Thursday, October 4, 2018

I'm a kid in the Microsoft Candy Store

View the original post at:  https://blog.steveendow.com/2018/10/im-kid-in-microsoft-candy-store.html


By Steve Endow

It's a fantastic time to be working with Microsoft products.

Let's start with Microsoft Azure.  Open this web page and read the list.

https://azure.microsoft.com/en-us/services/

Just look at that list.  It's pretty long, so you'll need to scroll down.  And scroll some more.  Keep scrolling.  And scrolling.



It's a crazy long list.  It's geek heaven.  It's consultant heaven.  So many amazing services to play with and learn and offer to customers.


Next, there is the Power Platform.

Monday, September 17, 2018

My Experience with ACH Fraud: My bank account was empty in 3 days

By Steve Endow


NOTE: For readers outside the US, ACH stands for Automated Clearing House, which is an electronic payment system we use to deposit and withdraw funds from bank accounts.  Employers often use ACH to electronically deposit pay checks into employee bank accounts, and companies often use ACH to pay their vendors electronically.  Consumers often use ACH to pay their bills--if you want to automatically pay your cable TV or cell phone bill, you send the merchant your bank account information, and they automatically withdraw the funds each month from your bank account.  In the US, it's a modern form of "electronic" banking.  But for the rest of the world, I suspect it's an archaic, horribly designed system that has zero security.



Update:  On his blog post sharing this article, Mark Polino says that there are solutions, similar to Safe Pay / Positive Pay, that can be used to prevent ACH fraud.  While that may theoretically be true with some banks, certain types of business bank accounts, some corporate treasury management solutions, and for some payment scenarios (such as outbound payroll), I was told that Bank of America Small Business bank accounts have no such services that could be used to prevent the type of ACH fraud that I experienced.

I asked two different Bank of America employees (one call center rep and one at my branch with over 15 years of experience as a manager at BofA) if there is anything I can do to prevent this type of ACH fraud.  They both clearly and definitively said that there is absolutely nothing I can do to prevent such random fraudulent ACH transactions.  

I asked if they could block all ACH withdrawals on my account.  The branch manager said no--he said that there is no way to prevent an ACH withdrawal from hitting my account.  The only way he could block withdrawals from my account was the close the account.  He did mention that he does have the ability to block ACH withdrawals from a specific merchant ID, such as those that occur with a recurring monthly fee, like a gym membership.  But with the ACH fraud I experienced, there were multiple merchant IDs, so that would not have helped me.

Trust me, I asked multiple times and pointed out how incredibly absurd the situation was.  The Bank of America employees simply shrugged and said that the only solution is to close the compromised account and open a new one.  It was a surreal experience.



Update 2:  Reviewing the Bank of America web site (since the employees were of no help), it appears that they have a "Full Analysis Business Checking" account offering that might have some relevant ACH fraud prevention features.  If you maintain account balances of over $60,000, write more than 150 checks, and have more than 200 deposits a month (unclear if those transaction minimums are required), that type of account apparently offers "ACH blocks/authorizations", in addition to Positive Pay.  

Based on a review of this PDF form, it appears that ACH blocks / authorizations allows you to "whitelist" specific ACH company IDs for your trading partners, authorizing them specifically, as well as specifically blocking certain company IDs.  The form also has an option to completely block all ACH transactions against a specific account, something I was told was impossible with my account type.

These ACH features might work for situations where you have consistent ACH deposits or withdrawals with trading partners on a specific account, but I don't know if it would be manageable for a company that is receiving many one time ACH payments from customers, or ACH payments from from hundreds of customers. You would need to know the ACH company ID for every customer in advance of their ACH deposit--I don't even know how I would find my own ACH company ID if I were asked for it.  Any ACH transaction (deposit and withdrawal) that is not specifically whitelisted is blocked.

And it isn't clear if they have an option to manage the company IDs online, or if you have to fill out that form for every change.

I currently have no need to park $60,000 in my business bank accounts, so such account features are presumably not available to me.

Why can't banks allow me to approve each ACH transaction before it hits my account? Allow me to login to the online banking web site or mobile app, view a list of pending transactions, and approve or deny each one?  This isn't rocket science.  If the ACH platform cannot support such a workflow, the US banking system is truly the laughingstock of the modern world.



Update 3:  I had to call the bank to get copies of the recent statements for my closed account, since I no longer have access to the account online.  During the call, I asked this new rep if there were any options available to prevent the ACH fraud I experienced.  He indicated that he is not aware of any features on my Small Business account that would have prevented the fraud, but he mentioned that the bank can place a "Fraud Hold" on an account.  This is the first time I had heard of such an option, despite asking about it repeatedly previously.  The Fraud Hold results in an account balance of -$888,888.88, which is an indicator to Bank of America folks that the account has been placed on hold.  

Unfortunately, this rep, and one more Small Business sales rep I spoke with during this call resulted in no additional information or potential services that could have helped me to prevent the ACH fraud.  In fact, the sales rep had never heard of an actual case of ACH fraud, so I ended up educating him about the process, and he was shocked by the lack of resources and the process required to resolve the problem.

I asked about the "Full Analysis Business Checking" account type, but neither rep had any knowlege of it, as it is apparently handled by a different Treasury Management group that cannot be called directly.  I had to request that this secret department give me a call, as a potential sales prospect for their services.  And the saga continues...





I checked my email on Friday morning and saw a pretty standard email alert from my bank.


Hi Steve, an electronic withdrawal was made above your chosen alert limit:

Amount: $719.60
Type: ELEC DRAFT (ACH)
Account: Business Account *******1234
Merchant: CHASE CREDIT CRD EPAY

Transaction date: September 07, 2018


Hmmm, that's odd.

I don't pay my credit card using ACH.  And I definitely don't pay my credit card from that particular business bank account.

I thought to myself:  It's finally happening.  I've been waiting for it to happen for years, and now it is actually happening.

By Wednesday morning, my bank account was completely empty due to fraudulent ACH withdrawals.

Monday, July 2, 2018

Move Forward, Every Day. And Bring Chocolate Cake.

By Steve Endow


Change Is Hard

It's trite, I know.  But it doesn't make it less true.

I think it's worthwhile to pause and take a moment to consider how difficult change can be.  Actually acknowledge it.

Change can be uncomfortable, scary, and stressful.  Change can be costly and arduous and tiring.  Change can be inherently destructive.

It often feels much easier to ignore it, delay it, or pretend it isn't happening.  But you can't always avoid change.  Sometimes you have time to prepare for change, and sometimes you have no advance notice.

In the ERP world, consultants see the symptoms of change regularly when customers implement a new ERP system.

"My old system did X, why can't the new system do X?"

"I just don't have time to learn this new system. I have too much work to do!"

"I liked the old system better."



Turnabout is Fair Play

But occasionally, it seems that those pesky consultants get a taste of change.

Microsoft has changed quite a bit since it acquired Great Plains Software.  Great Plains was rebranded as Dynamics GP, and the GP team at Microsoft put a lot of work into the product, adding new features and expanding its capabilities.

But over the last several years, Microsoft has invested heavily in its 'cloud computing' strategy, with Azure and Software as a Service (SaaS) offerings.  As part of the cloud strategy, Microsoft has also invested heavily in ERP software as a service, hosted in Azure.

Dynamics AX has become Dynamics 365 Finance and Operations, and Dynamics NAV has now, finally, become Dynamics 365 Business Central.  Dynamics GP is notably not on the Microsoft Azure ERP SaaS menu.  It's our turn to change.


Free GP Transaction Search v2.0 now available with new RM and SOP search windows!

By Steve Endow

Version 2.0 of the FREE Dynamics GP Transaction Search is now available! 

A big thanks to Ian Grieve for assistance with the development and testing of this new version!


For more information and to download compiled releases:



Here is a brief video showing the simple installation process and an overview of the search windows:




The latest source code is available on GitHub:



This new release includes two new search windows:

  • RM Transaction Search
  • SOP Transaction Search

Monday, June 11, 2018

Opening Dynamics GP Windows using .NET and Visual Studio Tools

By Steve Endow

When you develop a Dynamics GP customization, you may want to automatically open Dynamics GP windows to add dramatic flair to your application.

I mean really, let's be honest, what's cooler than saying your customization lets the user "drill down" into Dynamics GP?  (Is that still a buzzword? I may be behind the times)

Take the GP Transaction Search tool as an example. When a user searches for an AP transaction, I thought it would be handy if the user could right click on a row and view both vendor information and transaction information directly in Dynamics GP.


Just because I developed the PM Transaction Search window doesn't mean that I want to (or need to) develop a new window just to view vendor info or transaction info.

Why not just leverage Dynamics GP windows to view that information?

I want the user to be able to right click or double click on a row in the grid and view the details in an existing Dynamics GP window.

Here's a full video with a code review of opening GP windows from .NET using Visual Studio Tools:




Fortunately, adding this drill-down functionality to a VS Tools AddIn for Dynamic GP is relatively easy.  For some windows.

For other windows, it requires a slightly more involved process.

And, unfortunately, for some windows, it may be very difficult or impossible.

Tuesday, June 5, 2018

Dynamics GP Transaction Search v1.0 is Available! For FREE!

By Steve Endow

A few weeks ago, a question was posted to the GPUG Open Forum asking why the AP Transaction Inquiry by Document was so slow.


The post explained that the company has so many different vendor accounts for FEDEX that they can't easily search based on vendor ID.  So they find it easier to search by vendor Invoice Number.

Unfortunately, because they have so much transaction history, and because the window pre-loads some data, it takes over 3 minutes for the inquiry window to even be displayed.

That. Is. Crazy.

I was...intrigued.

What would cause a seemingly simple Dynamics GP inquiry window to take 3 minutes just to open?  That's just weird.

So I decided to test the window and trace the SQL activity that occurs when the window performs a search.

It...was...bad.  The PM Transaction Inquiry Document window throws out SQL queries like they're going out of style.


Every single PM transaction record that is retrieved by the inquiry window results in at least 3 subsequent queries.  FOR.  EACH.  RECORD.

After seeing that, I gave up on attempting to "fix" or optimize the window.  It wasn't a SQL performance issue or a question of optimization.  It's just a terrible design.

So, what would an ideal PM Transaction Inquiry window look like?

How about this:



A window that allows you to search by date range AND vendor ID AND vendor name AND document number AND document amount.  All simultaneously.

Here is a video explaining the project and demonstrating the PM Transaction Search window that is included in version 1.0:




As you type each character, this magical search window calls a SQL stored procedure and updates the search results.  In real time.

To keep the window honest, a status bar at the bottom of the window shows how many records were retrieved, how many milliseconds it took to retrieve the data from SQL, as well as how many milliseconds it took to display the data in the window.

We're talking real-world accountability here, folks.

Want to see more info about a transaction?  Just double click on the row to drill into GP!  Or right click on a row to view the master record inquiry window.

Don't like the columns that are displayed in the search window data grid?  No problem.  You can modify the included stored procedure.  Want to add a column or two to the data?  No problem.  Just add a few fields to the procedure.

Are you so thrilled by the results of your search that you want to share them with your coworkers?  No problem.  You can click on the Copy button to copy all of the data in the grid and paste it into Excel.  Or you can click on the CSV button and save the data to a CSV text file.

And the GP Transaction Search tool is extremely simple to install.  Just run a SQL script to create a stored procedure in each of your GP company databases, then copy 3 files into the GP AddIns subdirectory.  It really is that easy.



You must be thinking: Wow, with all of those features, that fancy search window must cost a fortune!

But that's where you're wrong!  The Dynamics GP Transaction Search tool is available for FREE!


Here is the temporary link to download the search tool from OneDrive:

https://1drv.ms/f/s!Au567Fd0af9TogwHx8OKAarDM3Zm


UPDATE: I now have a dedicated page for the GP Transaction Search in the Free Products sections of my web site at:

https://precipioservices.com/free/gp-transaction-search/



But that's not all!  In addition to offering the tool for the rock bottom price of Free, I have published the code on GitHub as an open source project so that others can contribute to the project:

https://github.com/steveendow/gp-transaction-search


If you are a .NET developer or a Dexterity developer and are interested in helping enhance GP Transaction Search, please contact me!

If you have any questions about the search tool, or if you have used it in a real GP environment and have any suggestions for improving it, please contact me!


https://precipioservices.com/contact-us/




You can also find him on Twitter, YouTube, and Google+







Monday, June 4, 2018

"There's nothing wrong with our SQL Servers or network", says the IT department confidently

By Steve Endow

Let me share a story about an all-to-common situation in the life of the Dynamics GP consultant or developer.

You develop an integration, or customization, or implement some software that talks to a SQL Server.  We do this stuff every day.  Normal, routine, common projects.  Just software talkin' to a SQL Server.  It's usually so reliable you don't think twice about it.

Then, after your integration or software has been running just fine for months, without a single issue, you encounter this error on Monday at 1am:

A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: SQL Network Interfaces, error: 26 - Error Locating Server/Instance Specified)


Hmmm, that's odd, we've never had this issue before--the integration has literally never had an issue connecting to the SQL Server.  We've had two dozen other errors related to bad data or import errors, but never before have we seen an issue connecting to the SQL Server.


"Hey IT manager, we received this SQL Server connection error from our weekly on Monday at 1am. Can you look into what might be causing this?"

IT Manager, 5 minutes later:  "Nothing wrong on our end! No errors, no issues, all of our jobs are running fine. If there was a problem, I would have known about it."


Oooookay then.


One week later.  Monday.  1am.  Same error, second week in a row.  And this is occurring for two different integrations--one pointing to the production GP company, and the other pointing to the Test GP company. 


When both integrations are run manually at 10am, they both run fine.  So this is not a fluke, and it is occurring consistently now.


"Hey IT manager, for the second week in a row, we received the SQL Server connection error at 1am. It's occurring with two different integrations, so there is definitely something causing this. Can you please look into this again?"


IT Manager, 1 minute later:  "I was able to figure out the cause of the problem.  We are shutting down our GP SQL Server every night from 10pm to 5am."


Face.  Palm.


I actually encounter this on a regular basis.  Fortunately in this case, it turned out to be a blatantly obvious cause--the IT manager had just forgotten about the change to the server maintenance schedule.  But once he remembered, we had our explanation.

But usually, the problem is less obvious and much more difficult to track down.

It could be a bad switch or network card that causes intermittent SQL connection errors.  It could be custom code that only fires at certain times, locking or blocking SQL resources, causing seemingly random SQL command timeouts that get blamed on your software.  I've even had a situation where a Veeam backup of a completely different VM caused the host machine to drop network connections for other VMs. (a Veeam bug that I believe has been fixed)

I've seen all of my custom SQL objects literally disappear every week because a super security conscious corporate customer has a routine that deleted any unapproved SQL objects from the database.  And then there's the common case of anti-virus software blocking or deleting an EXE or DLL.

Modern networks are complex, and when you have dozens or hundreds of things going on, it's usually not easy to identify what might be causing an intermittent or infrequent problem.  When hardware and software is normally incredibly reliable, it seems that people are resistant to consider the possibility that something other than your integration or software is causing the problem.

Just because your software happens to be the one that is logging the error, there seems to be a strange bias that has people blame your software and deny that something else is preventing your software from communicating with the SQL Server.

I currently work with hundreds of customers, and as a result, I probably see this issue weekly.  Unfortunately, if the IT department claims that their systems are working perfectly, in many cases there isn't much that I can do except to add additional error handling, logging, and diagnostic information to my log files to present to the IT department repeatedly.  Sometimes it's enough to help a motivated tech do enough research to find the cause.  But many times an intermittent non-critical error just gets ignored.

If you encounter this issue with IT departments, do you have any suggestions?  Do you have a technique for making the IT department curious about researching the problem instead of getting defensive?  If so, I'm all ears.




You can also find him on Twitter, YouTube, and Google+