Dynamics GP

1 Connecting to Dynamics GP

To connect set the Url to the Web services endpoint; for example, http://{servername}:{port}/Dynamics/GPService. Additionally, set CompanyId; you can obtain this value in the company setup window: Click Tools -> Setup -> Company.

2 Authenticating to Dynamics GP

The Dynamics GP data source supports the following authentication methods: Anonymous Authentication, WS-Security (WSS) Authentication, Basic Authentication, NTLM User Authentication, Digest and Negotiate (Kerberos).

2.1 Anonymous Authentication

In some situations, Dynamics GP may be connected to without setting any authentication connection properties. To do so, simply set the AuthScheme to "None", and you are ready to connect.

2.2 Authenticate using WS-Security (WSS) Authentication

Set the User and Password to connect and set AuthScheme to "WSS".

Note: WSS Authentication is the default authentication scheme.

2.3 Authenticate using Basic Authentication

Set the User and Password to connect and set AuthScheme to "Basic".

2.4 Authenticate using Windows (NTLM)

Set the Windows User and Password to connect and set AuthScheme to "NTLM".

2.5 Authenticate using Digest Authentication

Set the User and Password to connect and set AuthScheme to "Digest".

2.6 Authenticating with Kerberos

To authenticate to Dynamics GP using Kerberos, set the following properties:

  • AuthScheme: Set this to KERBEROS

  • KerberosKDC: Set this to the host name or IP Address of your Kerberos KDC machine.

  • KerberosSPN: Set this to the service and host of the Dynamics GP Kerberos Principal. This will be the value prior to the '@' symbol (for instance, ) of the (for instance, ).

2.6.1 Retrieve the Kerberos Ticket

You can use one of the following options to retrieve the required Kerberos ticket.

2.6.2 MIT Kerberos Credential Cache File

This option enables you to use the MIT Kerberos Ticket Manager or kinit command to get tickets. Note that you won't need to set the User or Password connection properties with this option.

  1. Ensure that you have an environment variable created called KRB5CCNAME.

  2. Set the KRB5CCNAME environment variable to a path pointing to your credential cache file (for instance, C:\krb_cache\krb5cc_0 or /tmp/krb5cc_0). This file will be created when generating your ticket with MIT Kerberos Ticket Manager.

  3. To obtain a ticket, open the MIT Kerberos Ticket Manager application, click Get Ticket, enter your principal name and password, then click OK. If successful, ticket information will appear in Kerberos Ticket Manager and will now be stored in the credential cache file.

  4. Now that the credential cache file has been created, the provider will use the cache file to obtain the kerberos ticket to connect to Dynamics GP.

As an alternative to setting the KRB5CCNAME environment variable, you can directly set the file path using the KerberosTicketCache property. When set, the provider will use the specified cache file to obtain the kerberos ticket to connect to Dynamics GP.

2.6.3 Keytab File

If the KRB5CCNAME environment variable has not been set, you can retrieve a Kerberos ticket using a Keytab File. To do this, set the User property to the desired username and set the KerberosKeytabFile property to a file path pointing to the keytab file associated with the user.

2.6.4 User and Password

If both the KRB5CCNAME environment variable and the KerberosKeytabFile property have not been set, you can retrieve a ticket using a User and Password combination. To do this, set the User and Password properties to the user/password combo that you use to authenticate with Dynamics GP.

2.6.5 Cross-Realm Authentication

More complex Kerberos environments may require cross-realm authentication where multiple realms and KDC servers are used (e.g. where one realm/KDC is used for user authentication and another realm/KDC used for obtaining the service ticket).

In such an environment, the KerberosRealm and KerberosKDC properties can be set to the values required for user authentication. The KerberosServiceRealm and KerberosServiceKDC properties can be set to the values required to obtain the service ticket.

The following are the connection properties for Microsoft Dynamics GP. Not all properties are required. Enter only property values pertaining to your installation. Several properties will be automatically initialized with the appRules defaults.





The unique identifier of the company to access as a data source.


The password for the user connecting to Dynamics GP.


The URL of the Dynamics GP server.


The user that is authenticating to the Dynamics GP Web Services.



Automatically caches the results of SELECT queries into a cache database specified by either CacheLocation or both of CacheConnection and CacheProvider .


The connection string for the cache database. This property is always used in conjunction with CacheProvider . Setting both properties will override the value set for CacheLocation for caching data.


Specifies the path to the cache when caching to a file.


This property determines whether or not to cache the table metadata to a file store.


The name of the provider to be used to cache data.


The tolerance for stale data in the cache specified in seconds when using AutoCache .


Use offline mode to get the data from the cache instead of the live source.



A password used to authenticate to a proxy-based firewall.


The TCP port for a proxy-based firewall.


The name or IP address of a proxy-based firewall.


The protocol used by a proxy-based firewall.


The user name to use to authenticate with a proxy-based firewall.



A path to the log file.


A string specifying the maximum file count of log files. When the limit is hit, a new log is created in the same folder with the date and time appended to the end and the oldest log file will be deleted.


A string specifying the maximum size in bytes for a log file (for example, 10 MB). When the limit is hit, a new log is created in the same folder with the date and time appended to the end.


The verbosity level that determines the amount of detail included in the log file.



The maximum lifetime of a connection in seconds. Once the time has elapsed, the connection object is disposed.




A boolean indicating if errors on Ids that are looked up should be ignored.


A boolean indicating if ids should be looked up.


Limits the number of rows returned rows when no aggregation or group by is used in the query. This helps avoid performance issues at design time.


These hidden properties are used only in specific use cases.


The allowed idle time for a connection before it is closed.


The maximum connections in the pool.


The minimum number of connections in the pool.


The max seconds to wait for an available connection.


This property indicates whether or not to include pseudo columns as columns to the table.


The certificate to be accepted from the server when connecting using TLS/SSL.


This property enhances SQL functionality beyond what can be supported through the API directly, by enabling in-memory client-side processing.


The value in seconds until the timeout error is thrown, canceling the operation.


This property enables connection pooling.



The authentication type to use to authenticate to the ProxyServer proxy.


This indicates whether to use the system proxy settings or not. This takes precedence over other proxy settings, so you'll need to set ProxyAutoDetect to FALSE in order use custom proxy settings.


A semicolon separated list of hosts or IPs that are exempt from connecting through the ProxyServer .


A password to be used to authenticate to the ProxyServer proxy.


The TCP port the ProxyServer proxy is running on.


The hostname or IP address of a proxy to route HTTP traffic through.


The SSL type to use when connecting to the ProxyServer proxy.


A user name to be used to authenticate to the ProxyServer proxy.



A path to the directory that contains the schema files defining tables, views, and stored procedures.


This property restricts the tables reported to a subset of the available tables. For example, Tables=TableA,TableB,TableC.


Restricts the views reported to a subset of the available tables. For example, Views=ViewA,ViewB,ViewC.

Last updated