Steve Endow - The Blog: January 2019

Thursday, January 24, 2019

Dynamics GP Document Attach Record Type (Origin Description) Codes

By Steve Endow

I have been working on a few Dynamics GP Document Attach projects lately, and I haven't been able to find a complete list of the record type codes used in the Doc Attach tables.

To find the codes, query the CO00101 table and look at the ODESCTN field values.

CO00101 Table

Here's the partial list that I've compiled so far for a US installation of Dynamics GP. As I test additional record types, I'll update this list.

If anyone knows of a complete list or has updates, let me know.

Customer: CC

Vendor: Vendor (Creditor in UK)

Item: IC

GL Transaction: GL

PM Transaction: PM

Purchase Order: PO

Purchase Requisition: REQ

PO Shipment: PS

PO Shipment/Invoice: PSI

Receivables Transaction: RM

SOP Order: SO

SOP Invoice: SI

Note: NOTES

**NOTE: It appears that some of the Doc Attach record type codes may vary by region. For example, UK installations use "Creditor" instead of "Vendor". But "CC" is still used for UK Customers, rather than "Debtor".

Steve Endow is a Microsoft MVP in Los Angeles. He is the owner of Precipio Services, which provides Dynamics GP integrations, customizations, and automation solutions.

You can also find him on Twitter and YouTube

http://www.precipioservices.com

Sunday, January 6, 2019

"I don't want to bother turning on Two Factor Authentication"

By Steve Endow

January 2019 Update: A security researcher has developed a tool that can intercept logins and 2FA codes through a man-in-the-middle attack.

https://www.zdnet.com/article/new-tool-automates-phishing-attacks-that-bypass-2fa/

This type of attack can apparently defeat most, if not all code based 2FA systems.

I have a separate blog post discussing YubiKeys / U2F tokens, which are touted as being more secure than code-based 2FA authentication schemes.

The article mentions that the tool "is inefficient against U2F-based schemes that rely on hardware security keys." I am not sure if author did mean inefficient, or if he meant ineffective, but I don't think U2F tokens would prevent the browser from authenticating with a YubiKey with the MITM in place.

If anyone has information indicating that U2F validates the URL and / or can prevent this type of MITM proxy attack, I would love to read about it.

The other day I received a Skype message from a friend. It was an abbreviated URL using the Google URL shortener.

It looked something like this:

https://goo.gl/zADTrqeUItixixqazsva&34525?id=username

Since it was from a friend I knew well, I was about to click on it.

Then I paused.

The URL format seemed a bit odd. After a moment of reflection, I realized it looked suspicious. Then I realized that the message appeared in Skype. And this friend doesn't message me on Skype. And I vaguely recall receiving a similar message on Skype from a customer a few years ago.

I messaged my friend through another app and let him know that his Skype account had been compromised.

He was able to login to his Skype account and confirm it had been compromised. He was able to see several logins from other countries.

He let me know that he reset his password, and considered the problem resolved.

I then recommended enabling two factor authentication on the account.

His response: "I don't regularly use the account, so I don't want to deal with the potential hassle of 2FA".

I propose looking at 2FA differently.

Installing Windows from a USB Flash Drive

By Steve Endow

UPDATE: I have discovered an easier solution: Rufus

https://rufus.ie/en/

"Rufus is a utility that helps format and create bootable USB flash drives, such as USB keys/pendrives, memory sticks, etc."

The method below does still work, but in most cases, I've found that Rufus is simpler and works just as well. It also has some nice enhancements for Windows, allowing you to default some setup options, like skipping the privacy questions and setting up default local accounts.

It also works well for Linux boot drives.

===============

I'm currently building a new dedicated Windows server for running Dynamics 365 Business Central Docker images.

Since I only build a new machine every 2-3 years, I always have to lookup how to setup a bootable USB flash drive with the Windows installation files.

I am confident that I will forget this information in 2 weeks, so I'm posting this for posterity.

Here are the two articles that I used.

I initially tried to use Windows Disk Manager, but it didn't allow me to set the USB partition to "Active". So I had to use the steps from this first article to set the active partition.

Prepare the USB drive using DiskPart:

https://docs.microsoft.com/en-us/windows-server-essentials/install/create-a-bootable-usb-flash-drive

Insert USB flash drive
Administrator Command Prompt
diskpart
list disk
select disk <#> (make sure to select the correct disk for your USB drive!!!!)
clean
create part pri
select part 1
format fs=fat32 quick
active
exit

And because Windows ISO images now have files larger than 4GB, you can't copy them to FAT32 file systems. So I had to use the commands from this article to copy the Windows installation files to the USB drive.

After mounting the Windows ISO file so that it shows up as a new drive letter, run the two commands listed at the bottom of the article. Make sure to set the drive letters to match your source and destination drive letters.

Copy the files to the USB drive using Robocopy and DISM: (commands at bottom)

https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/install-windows-from-a-usb-flash-drive

In this example, the D: drive is the mounted Windows 10 ISO. The E: drive is the USB drive.

Copy files smaller than 3.8GB (everything but the Windows image file) from the ISO to the USB drive:

robocopy D: E: /s /max:3800000000

Split the Windows image file (from the mounted ISO on D:) and copy them to the USB drive on E:

Dism /Split-Image /ImageFile:D:\sources\install.wim /SWMFile:E:\sources\install.swm /FileSize:3800