Domain .ame $ystem ?D.$@ to
create a one5ay trust beteen the domain controllers in your netor7" 8or Enterprise
Portal+ the perimeter netor7 domain controller should trust the internal domain
4/
controller+ but the internal domain controller should not trust the perimeter domain
controller"
To create the one5ay trust+ you must complete the folloing procedures)
1. :onfi4ure 7one transfers on both domain controllers
#. :reate a secondary 7one on both domain controllers
3. :reate trust from the internal domain controller to the +erimeter domain
controller
Con!"ure @one transfers on 1oth domain controllers
Complete this procedure to ensure that the domain controllers can communicate ith
each other"
4" 1og on to the internal domain controller by using an account that is a member of
the Domain Administrators group"
," 'pen D)S ?$tart G Programs G Administrati%e Tools@"
&" In the D.$ console+ e6pand the local name ser%er"
!" E6pand 5or$ard ooEup Fones+ right5clic7 the domain name+ and then clic7
Properties"
/" Clic7 the Fone +ransfers tab"
2" $elect Allo$ Fone +ransfers+ and then select %nly to the 5ollo$in" Servers"
-" Enter the IP address for the perimeter netor7 domain controller+ and then clic7
Add"
=" Clic7 %:+ and then restart the D.$ ser%er"
:epeat this procedure for the perimeter domain controller"
42
Create a secondary @one on 1oth domain controllers
Complete this procedure to ensure that the domain controllers 7no each othersJ 8ully
0ualifed Domain .ame"
4" 1og on to the internal domain controller by using an account that is a member of
the Domain Administrators group"
," 'pen D)S ?$tart G Programs G Administrati%e Tools@"
&" In the D.$ console+ e6pand the local name ser%er"
!" :ight5clic7 5or$ard ooEup Fones? clic7 )e$ Fone? and then clic7 )ext"
/" 'n the Fone type page+ select Secondary @one? and then clic7 )ext"
2" 'n the Fone )ame page+ enter the 8ully 0ualifed Domain .ame of the perimeter
netor7+ and then clic7 )ext"
-" Enter the IP address for the perimeter domain controller+ and then clic7 )ext"
=" Clic7 5inish to complete the iLard+ and then restart the D.$ ser%er"
:epeat this procedure for the perimeter domain controller"
Create trust from the internal domain controller to the perimeter domain
controller
Complete this procedure to set up the one5ay trust"
4" 1og on to the perimeter domain controller by using an account that is a member
of the Domain Administrators group"
," 'pen Active Directory Domains and +rusts ?$tart G Programs G
Administrati%e Tools@"
&" In the console tree+ right5clic7 the domain name for the domain that you ant to
administer+ and then clic7 Properties"
!" Clic7 the +rust tab"
/" Clic7 )e$ +rust+ and then clic7 )ext"
2" 'n the +rust )ame page+ enter the 8ully 0ualifed Domain .ame for the internal
domain+ and then clic7 )ext"
-" $elect %ne #ay4 %ut"oin"? and then clic7 )ext"
=" $elect Both this domain and the speci!ed domain? and then clic7 )ext"
>" Enter the domain administrator credentials for the internal domain+ select
Domain #ide Authentication? and then clic7 )ext"
4#" Clic7 )ext tice+ and then clic7 Ges to confrm outgoing trust"
44" Clic7 5inish"
Important) The II$ ser%er and the A'$ ser%er cannot communicate unless the II$ ser%er
can resol%e the A'$ IP address and name by using an 1MEosts fle. ;ou must create an
1MEosts fle to resol%e .etBI'$ names as described in the folloing section"
)ame resolution
Microsoft Dynamics AX uses the :emote Procedure Call ?:PC@ to communicate ith the
Application 'bCect $er%er ?A'$@" .etBI'$ is a reDuirement of :PC" The II$ ser%er and the
A'$ ser%er cannot communicate unless the II$ ser%er can resol%e the A'$ IP address and
name by using an 1MEosts fle"
4-
To resol%e the computer names)
4" Create an 1MEosts fle on the II$ ser%er in the perimeter netor7" 8or information
about ho to create this fle+ see Eo to Write an 1MEosts 8ile for Domain
<alidation and 'ther .ame :esolution Issues"
," Add the A'$ IP address and the A'$ name in the 1MEosts fle on the II$ ser%er"
5reHuently asEed Huestions a1out *nterprise Portal and a +raditional
Perimeter )et$orE
4" Eo does Enterprise Portal ?on the II$ Web ser%er in the perimeter netor7@
communicate ith the A'$ ser%er in the internal netor7W
Anser) Enterprise Portal communicates ith the A'$ ser%er through the
Business Connector pro6y account by using the Business Connector
noninteracti%e client confguration on the II$ ser%er" 8or more information about
Business Connector+ see $etting up and confguring Business Connector"
," WhatJs the diXerence beteen internal users and e6ternal usersW
Anser) Internal users are typically your employees" These users are listed and
%alidated on the internal domain controller" E6ternal users are typically %endors or
customers" These users are listed and %alidated on the e6ternal domain controller"
Both account types are set up and confgured in Microsoft Dynamics AX as user
accounts+ but e6ternal users reDuire additional confguration to establish proper
security" $pecifcally+ e6ternal users must be listed on the E6ternal Web 3sers
form ?Administration G $et up G Internet G E6ternal Web 3sers@"
=ore information
8or more information about netor7 security+ see the folloing documents on
Microsoft"com)
Securin4 ;our <etor3
.<E2 0rameor3 Security. Securin4 ;our <etor3
:hec3list. Securin4 ;our <etor3
*nternal 0ireall Desi4n
!erimeter 0ireall Desi4n
Ad"anced 0ireall in a !erimeter <etor3
Microsoft =noled4e >ase Article. ?o to confi4ure a fireall for domains and trusts
*xternal user enlistment
<erify that each user is listed on the Asers form in Microsoft Dynamics AX" If the user is
not listed+ then add the user no"
4" 8rom a Microsoft Dynamics AX client+ open the Asers form ?Administration G
Asers@"
4=
," 'n the %vervie$ tab+ create ne users+ or clic7 Import to access the Active
Directory Import #i@ard"
)%+*) The E6ternal option on the 3sers form is read5only" This option is automatically
selected once Microsoft Dynamics AX locates the user in the e6ternal domain
controller"
*xternal user relations
When you set user relations+ you)
$pecify the user type ?e6ternal@
Associate the user ith a Web site
Assign the user to a site group ?hich determines the userJs permissions for
adding+ deleting+ or editing the Enterprise Portal site using $harePoint $er%ices@
To set user relations
1. 0rom a Microsoft Dynamics AX client, o+en the User relations form
,Administration 1 Setup 1 User relations-.
#. On the Overview tab, clic3 the Wiard button.
3. Complete the iLard to specify user relations and thereby enable e6ternal users to
access the Enterprise Portal site"
Aser "roups
After you ha%e added a user on the Asers form and specifed relations on the Aser
relations form in Microsoft Dynamics AX+ you must add each user to a group" 9roup
permissions determine hat data a user sees on Enterprise Portal" If a user does not
belong to a group in Dynamics AX+ the user cannot access the Enterprise Portal site" If a
user is a member of a group+ but that group does not ha%e Enterprise Portal5specifc
permissions+ then the user might be able to access the site+ but they might not see data"
Dynamics AX automatically creates se%eral Enterprise Portal groups hen you run the
Enterprise Portal Confguration iLard" Complete the folloing procedure to add each
user to an Enterprise Portal group and thereby grant that user access to the site"
1. 0rom a Microsoft Dynamics AX client, o+en the Users form ,Administration 1
Users-.
#. 'n the %vervie$ tab+ select a user"
3. 'n the >roups tab+ select all the user groups in the Remainin" "roups list that
correspond to the userTs Enterprise Portal roles"
8or more information about ho to determine hich user groups correspond to the
userTs Enterprise Portal roles+ see RAppendi6 8) About EP roles and user groupsS later
in this document"
4. Clic7 1E8T A::'W to mo%e the selected groups into the Selected "roups list"
/" Press CT:1M$ to sa%e changes"
'erify security and access
To %erify the security of your Enterprise Portal en%ironment and you traditional perimeter
netor7+ create a user in the perimeter domain controller+ and then confgure the user as
an e6ternal user in Microsoft Dynamics AX"
4>
After you create the e6ternal user+ access an Enterprise Portal e6ternal site ?for e6ample+
a page li7e a Duestionnaire that has been set up for e6ternal access@" The e6ternal user
should be able to access the e6ternal site"
.e6t+ try to access an internal Enterprise Portal site" <erify that the e6ternal user recei%es
an Access Denied error or is redirected to the e6ternal site ?depending on ho you
confgured Enterprise Portal and II$@"
,#
Appendix A( )rou&leshootin %nterprise Portal
If the resolution for an EP problem is not ob%ious+ chec7 the Windos Application E%ent
<ieer for errors ?Start G Administrative +ools G Computer =ana"ement G *vent
2ie$er G Application@" These application e%ents can pro%ide clues to the source of the
problem"
Gou receive an error messa"e that contains a phrase such as Cassem1ly
not found?C Ccould not 1e created?C or Cthre$ an exception(C
;ou might not ha%e A$P".ET ,"# installed or registered" 8or more information+ see REnable
A$P".ET ,"#S earlier in this document"
Gou receive an error messa"e that contains a phrase such as Caccess
deniedC or Cdo not have permission?C or you receive one of the
follo$in" speci!c messa"es4
CCannot add the speci!ed assem1ly to the "lo1al assem1ly cacheC
or C$6$p(exe unhandled exception
8System(Anauthori@edAccess*xception9C
C)o ()*+ Business Connector session foundC
<erify the folloing)
The Business Connector pro6y e6ists in Acti%e Directory"
The Business Connector is a member of the d1creator role in $01 $er%er"
The Business Connector pro6y is a member of the Performance =onitor Asers+
Po$er Asers+ IIS;#P>+ and #SS;#P> Windos groups"
The II$ application pool identity for your $harePoint =# site uses the Business
Connector pro6y ?see RConfgure II$ for $harePoint $er%ices and EPS earlier in this
document@"
That you are a member of the Admin group in Microsoft Dynamics AX and a
member of the Administrators group on the ser%er"
#hen you open the =ana"e *nterprise Portal Deployments form in
=icrosoft Dynamics AI? you receive the follo$in" error messa"e4
JClr o1Kect is not initiali@ed(L
<erify that the Ax63(exe(con!" fle e6ists in the folloing location on your ser%er that is
running Microsoft Dynamics AX) K$ystem Dri%eKIProgram 8ilesIMicrosoft Dynamics
AXI!#IClientIBin" If the fle does not e6ist+ locate it on your Microsoft Dynamics AX D<D
?in the I:etailIBin directory@+ and copy it to the specifed location"
If the problem persists+ %erify that you entered the N$afeControlG entries that are
specifed in the RConfgure A$P".ETS section of this hite paper" After you ha%e %erifed
these items+ use the =ana"e *nterprise Portal Deployments form to enable and
update the Web site"
Gou cannot locate or install *nterprise Portal templates
;ou must use an EP template hen you create your top5le%el Web site in Windos
$harePoint $er%ices" If you do not see EP public or pri%ate templates on the Custom tab
in Windos $harePoint $er%ices+ follo this procedure)
,4
1. 3se Windos E6plorer to %erify that the templates e6ist on the ser%er" By default+ the
templates are stored in the folloing folder) C)IInetpubIrootIpcatalog" If this
folder does not e6ist+ EP as installed incorrectly" 3ninstall and reinstall EP"
#. If the templates are on the ser%er+ redeploy the Web site" 8rom a
Microsoft Dynamics AX client on your EP ser%er+ open the Manage deployments form
?Administration G Setup G Internet G *nterprise Portal G =ana"e
deployment@"
3. Clear the Ena!led chec7 bo6 for the %irtual ser%er" When you are prompted+ clic7 ;es
to remo%e the deployment"
4. $elect the Ena!led chec7 bo6 for the %irtual ser%er" A message states that the Web
parts are deployed successfully"
$. In Windows S"arePoint Administration+ clic7 the #reate a top$level We! Site
lin7+ and %erify that EP templates are no in the templates list"
Gou receive the error messa"e? C+he #e1 site
http477server7sites7site*name $as not created correctly( *xception4
)o ()*+ Business Connector session could 1e found(C
The Business Connector might not be confgured correctly" To %erify the confguration+
follo this procedure)
1. 'n the ser%er that runs II$ and hosts your EP site+ open the Microsoft Dynamics AX
Confguration 3tility ?Start G Administrative Tools G %i&roso't ()nami&s A*
#on'i+uration Utilit)@"
#. In the #on'i+uration tar+et list+ clic7 ,usiness #onne&tor -non$intera&tive use
onl)..
3. 'n the #onne&tion tab+ %erify the ser%er name and the TCPHIP port" If the port is
blan7+ you can assume that the A'$ is running on port ,-4," To %erify the actual port
on the A'$ ser%er+ %ie Dynamics Information e%ents in the application e%ent log
after the A'$ has started"
4. If it is necessary+ update the confguration+ or create a ne confguration ?clic7
%ana+e G #reate &on'i+uration@"
Gou receive the error messa"e? Chttp477server7sites7site*name $as not
created correctly( *xception4 +hread $as 1ein" a1orted(C
This error occurs hen you are creating a ne+ top5le%el Web site in Windos $harePoint
Administration" A connection times out after you select the Microsoft Dynamics AX
template" To resol%e this problem+ follo these procedures)
Change the Connection time5out and Ettp Yeep5Ali%e properties on the ser%er that
runs II$"
Change connection time5out properties in the Web"confg fle"
Chan"e the Connection time<out and M++P :eep<Alive properties on the server
that runs IIS
1. Clic7 Start+ clic7 Run+ type inetm"r+ and then press E.TE: to open the II$ Manager"
#. E6pand the local computer+ e6pand the #e1 sites directory+ right5clic7 the Web site
that hosts your EP site ?typically the Default Web site@+ and then clic7 Properties"
3. 'n the #e1 site tab+ specify a ne %alue in the Connection timeout feld" The
default %alue is 4,# seconds"
,,
8or e6ample+ if the ser%er reDuires up to ! minutes to create a ne site by using EP
templates+ specify a %alue of ,!# seconds"
4. $elect *na1le M++P :eep<Alives ?if it is not selected@+ and then clic7 %:"
$. At a command prompt+ enter iisreset+ and then press E.TE: to restart II$"
Chan"e connection time<out properties in the #e1(con!" !le
1. In a te6t editor+ such as .otepad+ open the Web"confg fle) K$;$TEMD:I<E
KIInetpubIroot
5or5
K$;$TEMD:I<EKIIInetpubIrootIssI<irtualDirectoriesI=# folder
#. Press CT:1M8 to open the 5ind dialog bo6"
&" 8ind the folloing tag)
Nhttp:untime ma6:eDuest1engthOP/4,##P HG
!" :eplace it ith this tag)
Nhttp:untime execution+imeoutBC'000C ma6:eDuest1engthOP/4,##P HG
$. 8ind the folloing tag ?you might ha%e to search from the beginning of the fle@)
NHsection9roupG
2" Add the folloing tags on ne lines after the NHsection9roupG tag)
Nsection9roup nameOPDynamicsAXPG
Nsection nameOPDeploymentP typeOP$ystem"Confguration"$ingleTag$ectionEandler+
$ystem+ <ersionO4"#"/###"#+ CultureOneutral+
PublicYeyTo7enOb--a/c/24>&!e#=>P HG
NHsection9roupG
-" 8ind the folloing tag)
NH$harePointG
'. Add the folloing tags on ne lines after the NH$harePointG tag)
NDynamicsAXG
NDeployment $iteCreationTime'utOP4,##P HG
NHDynamicsAXG
(. $a%e your changes+ and close the Web"confg fle"
1). At the command prompt+ type iisreset+ and then press E.TE:"
11. Try to create the top5le%el Web site in SharePoint Portal Administration"
After *nterprise Portal is installed? the Application Inte"ration
5rame$orE doesnNt $orE
8or Application Integration 8rameor7 ?AI8@ to run on the same computer as Windos
$harePoint $er%ices and EP+ the %irtual directory that AI8 is using must be e6cluded from
the $harePoint managed path"
1. 'pen the SharePoint Central Administration page ?Start G All Pro"rams G
Administrative +ools G SharePoint Central Administration@"
#. Clic7 Con!"ure virtual server settin"s+ and then clic7 the name of the site that
you are managing"
3. 3nder 2irtual Server =ana"ement+ clic7 De!ne mana"ed paths"
4. 3nder Add a )e$ Path+ enter the AI8 %irtual directory path+ select *xcluded path+
and then clic7 %:"
,&
Gou receive the error messa"e? CAn IOO exception has occurredC
Microsoft Dynamics AX allos for one EP site per company" <erify that the company you
are logged on to does not already ha%e a registered EP site by opening the Web sites
form ?Administration G Setup G Internet G *nterprise Portal G #e1 sites@"
Appendix B( Confure document manaement for
%nterprise Portal
EP integrates Microsoft Dynamics AX document management functionality ith the
Microsoft $harePoint user interface" Therefore+ users can perform many of the same
document management tas7s from EP that they can perform from the Document
handling form in the Microsoft Dynamics AX client application"
8or e6ample+ users can perform the folloing document management tas7s in EP)
Add or delete a document ?note or fle@ from a Microsoft Dynamics AX record"
<ie or edit the properties of a document that is attached to a Microsoft Dynamics AX
record"
'pen a document that is attached to a Microsoft Dynamics AX record"
<ie a list of all documents for single record or a specifc record type"
<ie a list of the latest documents for a single record or a list of
Microsoft Dynamics AX records"
Specify $hich documents to include in the list of latest
documents
;ou can specify the number of days that ne documents are shon in the list of latest
documents in EP"
1. 8rom a Microsoft Dynamics AX client+ open the Enterprise Portal parameters form
?Administration G Setup G Internet G *nterprise Portal G Parameters@"
#. Clic7 the Documents tab"
3. In the )um1er of days feld+ type the number of days that you ant ne documents
to be included in the list of latest documents"
Con!"ure document types and cate"ories
;ou can use the Confguration iLard to determine hich document types are associated
ith document categories in EP and to map document categories to specifc modules"
1. 8rom a Microsoft Dynamics AX client+ open the Enterprise Portal Confguration WiLard
?Administration G Setup G Internet G *nterprise Portal G Con!"uration
$i@ard@"
#. 'n the =ap document types to document cate"ories page+ select a document
category for each document type in the list+ and then clic7 )ext"
3. 'n the Con!"ure module document cate"ories page+ right5clic7 each module to
hich you ant to add a category+ clic7 )e$ cate"ory+ and select a category" Clic7
)ext to continue the confguration iLard"
,!
Appendix C( Set up transaction summaries for
%nterprise Portal
To display any of the folloing transaction summaries in Web parts in EP+ you must
confgured the transaction summary batch Cob)
Purchase totals including Duantity+ amount+ eight+ and %olume
Customer balances
In%entory on hand
<endor balances
;ou confgure a transaction summary batch Cob by doing the folloing)
Create a batch group" Batch groups enable you to add a group of batch Cobs to the
processing list at the same time"
Associate the transaction summary batch Cob ith a batch group+ and confgure the
freDuency ith hich the batch Cob is processed"
Add the batch group to the processing list"
Con!"ure transaction summaries
;ou can use the Transaction summary form to set the freDuency ith hich transaction
summaries are generated"
1. 'pen the Transaction summary form ?Administration G Setup G Internet G
*nterprise Portal G +ransaction summary@"
#. Associate the transaction summary to a group from the Batch "roup list"
3. $elect the Batch processin" chec7 bo6 to run the Cob as a batch ithout associating
the Cob ith a batch group"
4. Clic7 Recurrence to set the freDuency ith hich the transaction summary is run"
$. Clic7 %:"
Start 1atch processin"
1. 'pen the $et up batch processing form ?Basic G Periodic G Batch G Processin"@"
#. In the >roup list+ select the batch group that you ha%e associated ith the
transaction summary Cob+ and then clic7 %:"
The Cob starts to process on the schedule that you defned"
Appendix D( Administer product roups
The products in the in%entory table must be organiLed and fltered into product groups
before they can be presented in EP" The product groups are organiLed in a tree structure
ith to possible node types)
9roup node Z This node is used to hold item nodes and group nodes on a loer le%el
in the product group hierarchy"
Item node Z This node is used to hold the selected product items from your in%entory"
Set up product "roups
1. 8rom a Microsoft Dynamics AX Client+ open the Product groups form ?Administration
G Setup G Internet G *nterprise Portal G !roduct catalo4 mana4er G Product
"roups@"
,/
#. To create a ne product group+ press CT:1M." Then)
a. In the Product "roup feld+ enter an identifer for the product group"
b. In the )ame feld+ enter a descripti%e name for the product group"
c. In the +ype list+ select >roup node or Item node"
The +op feld indicates hether the product group is the top node in the hierarchy"
If it is a top node+ it is mar7ed ith a green chec7 mar7"
The Selection feld indicates hether a selection is made by using the 0uery tool
?a%ailable only hen the selected type is Item node@"
&" To create more product groups+ repeat step ,"
4. To add component groups to the >roup node+ press CT:1M.+ and select the product
group that you ant to include"
Important Component groups can be added to the loer pane only if >roup node
is selected in the +ype list for the product group that is selected in the upper pane"
Component groups that are added in the loer pane must be a%ailable as product
groups in the upper pane[ the list of a%ailable component groups consists of the
product groups in the upper pane"
$. If the selected product group in the upper pane is of the Item node type+ clic7
Select items to open the Item selection form"
This option can be selected only if Item node is selected in the +ype list for the
selected product group"
%. In the Item selection form+ clic7 Select+ and select the items that you ant to
allocate to the selected Item node"
&. Clic7 %: to return to the Item selection form+ and then clic7 %: to fnish selecting
items"
'. To create more product groups of the Item node type+ repeat steps / through ="
When you ha%e created all the necessary product groups+ assign each item node to a
group node"
Settin" up product "roup and item presentations
When a customer clic7s on a product group in EP+ a list of product items ithin that group
is presented" The te6t and the image for the product group appears abo%e the list of
products"
When a customer clic7s on a product item+ the product is presented ith a picture+ a
summary+ and a product description"
)ote
The number of tabs in the loer pane change according to the Item or the
Product "roup that is selected in the +ype feld"
If the Product "roup is selected in the +ype feld+ to tabs are a%ailable)
+ext and Ima"e"
If Item is selected in the +ype feld+ four tabs are a%ailable) Description+
Summary+ Product description+ and Ima"e"
Set up product "roup or item presentations
1. 'pen the Presentations form ?Administration G Setup G Internet G *nterprise
Portal G Product catalo" mana"er@"
#. In the +ype feld list+ select either Product "roup or Item"
,2
3. In the an"ua"e feld+ select the language for the description+ if the %ersion supports
multiple languages"
4. 8or each tab in hich you can rite te6t+ clic7 *dit to begin adding or editing
information for the selected Product "roup or Item" ;ou can format the te6t in the
ETM1 editor"
8or a Product group)
a. On the Te/t tab, clic3 Edit to add or edit the headin4 for the +roduct 4rou+. 2he
headin4 a++ears hen a user selects a +roduct 4rou+.
b. *n the ,rie' descri+tion field, rite the headin4 that a++ears hen all the +roduct
4rou+s are +resented on the first +a4e. 2his headin4 a++ears before the headin4
that is added on the Te/t tab.
c. On the Ima+e tab, clic3 Append to insert an ima4e.
d. *n the Add ima+e form, select hether you ant to a++end the ima4e to all
lan4ua4es or only the current one.
e. :lic3 O0, and then locate the ima4e that you ant to add to the current node.
f. 0or an *tem.
4. On the (es&ription tab, you can add or edit a descri+tion for each item. 2he
descri+tion a++ears on the (es&ription tab of the Web +a4e that shos item
information. *n the ,rie' des&ription field on the (es&ription tab, you can add
or edit a headin4, hich is dis+layed as a lin3 to additional item details, for each
item, hen all the items ithin a +roduct 4rou+ are dis+layed.
h. On the Summar) tab, you can add a summary. 2he summary a++ears ith the
brief descri+tion and on the Overview tab of the Web +a4e that shos item
information.
i. On the Produ&t des&ription tab, you can add a more detailed descri+tion for
each item. 2he information a++ears underneath the descri+tion on the
(es&ription tab of the Web +a4e that shos item information.
9. On the Ima+e tab, clic3 Append to insert an ima4e.
3. *n the Add ima+e form, select hether you ant to a++end the ima4e to all
lan4ua4es or only the current one.
l. :lic3 O0, and then locate the ima4e that you ant to add to the current node.
/" 8ollo these processes for all the product groups and items"
)ote The supported image formats on the Internet are 9I8 and *P9"
Appendix %( Set up search for %nterprise Portal
By using the $earch feature in EP+ users can search for Microsoft Dynamics AX records
and documents+ and they can list items that are stored in Windos $harePoint $er%ices+
such as announcements and discussions"
To enable search for both Microsoft Dynamics AX and Microsoft Windos $harePoint
documents+ ensure that the folloing conditions are true)
The Microsoft Dynamics AX search inde6es are confgured and enabled"
$earch is enabled for Microsoft $01 $er%er and Microsoft Windos $harePoint
$er%ices"
If both of these steps are not completed+ you recei%e mi6ed results" 8or e6ample+ if you
enable search for $01 $er%er and Windos $harePoint $er%ices+ but you do not set up
,-
the Microsoft Dynamics AX search inde6es+ EP users can search for $harePoint
documents but not for records that are stored in Microsoft Dynamics AX"
Set up the search indexes
To set up search inde6es for EP+ you must use the Microsoft Dynamics AX data craler
setup" The folloing to procedures describe ho to set up the data craler manually"
)ote The resulting search inde6 is company account5specifc" This means that the
inde6 of the tables and felds is a%ailable only ithin the company account here the
inde6 as created" If to Web sites are running on diXerent company accounts+
tables must be inde6ed for both Web sites" 8or each company account+ a data craler
must be started to perform the inde6"
Select the ta1les and !elds to include in the search index
1. 8rom a Microsoft Dynamics AX client+ open the Table setup form ?Basic G Setup G
Data Cra$ler G +a1le setup@"
," Add a ne table from the list of tables"
3. $elect a table in the list+ and then clic7 the +ext index tab"
4. To enable te6t inde6+ select the *na1le text index chec7 bo6"
$. $elect the felds to be inde6ed from the +ext index pane+ and then clic7 the less5than
?N@ button to add the felds to the %ther !elds pane"
2" Close the form to sa%e changes"
Start the data cra$ler to create the search index
1. 8rom a Microsoft Dynamics AX client+ open the Data Craler setup form ?Basic G
Setup G Data Cra$ler P Data Cra$ler@"
," $elect a company account"
The %vervie$ tab pro%ides the status for the data cralers that ha%e been created
for diXerent company accounts"
3. Clic7 the Cra$ler tab"
4. If the status is Stopped+ select a craler speed+ and then clic7 Start cra$ler to
start the data craler for the selected company account"
*na1le search for SQ Server and #indo$s SharePoint Services
To ma7e search a%ailable to users on your EP site+ you must enable full5te6t inde6ing for
the $01 ser%er that hosts the Windos $harePoint $er%ices database for EP" To enable
search for Microsoft $01 $er%er ,###+ you must install the full5te6t search feature for $01
$er%er ,### and then enable search in Windos $harePoint $er%ices"
)ote $01 $er%er ,### full5te6t search supports only one language for each
database" If you are supporting Windos $harePoint $er%ices Web sites in se%eral
languages+ and if you ant to enable full5te6t searching in those languages+ consider
hosting each language on a separate %irtual ser%er that has a separate database per
language"
*na1le search for SQ Server 3000
1. 'n your computer that is running $01 $er%er+ run the $01 $er%er ,### $etup
program"
,=
#. 'n the setup screen+ clic7 SQ Server 3000 Components+ and then clic7 Install
Data1ase Server"
The SQ Server 3000 Installation #i@ard opens"
3. 'n the #elcome screen+ clic7 )ext"
4. 'n the Computer )ame screen+ select the computer type+ and then clic7 )ext"
$. 'n the Installation Selection panel+ select Ap"rade? remove? or add
components to an existin" instance of SQ Server+ and then clic7 )ext"
%. 'n the Instance )ame panel+ clear the Default chec7 bo6+ and then in the
Instance )ame bo6+ select your instance of $01 $er%er for Windos $harePoint
$er%ices+ and then clic7 )ext"
&. $elect Add components to your existin" installation+ and then clic7 )ext"
'. 'n the Select Components panel+ in the Su1<Components list+ select 5ull<+ext
Search+ and then clic7 )ext"
(. Clic7 )ext again to begin the installation"
1). Clic7 5inish"
*na1le search for #indo$s SharePoint Services
After you ha%e confgured $01 $er%er ,### to support full5te6t search+ you are ready to
enable search for Windos $harePoint $er%ices"
1. Clic7 Start+ clic7 All Pro"rams+ clic7 Administrative +ools+ and then clic7
SharePoint Central Administration"
#. 3nder Component Con!"uration+ clic7 Con!"ure full<text search"
3. In the Search Settin"s section+ select the *na1le full<text search and index
component chec7 bo6"
4. Clic7 %:"
Appendix +( A&out %nterprise Portal roles and user
roups
Enterprise Portal for Microsoft Dynamics AX is a role5based application+ hich means that
the collection of content that is a%ailable to a user on the EP site %aries according to the
userTs Cob function"
When you assign roles to each user+ each role determines hich user groups that each
user can belong to" Those user groups determine the le%el of access to the EP site for
each user"
Roles and correspondin" user "roups
The folloing table introduces EP roles and lists the predefned user groups that
correspond to each role" By default+ the user groups that are listed here are created hen
you confgure EP" Eoe%er+ you can also create your on roles by creating additional
user groups and combinations of user groups"
:ole .ame Description 3ser 9roups
Employee The internal role that is assigned to all
employees" It can be e6tended ith other
internal roles" The employee role gi%es
access to the functionality that is
included in the employee self5ser%ice Web
EPQEmpl
EPQInt
,>
application"
$ales An internal role that is assigned in
addition to the employee role" The sales
representati%e role gi%es access to all
sales5related functionality+ such as sales
orders+ customers+ and sales5related
reports"
EPQEmpl
EPQInt
EPQ$ales
Consultant An internal role that is assigned in
addition to the employee role" The
consultant role gi%es access to the
functionality in the proCects module+ such
as hour registration"
EPQEmpl
EPQCons
EPQInt
<endor An e6ternal role that gi%es access to the
%endor self5ser%ice Web application"
EPQ<endor
EPQE6t
Customer An e6ternal role that gi%es access to the
customer self5ser%ice Web application"
EPQCust
EPQE6t
9uest An e6ternal role that gi%es users access
to %ie the product catalog and sign up
to become customers" The guest role
allos anonymous Web users to log on to
the EP customer site ith limited
functionality"
EPQCust
EPQE6t
?The same user
groups as the
customer role@
Administrator An internal role that is assigned to the
indi%iduals ho ill be confguring and
administering Microsoft Dynamics AX" It is
important to restrict the number of
Microsoft Dynamics AX users ho are
members of the Administrator group"
EPQAdmin
EPQEmpl
EPQint
)ote 3sers can be assigned to more than one role" In that situation+ they must be
assigned to the corresponding user groups for both roles" ;ou cannot assign users to
both internal and e6ternal roles"
The folloing sections describe each role in more detail"
*mployee role
By default+ the functionality that is a%ailable to the Employee role is %ery limited"
Eoe%er+ you can add more functionality to the employee role" 3sers ho are assigned
the Employee role can perform the folloing tas7s)
1oo7 up contact information about their colleagues"
Complete and analyLe Duestionnaires"
<ie and delete their alerts+ and %ie and disable their alert rules"
Sales role
3sers ho are assigned to the $ales role can perform tas7s ithin these areas)
0uotation) create+ edit+ accept+ and send ?mailHletter@
&#
$ales order) create+ edit+ and send ?mailHletter@
Customer) create and edit
Credit note) create+ update+ and send ?mailHletter@
Contact person) create+ edit+ and delete
Prices) update price and discount
Product information) send ?mailHletter@
0uestionnaire) complete and analyLe
Alerts) <ie and delete their alerts+ and %ie and disable their alert rules
3sers ho are assigned to the $ales role can %ie and create the folloing reports)
$ales by ee7+ month+ Duarter+ and year ?current year and the year before+ list and
graph@
$ales by region
$ales by customer
Price list by customer
$ales price list by customer ?all customersHby customer@
Customer turno%er
$ales by person
Pricelist
$ales prices
PriceHDiscount list
Top 4## ?by re%enue and margin@
Blan7et orders
$ales forecast per item ?all customersHby customer@
Consultant role
3sers ho are assigned to the Consultant role can do the folloing)
:egister hours on proCects"
Brose in%oices and in%oice proposals"
Brose hour+ cost+ re%enue+ item+ and on5account transactions"
<ie and create reports for total of hours per proCect"
<ie and create reports for hours per Cournal"
Complete and analyLe Duestionnaires"
<ie and delete their alerts+ and %ie and disable their alert rules"
2endor role
3sers ho are assigned to the <endor role can do the folloing)
Change their address+ telephone number+ Web address+ tele6+ fa6+ language+ and e5
mail" $ome felds+ such as account number+ currency+ balance+ and balance in
currency+ are %ie5only felds"
$et up and change contact person ?title+ name+ telephone e6tension+ telephone+
mobile phone+ pager+ e5mail+ and personal address information@"
<ie purchase orders ?header and lines@"
<ie items ?%ie5only mode@"
&4
<ie Cournals ?purchase order+ pac7ing slip+ and in%oice@"
3pdate prices and discounts"
<ie deli%ery due date"
<ie supply performance"
<ie supply capacity"
Complete Duestionnaires"
Customer role
3sers ho are assigned to the Customer role can do the folloing)
Brose the product catalog"
Add items to the shopping bas7et"
Create orders online"
Add items to the shopping bas7et ithout ordering+ and then return to the shopping
module later to fnish the order"
Complete Duestionnaires"
>uest role
3sers ho are assigned to the 9uest role can do the folloing)
Brose the product catalog but not order"
Create a registration reDuest to become a customer"
Administrator role
3sers ho are assigned to the Administrator role can do the folloing)
Manage Web users"
Control some of the parameters for 3sers+ 9eneral+ Accounts recei%able+ In%entory+
and Customer $elf5$er%ice"
Control setup parameters+ such as $tyle sheet and 1anguage"
:efresh the Microsoft Dynamics AX data from the Web interface"
Important :estrict the number of Microsoft Dynamics AX users ho are members
of the Administrators group" If a regular Microsoft Dynamics AX user is made a
member of the Administrators group+ that user can potentially %ie reports or data
that they should not be able to see" Ideally+ only those indi%iduals ho are
confguring and administering Microsoft Dynamics AX should be members of the
Administrators group"
&,
&&
The information contained in this document represents the current %ie of Microsoft
Corporation on the issues discussed as of the date of publication" Because Microsoft must
respond to changing mar7et conditions+ this document should not be interpreted to be a
commitment on the part of Microsoft+ and Microsoft cannot guarantee the accuracy of any
information presented after the date of publication"
This White Paper is for informational purposes only" MIC:'$'8T MAYE$ .' WA::A.TIE$+
EXP:E$$+ IMP1IED+ ': $TAT3T':;+ A$ T' TEE I.8':MATI'. I. TEI$ D'C3ME.T"
Complying ith all applicable copyright las is the responsibility of the user" Without limiting
the rights under copyright+ no part of this document may be reproduced+ stored in or
introduced into a retrie%al system+ or transmitted in any form or by any means ?electronic+
mechanical+ photocopying+ recording+ or otherise@+ or for any purpose+ ithout the e6press
ritten permission of Microsoft Corporation"
Microsoft may ha%e patents+ patent applications+ trademar7s+ copyrights+ or other intellectual
property rights co%ering subCect matter in this document" E6cept as e6pressly pro%ided in any
ritten license agreement from Microsoft+ the furnishing of this document does not gi%e you
any license to these patents+ trademar7s+ copyrights+ or other intellectual property"
\ ,##2 Microsoft Corporation" All rights reser%ed"
Microsoft+ Microsoft Dynamics+ the Microsoft Dynamics 1ogo+ Windos $harePoint $er%ices+ and
$01 $er%er are either registered trademar7s or trademar7s of Microsoft Corporation or
Microsoft Dynamics in the 3nited $tates andHor other countries" MicrosoftDynamics is a
subsidiary of Microsoft Corporation"
The information contained in this document represents the current %ie of Microsoft
Corporation on the issues discussed as of the date of publication" Because Microsoft must
respond to changing mar7et conditions+ this document should not be interpreted to be a
commitment on the part of Microsoft+ and Microsoft cannot guarantee the accuracy of any
information presented after the date of publication"
This White Paper is for informational purposes only" MIC:'$'8T MAYE$ .' WA::A.TIE$+
EXP:E$$+ IMP1IED+ ': $TAT3T':;+ A$ T' TEE I.8':MATI'. I. TEI$ D'C3ME.T"
Complying ith all applicable copyright las is the responsibility of the user" Without limiting
the rights under copyright+ no part of this document may be reproduced+ stored in or
introduced into a retrie%al system+ or transmitted in any form or by any means ?electronic+
mechanical+ photocopying+ recording+ or otherise@+ or for any purpose+ ithout the e6press
ritten permission of Microsoft Corporation"
Microsoft may ha%e patents+ patent applications+ trademar7s+ copyrights+ or other intellectual
property rights co%ering subCect matter in this document" E6cept as e6pressly pro%ided in any
ritten license agreement from Microsoft+ the furnishing of this document does not gi%e you
any license to these patents+ trademar7s+ copyrights+ or other intellectual property"
\ ,##- Microsoft Corporation" All rights reser%ed"
Microsoft+ M$5D'$+ Windos+ Windos $er%er+ Windos <ista+ Microsoft Dynamics+ 'utloo7+
$harePoint+ Windos Mobile+ Windos XP+ Microsoft Dynamics+ the Microsoft Dynamics 1ogo+
Windos $harePoint $er%ices+ '(ce $harePoint $er%er+ and $01 $er%er are either registered
trademar7s or trademar7s of Microsoft Corporation or Microsoft Dynamics in the 3nited $tates
andHor other countries" MicrosoftDynamics is a subsidiary of Microsoft Corporation"

Install and Configure A Microsoft Dynamics AX Enterprise Portal Server

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Install and Configure A Microsoft Dynamics AX Enterprise Portal Server

Uploaded by

Copyright:

Available Formats

Installing and Confguring

Microsoft Dynamics AX Enterprise

You might also like