Microsoft has changed how the admin user is setup in Dynamics 365 Finance and Supply Chain development virtual machine in order to access the Dynamics 365 development environment after the release of the VHD for version 10.0.24 in LCS. Prior to this version, user just needed to provide a valid domain email in Admin User Provisioning tool to access the Dynamics 365 development environment. But now, when you instantly try to execute the Admin User Provisioning Tool with the domain user, it will give the following error.
Now you need to run a script that will create self-signed certificates to be used on the virtual machine, and a customer-provided application registration ID for authentication. After successfully running the script, the environment will be ready for use.
Reason to introduce App registration
App Registrations enable custom-built or third-party applications to use Microsoft Entra ID security features. By using these features, organizations can ensure that their applications and resources are accessed securely and only by authorized users.
App Registrations can be used to grant permissions to users and groups, configure SSO, and define custom API permissions that the application can request. They also enable administrators to monitor and audit application usage, view application-specific logs, and set up alerts and notifications for suspicious activity.
By using previous approach if we run the AdminUserProvisioning tool we will encounter above error while configure VHD setup for D365 FO 10.0.24 version or later.
Steps to set up for new 10.0.24 version or later
There are some steps required before you can assign it to your Domain:
1. Go tohttps://portal.azure.com > Microsoft Entra ID > App Registration and register a new App
Note: Microsoft has renamed Azure Active Directory (Azure AD) to Microsoft Entra ID for the following reasons:
- to communicate the multicloud, multiplatform functionality of the products,
- to alleviate confusion with Windows Server Active Directory, and
- to unify the Microsoft Entra product family.
- Register a new application in Microsoft Entra ID
2. Provide the One-Box URL as reponse address eg: https://usnconeboxax1aos.cloud.onebox.dynamics.com/
3. Copy the AppID to your clipboard will use later
4. App Registration for Dynamics 365 FO 10.0.24 One-Box Environment completed.
5. Execute the “Generate Self-Signed Certificates” PowerShell script from the Desktop
6. Provide the AppID copied from the App Registration
7. Execute the Admin Provisioning Tool and provide your Domain account address
8. Open https://usnconeboxax1aos.cloud.onebox.dynamics.com/ in Edge and login