Wednesday, December 6, 2017

Configure email settings for the workflow system [AX 2012]

Applies To: Microsoft Dynamics AX 2012 R3, Microsoft Dynamics AX 2012 R2, Microsoft Dynamics AX 2012 Feature Pack, Microsoft Dynamics AX 2012
You can configure Microsoft Dynamics AX to send email messages to users when workflow-related events occur. For example, email messages can be sent to users when documents are assigned to them for approval. Complete the procedures in this topic to configure email settings for the workflow system.

This task is part of a bigger process

This topic explains how to configure email settings for the workflow system. This is step 4 in the following diagram. Configuring the email functionality in Microsoft Dynamics AX is the bigger process that you must complete. For more information about this process, see Configure email functionality in Microsoft Dynamics AX.
How to configure email functionality

Enable users to receive workflow-related email messages

The first step in the process is to enable users to receive workflow-related email messages. The following procedure explains how to do this. You must complete this procedure for each Microsoft Dynamics AX user.
If you’d rather have users configure their own email settings, instruct users to do the following:
  1. Open the Microsoft Dynamics AX client.
  2. Click File > Tools > Options.
  3. Complete steps 5 – 8 in the following procedure.
  1. Open the Microsoft Dynamics AX client.
  2. Click System administration > Common > Users > Users.
  3. Select a user.
  4. Click Options.
  5. In the E-mail field, verify the email address of the selected user.
  6. Click Notifications.
  7. In the Workflow notifications section, specify how you want the user to be notified about workflow-related events. To do so, follow these steps:
    1. In the Line-item notification type list, specify how you want the user to receive workflow notifications for line items.
      • Grouped – Notifications for line items are grouped into a single email message.
      • Individual – An email message is sent for each line item.
    2. If you want the user to receive notifications in the Microsoft Dynamics AX client, select the Show notifications in the Microsoft Dynamics AX client check box.
      If you select the Show notifications in the Microsoft Dynamics AX client check box, you can also specify whether you want the user to receive notifications as pop-up messages. If you want the user to receive pop-up messages, select the Show pop-ups for notifications check box.
    3. If you want the user to receive notifications as email, select the Send notifications in email check box.
  8. Click Close.
  9. The Users page is redisplayed. Select another user and repeat steps 4-8.

Determine how many email templates you need to create for the workflow system

Determine how many email templates you need to create for the workflow system. You can create multiple email templates, or just two email templates (as explained below). Your business needs will help you determine how many email templates you need to create. For example, you may want to:
  • Create an email template for every workflow.
  • Create an email template for every workflow type.
    In this scenario, all workflows of a certain type would use the same email template. See Workflow types for a list of all the types of workflows you can create.
  • Create two email templates.
    In this scenario, one email template would be used by all workflows that are used across the whole organization. The other email template would be used by all workflows that are company-specific. See Workflow types for more information about how each type of workflow is used.

Create email templates

After you have determined how many email templates to create, you can create the templates. For instructions on how to do this, see Configure email functionality in Microsoft Dynamics AX.

Use placeholders

When you create email templates, we recommend that you use placeholders. When email messages are generated, these placeholders will be replaced with specific text from the workflow.
For example, suppose that you entered the placeholder %subject% in the email template. In this example, when email is generated and sent to users, that placeholder will be automatically replaced with the text found in the Work item subject field. Similarly, if you enter %message% in the email template, that placeholder will be replaced with the text found in the Work item instructions field.
Placeholders will be replaced with this text.
For more information about how to insert placeholders in email templates, see Configure email functionality in Microsoft Dynamics AX.

Specify when each email template will be used

When you configure the properties of a workflow, you can select the email template that should be used to generate email messages for the workflow. For step-by-step instructions, see Configure the properties of a workflow.
Select an email template for the workflow
If you do not select an email template when you configure a workflow, a default template will be used. You can specify which email template is the default template by completing the following procedures.

Specify the default email template for organization-wide workflows

Some workflows are used to process documents that are associated with your whole organization. Complete the following procedure to specify the default email template that will be used to generate notifications for organization-wide workflows.
To view a list of organization-wide workflows, see Workflow types.
  1. Click System administration > Setup > Workflow > Workflow parameters.
  2. Select an email template from the list.
    The list will display email templates that were created when the Show system e-mails check box was marked in the E-mail templatesform.
  3. Click Close to save your changes.

Specify the default email template for organization-specific workflows

Some workflows are used to process documents that are associated with a specific organization, such as a legal entity. Complete the following procedure to specify the default email template that will be used to generate notifications for organization-specific workflows.
To view a list of organization-specific workflows, see Workflow types.
  1. Click Organization administration > Setup > Workflow > Workflow parameters.
  2. Select an email template from the list.
    The list will display email templates that were created when the Show system e-mails check box was not marked in the E-mail templates form.
  3. Click Close to save your changes.

Monday, November 20, 2017

Enable Automatic Replies for another user or additional mailbox

Automatic Replies buttonMost of Outlook’s Exchange specific functionalities such as Automatic Replies (also known as “Out of Office Assistant” or “OOF”) only work for the main mailbox and not for delegate or Shared Mailboxes.
If you have been assigned Full Access permissions to this mailbox by your Exchange administrator (verify this with him/her if you do not know; delegate permissions are not enough!)or know the credentials of the other mailbox, then there are 3 ways in which you can enable the Automatic Replies for a shared or additional mailbox.
Exchange Administrators can also enable Automatic Replies for another user without logging on to the mailbox by using an Exchange PowerShell command, the Exchange Admin Center or a 3rd party management tool.

User Method 1: Outlook Web App

Outlook Web App (OWA) buttonProbably the easiest way to go is to use Outlook Web App. You can ask your mail administrator for the URL if you don’t know it. In Outlook 2010, Outlook 2013 and Outlook 2016, you may find the URL in the Info section when pressing on the File menu tab.
When you have been granted Full Access permissions, then you can logon with your own username and password and click on your own picture or name in the top-right corner to get to the option to open another mailbox.
Open another mailbox... command in OWA 2013.
Open another mailbox… command in OWA 2013.
If you haven’t been granted Full Access permissions but do have separate logon credentials for the additional mailbox, you can use that to logon instead.
Once logged in, you can enable Automatic Replies in the following way:
  • Outlook on the Web (Office 365 for Business – Exchange Online)
    Gear icon (left side of your picture in the top right corner)-> Automatic Replies
  • OWA 2016
    Gear icon (left side of your picture in the top right corner)-> Automatic Replies
  • OWA 2013
    Gear icon (right side of your name)-> Set automatic replies
  • OWA 2010
    Options (below your name)-> Set Automatic Replies…
  • OWA 2007
    Options (left side of your name)-> Out of Office Assistant
Extra Tip!
You can use the “In Private” or “Incognito” mode of your Internet browser to prevent automatic logon or to be able to stay logged on to your own mailbox as well.

User Method 2: Additional Exchange account

Add Exchange Mailbox buttonIf you are using Outlook 2010, Outlook 2013 or Outlook 2016 and either have been granted Full Access permissions to the mailbox or have been provided separate credentials for it, then you can also configure this shared mailbox as an additional Exchange account rather than to add it as a secondary mailbox of your own.
To do this, click on the File tab and choose Add Account. When setting up the account, Auto Account Setup may recognize your main mailbox linked to your user account. When this happens, specify the email address of the shared mailbox instead.
For more details and screenshots of this process see Adding an additional or shared mailbox from the same Exchange organization to Outlook.
Once the mailbox has been added, select its Inbox folder and enable Automatic Replies as you would normally do for your own mailbox.
Note: You should not do this if you have been assigned as a delegate as well for this mailbox. In that case, it is recommended to use a separate Mail Profile instead.

User Method 3: Separate Mail Profile

Mail Applet Control Panel buttonIf you want to enable Automatic Replies for the shared mailbox in Outlook but are still using Outlook 2007 or previous, then you’ll have to use the Mail applet in Control Panel to create an additional Mail Profile.
You’d then set up this Mail Profile with the shared mailbox as the main mail account rather than your own. This also requires you that you either have been granted Full Access permissions to this shared mailbox or have been provided credentials for it.
Just like the “Additional Exchange account” method above, Auto Account Setup might try to configure it automatically with your own mailbox. You’d then have to specify a different address or configure the account manually as well.

Admin Method 1: Exchange PowerShell

Exchange PowerShell buttonIf you are an Exchange administrator, then using the Set-MailboxAutoReplyConfiguration Exchange PowerShell command is the supported and native way to go to enable Automatic Replies without logging on to the mailbox itself.
Set-MailboxAutoReplyConfiguration -Identity  -AutoReplyState Enabled -InternalMessage "Internal auto-reply message." -ExternalMessage "External auto-reply message."

Admin Method 2: Exchange Admin Center

Exchange Admin Center buttonAnother way to do this as an Exchange Administrator is via the Exchange Admin Center (also known as ECP).
  1. Logon to the Exchange Admin Center.
  2. Change the management scope;
    • Exchange 2010
      In the top left corner, next to Mail> Options, click on: Manage My Organization
    • Exchange 2013, Exchange 2016 and Office 365 Exchange Online
      Click on your name or image in the top right corner.
  3. Choose: Another user…
  4. Select the user that you want to manage.
  5. In the page that opens, you can now set up an automatic reply message (in Exchange 2010: Tell people you’re on vacation).

Admin Method 3: CodeTwo Out of Office Manager

CodeTwo OOF Manager buttonIf you regularly need to manage the Automatic Replies setting for your users, then both admin methods mentioned above can become quite cumbersome.
CodeTwo Out of Office Manager simplifies this task and also offers some other management features which Exchange doesn’t offer itself.
Some of the key features are;
  • Central management of Out of Office replies.
  • Set up Out of Office reply for another user.
  • Delegate to HR managers, receptionists, assistants or team leaders.
  • Plan ahead for months.
  • Reset Out of Office address history to re-activate replies.
  • Schedule Out of Office replies with a recurrence schedule.
  • Slick and clutter-free calendar view.
  • One template for multiple users.
  • HTML simple to use editor.
  • Supports Exchange on-premise, Office 365 and other hosted Exchange environments.

Friday, November 17, 2017

Install, Configure, and Troubleshoot Linux Web Server

A web server is a system that manipulates requests via HTTP protocol, you request a file from the server and it responds with the requested file, which might give you an idea that web servers are only used for the web.

Actually, web servers can also be found embedded in devices such as printers, routers, when you open your router configuration page, there is a web server behind it.
When you open the printer configuration page, there is also a web server behind it serving your requests, so web servers are important today because they are used everywhere.

How Webserver Works

First, your browser sends a request to the server.
The server takes the requested file or page from you and maps it to the corresponding file from the server. The server sends the file back to the browser with some information such as its MIME type, the length of the content and some other useful information.
Sometimes the requested file is a static page like HTML pages or dynamic pages like PHP, Java, Perl or any other server side language.
For example, when you type, the browser queries the DNS server about the IP address of the computer: Once the browser gets the response from the DNS, it starts a TCP connection on port 80 and asks for the default web page, then this page is sent to you and that’s all.

Linux Webserver Implementations

There are many Linux web server implementations available for you to use:
  • Apache server
  • Nginx
  • Lighttpd
  • Apache Tomcat
  • Monkey HTTP Daemon (used especially for embedded systems)
There are more Linux web servers, but this list is the most used web servers.
The most used web servers are Apache and Nginx.
In this post, we will use Apache server for several reasons:
  • It is stable.
  • It is flexible.
  • It is secure.
We’ll install and configure Apache server on Linux, but at first, let’s review some of the basics of HTTP protocol basics.

Understanding HTTP

When you request a file or a page from a web server, the client at first connects to the server on port 80. After successful connection, the client then sends HTTP commands (also methods) to the server. This command includes a request header which includes information about the client.

To view these request headers in chrome, open chrome devtools, then open network panel and visit and check the request headers, you should see something like this:

The request header also includes information about the client, like the user agent and the accepted formats.
Additional information may be sent with the request header. For example, if you click on a link that will open another website, the header will include the referral site.
After receiving the request header completely, the server responds with the requested file or page along with a response header.
The response header includes information about the received content, its type, and other information.
Linux Web Server response header
You can check the response headers from the browser network panel.

Install Apache Webserver

You can install Apache server on Red Hat based distros using the following command:

$ dnf -y httpd

Or if you are using a Debian-based distro, you can install it like this:

$ apt-get -y install apache2

The Apache web server service is called httpd on Red Hat based distros like CentOS, while it is called apache2 in Debian based distros.

If you are using a firewall like iptables, you should add a rule for port 80.

$ iptables -I INPUT 1 -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT

Or if you are using firewalld, you can use the following command:

$ firewall-cmd --add-port=80/tcp

To start your service and enable it on boot:

$ systemctl enable httpd

You can check if your service is running or not, using the following command:

$ systemctl status httpd

Now open your browser and visit http://localhost or http://[::1]/ if you are using IP v6 and if your installation goes well, you should see your HTML homepage.

Configuring Apache Webserver

You can add files to Apache in the /var/www/html directory for top-level pages.
Just remember to make sure that any files or directories placed in that directory are world-readable.
The default index page is index.html.

The Apache configuration files are in  /etc/httpd/conf/ directory.
On Debian based systems like Ubuntu, you may find it at  /etc/apache2/apache2.conf file.
We can’t discuss every option for Apache on a single post, but we will discuss the most important options.
You call them options or directives.

ServerRoot Option

This option specifies the configuration folder for Apache web server. On Red Hat based distros, the ServerRoot option is /etc/httpd/ directory. On Debian distros the ServerRoot option is /etc/apache2/.
ServerRoot /etc/httpd

Listen Option

This is the port that Apache web server will use to wait for incoming connections.
The default value for this option is 80 for nonsecure connections and 443 for secured connections.
If you have multiple IP addresses on your server, you can assign which IP should listen for connection using Listen option.

You can specify a different port other than 80, just make sure that it’s not in use.
You can run many HTTP servers on the same hardware every one on a unique port.
When a server runs on a non-standard port such as port 8080, it will require the port number to be explicitly stated like this:
Listen 80

ServerName Option

This option specifies the hostname of the web server that appears to the visitors.
ServerName FQDN

DocumentRoot Option

This defines the path that will contain your files that will be served.
The default path is /var/www/html .
DocumentRoot /var/www/html

MaxRequestWorkers Option

This option sets the maximum number of concurrent connections that the server will receive.

LoadModule Option

This option is used to load modules into Apache web server.
There are a lot of Apache modules like these:
mod_cgid: This module is used to run CGI scripts using Apache web server.
mod_ssl: Provides secure connections via SSL and TLS protocols.
mod_userdir: This module allows you to serve content from users specific directories.
If you want to disable loading a specific module, you can comment the Load module line that contains that module.
Or if you use Debian based distros like Ubuntu, you can use these commands:

$ a2enmod modulename

This command to enable the module.

$ a2dismod modulename

This command to disable the module.
All these commands do is create a symlink under /etc/apache2/mods-enabled  directory with the file that contains the module you want to enable. All files under this directory are included in Apache configuration by default, so any file will exist in this directory will be included.
And if you use a2dismod, the symlink will be removed.
If you enable or disable a module, you have to reload or restart apache web server.


Include Option

This option allows you to include other configuration files.
You can store all the configuration for different virtual domains, and Apache will include them at runtime.
Include filePath

UserDir option

This option specifies the directory that will contain the files that will be accessible via the web server. This directory is usually named public_html and its location in user’s home directory.
For example, if you have a user adam who wants to make his web content available via Apache web server.
First, we make a public_html folder under his home directory.
Then set the permission for the public_html folder:

$ chmod 644 public_html

Now if we put an index.html file, it will be accessible via the browser like this:

UserDir public_html

Alias Option

This option specifies the location of the files that are outside the DocumentRoot location and need to be served by the Apache web server.
Like you have files outside DocumentRoot and you want them to be available to the visitors.

Alias URL_Path Actual_Path

ErrorLog Option

This option specifies the error log file for Apache web server.

ErrorLog /var/log/httpd/error_log

VirtualHost Option

This option allows you to host multiple websites on the same server.
The idea is that the content is served based on the requested hostname.

To setup a virtual host for the host First, create a VirtualHost option in /etc/httpd/conf/httpd.conf file.
And specify the DocumentRoot and ServerName like this:
Keep in mind that the ServerName option must be resolvable via DNS.
These are the most used Apache options.

Virtual Host Types

There are two types of virtual hosts that you can define in Apache web server:
  • Name-based virtual hosts
  • IP-based virtual hosts
The NameVirtualHost directive defines which addresses can be virtual hosts; the asterisk (*) means any name or address on this server. You can write them like this:
If you have more than one IP address and you want to use SSL certificate, the website must be on a dedicated IP address. You can write IP-based virtual hosts like this:

Apache Process Ownership

We know from the Linux process management that each process inherits its permissions of its parent process.

This fact is true for all processes except for applications with the SETUID bit set, they inherit permissions from the owner, not the parent process. A good example is the /bin/su.
If a normal user runs /bin/su program, it does not inherit the permission from adam, but it acts as a root user running it.

Since Apache web server needs to bind port 80, and this needs root privileges.
After binding to port 80, Apache can run as a normal user and read only files that have permissions to read them.

Based on the Linux distro you use, the user could be one of the following:
nobody, www, apache, www-data, or daemon.
I delayed introducing two more options for apache till reaching that point.

User Option

This specifies the user ID which the web server will use to answer requests.

User www-data

Group Option

This specifies the group that Apache web server will use to read files.

Group www-data

Security is very important for sites that use executable scripts such as CGI or PHP scripts.
The use that you will use will have permission to read and write the content of all sites on the server. But we want to ensure that only the members of a particular site can read their own site only.

This is very important because if a site got compromised, the attacker will be able to read all files since the apache user has permission to do that.
So how to solve this problem?

suEXEC Support

A popular method is to use suEXEC. suEXEC is a program that runs with root permissions and makes CGI programs run as the user and group IDs of a specific user, not the Apache server user.
You can specify the user on each virtual host like this:
Just that simple.

Apache Authentication

You may want to restrict some parts to specific visitors. It’s like a password protected directory.
In Apache, you can store authentication information file called .htpasswd file.
You can use the htpasswd command to do that.

First, create the .htpasswd file using the htpasswd command:

$ htpasswd -c /home/adam/.htpassswd myuser

The -c option is needed the first time you run htpasswd, but when you need to add more users you shouldn’t use -c because it will overwrite the file.
Then create a .htaccess file in the public_html folder and write the following:
AuthName is required, you can use any string you want.
AuthType Basic says that you’re using htpasswd style user file.
AuthUserFile points to the file that contains the generated password from htpasswd command.
The Order line indicates that Apache must deny access by default, and only allow access for users specified in the htpasswd file.
The require directive means any user in the .htpasswd file is allowed.

Troubleshooting Apache Webserver

If you modify the httpd.conf file and restart or reload Apache web server and it did not work, then you have typed a wrong configuration, however, this is not the only case that you need to troubleshoot Apache, you may look at the apache logs to see how the service works so you can diagnose the problem and solve it.

The two main log files for apache are error_log and access_log files.
You can find these files in /var/log/httpd/  directory in Red Hat based distros, or in /var/log/apache2/  directory if you are using Debian based distros.

The access_log file contains every request to Apache web server with the details about client requested that resource.

The error_log file contains errors of Apache web server.
You can use tail command to watch the log file:

$ tail -f /var/log/httpd/error_log

I recommend you to review the Linux syslog server to know more about logging.