Wednesday, November 4, 2015

Microsoft Dynamics NAV 2016 - How to Configure Phone Client.

Hi All,

In this article we will discuss how we can connect Microsoft Dynamics NAV 2016 with New Client Launched i.e. Phone Client.

This Article Contain Steps for a Android Phone as I have Only Android Phone.

I am doing it having all tiers on my windows 8 machine, steps remain same for multiple servers but issues might be different.

What we Need (Other what we discuss in this article) -

 The Service Tier should be on Public IP
. Some of the Data-card does not Provide you Public IP. check it for sure.



If we are a regular Reader you would remember below articles for Credential Type released earlier. We will be following same step but with a Simple Approach using Powershell.

How to Use Nav User Password in Microsoft Dynamics NAV 2013.

How to Use Nav User Password in Microsoft Dynamics NAV 2013 R2.

This is Diwali Gift to all my Readers. Thank you all.

So let's Start. 



Step 1. We Need to have a Certificate to connect Navision Service Tier Using Nav User Password.
----------------------------------------------------------------------------------------------------------------

1. Download PowerShell Scripts From Technet. (LINK)



2. Create the Certificate.

1. Open a PowerShell prompt with the option As administrator.

2. Go to the directory where you saved the New-SelfSignedCertificateEx.ps1 file.

3. Run the following command: Import-Module .\New-SelfSignedCertificateEx.ps1.



4. Then run the following command:

New-SelfSignedCertificateEx –Subject “CN=<your site name>” –IsCA $true –Exportable –StoreLocation LocalMachine –StoreName My.

Update Use Command - 
New-SelfSignedCertificateEx –Subject “CN=<your site name>” –IsCA $true –Exportable –StoreLocation LocalMachine

Remember -
<your site name> = Machine Name of the Server where Navision Service Tier Is Installed.
Go To My Computer Properties and Full Computer Name is the Parameter Value.

5. Certificate will be generated once we execute above command as shown below.


6. Manage the certificate:

Open the mmc.exe.
Go to the File menu, and then choose Add/Remove Snap-in...
Select Certificates.
Choose Add.
Select the computer account.
Choose Finish and then OK.


Locate and copy the certificate you just created in the personal/certificates folder.
Name will be same as your service tier Machine.
The Expiration Date Will be 1Y-2D (01 Year - 02 Days) for that certificate.
Valid From 01 Day Before you create Certificate.

Paste the certificate into the Trusted Root Certification Authorities/Certificates folder.



Select the certificate, right-click and export the certificate.
Select the No, do not export the private key option.
Choose Next.
Select DER encoded binary x.509 (.cer).
Specify a location and filename and finish the wizard.


**Microsoft Dynamics NAV 2016 Phone Client works will all types of Credential Type Available in Service Tier. You can Skip Step 2, Step 3 and Step 4 if you want to use Windows Authentication.
-----------------------------------------------------------------------------------------------------------
Step 2 - Configuration of Service Tier With Credential Type NavUserPassword.
-----------------------------------------------------------------------------------------------------------
1. Create a User in Navision.
For Demo I am using -
UserName - mobileuser
Password - Mobileuser123
Permission - As per your requirement.



2. Open Navision Service Tier and Create a New Service as Shown Below.



3. Change Below Parameters in Newly Created Service.
> Credential Type - NavUserPassword
> Certificate Thumbprint - From the Certificate that we created in Step 1.
> Stop and Start the Service.
> Make sure that service is running with a Domain Account...



** How to Get Certificate Thumbprint.
> Open the Certificate Exported in Step 1.
> Navigate to Details Tab.
> Navigate to Last Property(Certificate Thumbprint) and Select.
> Copy the Value as shown below and paste it in Notepad.
> Paste this value from Notepad to Service.


-----------------------------------------------------------------------------------------------------------
Step 3 -Configure the Windows Client With Credential Type NavUserPassword.
-----------------------------------------------------------------------------------------------------------

1. Navigate to C:\Users\<UserName>\AppData\Roaming\Microsoft\Microsoft Dynamics NAV\90
** Replace <UserName> With Your Name.

2. Change ClientServicesCredentialType Paramter in ClientUserSettings.config file.


-----------------------------------------------------------------------------------------------------------
Step 4 -Configure the Web Client With Credential Type NavUserPassword.
-----------------------------------------------------------------------------------------------------------
1. Navigate to C:\inetpub\wwwroot\DynamicsNAV90.

2. Change Following Parameters in Web.config file.
> ServerInstance
> ClientServicesCredentialType
> ClientServicesPort

My Values - 
> ServerInstance - PhoneClientDemo
> ClientServicesCredentialType - NavUserPassword.
> ClientServicesPort - 200046

-----------------------------------------------------------------------------------------------------------
Step 5 - Configure the Web Server For Web , Tablet & Phone Client.
-----------------------------------------------------------------------------------------------------------
1. Open IIS Manager.
2. Select Microsoft Dynamics NAV 2016 Web Client.
3. From Right Hand Panel Select Binding and create a Binding for https using the certificate you added in Step 1, as shown below.



4. Stop and Start the Web Site.
5. Browse web client using https://<<Certificate Name>>/DynamicsNAV90/

Where -
<<Certificate Name>> =  Navision Server Name, as we used the Server name in Step 1 which creating Certificate.
DynamicsNAV90 - because we haven't created New Web Server Instance for Same and Modified the Setting on Existing Web Instance.

-----------------------------------------------------------------------------------------------------------
Step 6 - A Conman Error While Binding Certificate to IIS Web Site. 
-----------------------------------------------------------------------------------------------------------
The process cannot access the file because it is being used by another process. (Exception from HRESULT: 0x80070020)

Cause - That Means the Port is being used by some other application. In our case we were using port 443.

How to Identify Which application is using - Find Process ID of the application using command at command prompt -
netstat -aon | find ":443"



Just goto Task Manager and From Details Tab Select the Process and Kill It.
** If you want use a different port you can use that in Step 5 during binding.

-----------------------------------------------------------------------------------------------------------
Step 7 - Install Certificates on the Phone.
-----------------------------------------------------------------------------------------------------------
1. For Android, do the following:
 > Copy or mail the certificate that you exported.
 > Run the certificate file and install the certificate.
 > You are now ready to start the Dynamics NAV app.



2. For Windows, do the following:
> If you run the client on the same box as the web server, then you are all set to go.
> Copy the certificate you exported to the tablet, install the certificate and place the certificate in the Trusted root certification authorities folder of the local machine.

For IOS, do the following:
> Use the iPhone Configuration Utility tool from Apple http://support.apple.com/downloads/#iphone or mail the certificate you exported.
> Run the certificate file and install the certificate.
> You are now ready to start the Dynamics NAV app.

-----------------------------------------------------------------------------------------------------------
Step 8 - Browse All Client. (Follow the Order, it makes it easy to resolve issue)
-----------------------------------------------------------------------------------------------------------
1. Open Role Tailored Client.



2. Open Web Client.



3. Open Tablet Client. (URL - https://<<Certificate Name>>/DynamicsNAV90/)



4. Open Phone Client. (https://<<Certificate Name>>/DynamicsNAV90/)


-----------------------------------------------------------------------------------------------------------

Hope the above steps help you while you are planning to configure different client types with Microsoft Dynamics NAV 2016.

Will be waiting for your comments on the article.

Regards,
Saurav Dhyani

21 comments:

  1. Hi, I need help regrading the certificate point.
    I am currently working in a company and all of our data is on an office local server that we use and we just want to get started with the app. Just want to see the same data on the NAV mobile app using office wifi only. Not bothering about a public IP for now.
    Can you please explain what is the significance of this certificate because we already have a NAV license. Are these two things anywhere related, I mean, do we really have to do this certificate thing in our scenario?

    ReplyDelete
    Replies
    1. Hi Neelam,
      If you plan to use same data via Phone / Tablet client using Same Network (Office WIFI) then you dont need ceritificate if you plan to use windows login. But if you have to use NAVUserNamePasword then certificate is mandatory.
      Now the catch is can you use Windows authentication via phone that you will have to check by testing access on phone.

      Delete
    2. Thank you Saurav for your answer.
      So, here's the thing.
      1. I use Navison On-premise(NOT on cloud) on my desktop at office and the database is at a server that whole of my team uses.
      2. I downloaded Navision app on my phone, and connected my phone with the office wifi.
      3. As I open the app, it shows a blue screen with a message that says"To get started, you have to connect this app to a service on the internet" and asking me to enter a 'service name'.
      4. According to the example give below, I entered 'https://myserverIP/myNAVinstance' and I pressed entered. But I am getting an error saying 'Could not connect to server'.

      My question is, is there something that I'm missing? Do I need to follow some setting in the 'Dynamics NAV 2016 Administration' environment regarding the web Client? Or something else because these are the only things that I have done so far.

      P.S: I am new to Navision but we have this client to whom we have to deliver Navision mobile app.

      Delete
    3. Neelam,
      Lets understand it like this.
      1. Your Phone (i am assuming) is not a windows Phone, so you are not logging in with a AD Account. RIGHT?
      2. If you are not logging in with an AD Account how NAV will verify your windows Credential?
      What are other options -
      3. You need to allow your NAV Service Tier (a seprate Service Tier) to allow non windows users.
      4. For that you will require to use NavUserPassword which will require a certificate.
      5. As your are planning to operate in house, you can build your own certificate and you it on your phones.

      If you have any questions, please let me know.

      Delete
  2. Hi, I need help regrading the certificate point.
    I am currently working in a company and all of our data is on an office local server that we use and we just want to get started with the app. Just want to see the same data on the NAV mobile app using office wifi only. Not bothering about a public IP for now.
    Can you please explain what is the significance of this certificate because we already have a NAV license. Are these two things anywhere related, I mean, do we really have to do this certificate thing in our scenario?

    ReplyDelete
  3. Hello Saurav,

    I am following the steps and generated Thumbprint successfully in powershell, but I am stuck at step 2.6: where we need to copy certificate from Personal to Trusted Root Certification.

    Problem is, I don't see any certificate under Personal, so there is nothing for me to copy. Can you please explain why?

    ReplyDelete
    Replies
    1. While Generating Certificate using powershell what server name you provided. Is there an error when you execute Powershell cmdlet?

      Delete
  4. Hello Saurav,
    I am able to generate the certificate but got stuck at
    Step 4 -Configure the Web Client With Credential Type NavUserPassword.
    When I tried to move to the mentioned directory, I am not able to find "DynamicsNAV90" folder. Instead "DynamicsNAV90Help" folder is there and there is no config file inside it.
    Please suggest me what should I do now?

    ReplyDelete
    Replies
    1. Hello Neelam,
      You need to check in the server where you installed web server.
      That server will have folder.

      Delete
  5. Hello Sourav,
    I tried to follow the steps mentioned above but got stuck while Binding in IIS.
    When I tried to start the website, every time it is showing "This website cannot be started. Another website may be using the same port".
    I changed the port multiple number of times, still it is showing the same error.
    Can you please help me on this?

    ReplyDelete
    Replies
    1. Please read step - Step 6 - A Conman Error While Binding Certificate to IIS Web Site.

      Delete
  6. Hello Saurav,

    I followed all the mentioned steps and able to login on web client but through the url https://localhost:8888/DynamicsNAV90.

    Now when I am trying to login on Mobile App by providing https://<>/DynamicsNAV90/ , it is showing "Could not connect to Server". Also please tell me what do you mean by Certificate Name here.

    ReplyDelete
    Replies
    1. As in article you need to use the certificate Name which is -
      <> = Navision Server Name, as we used the Server name in Step 1 which creating Certificate.

      While creating certificate what you specify in parameter - that is the certificate name.

      Delete
  7. Hello Saurav,

    I generated the certificate and able to open the web client after following above mentioned steps.
    But in Mobile app, It is showing Could not connect to server even when I have installed the certificate in the mobile.
    Please help me on this.

    ReplyDelete
    Replies
    1. Are you in the same Network in which Service Tier is placed or you are connected to Phone in a Different Network.

      Delete
  8. hi,

    i followed your all steps for start mobile application. but it works fine with windows phone only. rest android and Iphone are not working says "Server Connection timeout Occurred". can you please help me out for this error.

    ReplyDelete
  9. Hai Saurav i cannot connect through my andoriod and IOS phone its says server connection timeout occurred i can connect through windows store Dynamic nav app.

    ReplyDelete
    Replies
    1. Are you in same network on Phone and NAV Server?

      Delete
  10. Hi Saurav,

    In your blog you are creating PhoneClientDemo, new NAV Server instacne again you are using DynamicsNAV90 instance in final URL, it's little confused us, could you please guide the same.

    ReplyDelete
    Replies
    1. The DynamicsNAV90 is the name of web service instance not the server instance. I have updated web service instance with the PhoneClientDemo service tier.
      If required you can create a new web service instance also.

      Delete