local business data dynamics 365 for finance and ... · steps to deploy 1. create lcs project for...
TRANSCRIPT
On-premises Deployment Dynamics 365 for Finance and Operations, Enterprise Edition
Architect: Sachin Gandhi
Date: 10/19/2017
Agenda• On-premises deployment use cases• System Requirements
• Hardware and Software• Sizing Guidance
• Licensing• How to deploy?
• Prerequisite Infrastructure• Active Directory (with AD Sync)• ADFS• SQL Server
• Service Fabric Cluster• Deploy LCS Connector• Configure and Deploy D365FF&O from LCS
• What features are not available yet• Q&A
Reasons for using on-premises
• Cloud first• Talk to your customer
• Make sure you have a valid reason to go on-premises
• Valid reasons to use on-premise• Data Sovereignty
• Unreliable internet connectivity
Architecture
ALM Architecture
Hardware Requirements
Production
# Required Cores/VM Memory/VM Cores All VMs Memory All VMs
AOS 3 8 24 24 72
MR 2 4 16 8 32
SSRS 1 4 16 4 16
Orchestrator 3 4 16 12 48
Total 48 168
Sandbox
# Required Cores/VM Memory/VM Cores All VMs Memory All VMs
AOS 2 8 24 16 48
MR 1 4 16 4 16
SSRS 1 4 16 4 16
Orchestrator 3 4 16 12 48
Total 36 128
Excluding SQL Server, AD, ADFS, File Server
Hardware Requirements
*SQL Server sizes are highly dependent on workloads.
Hardware Requirements
License Serial Number
• Partner should go to the Partner Business Center and get the license serial number for the customer
• Follow the steps in the provisioning guide on customer source to create the on-premise project in LCS
• Provisioning Guide
Sizing Guidance
• SQL (Cluster or Mirroring Setup)• 3K to 15K transaction lines/hour per core
• 3:1 AOS to SQL core ratio
• 2 to 4 GB memory per core
• AOS • 2K to 6K transaction lines per core
• 16 GB per instance
• 10 to 15 Enterprise / 15 to 25 Activity / 25 to 50 Team per core
Steps to Deploy
1. Create LCS Project for On-Premise
2. Basic Infrastructure • Create AD, AD DS, SQL Server 2016 SP1 Cluster, File Server
• Create required VMs for each type (Orchestrator, AOS, MR, SSRS), assign static IP and domain join.
3. Install Prerequisite Software• AOS (ODBC Drivers, .NET 2.0-3.5, .NET 4.0-4.6, IIS, SSMS, C++ Redistributable, Access DB Engine)
• BI (.NET 2.0-3.5, .NET 4.0-4.6, SSMS, SSRS)
• MR (.NET 2.0-3.5, .NET 4.0-4.6)
Setup Documentation
Steps to Create Service Fabric Cluster
4. Create DNS Zones and A records• ax.d365ffo.onprem.contoso.com for AOS machines
• sf.d365ffo.onprem.contoso.com for the Service Fabric cluster
5. Download setup scripts from LCS Shared Asset Library• Populate ConfigTemplate.xml file
• Run script .\New-D365FOGMSAAccounts to create service accounts
6. Configure certificates• .\New-SelfSignedCertificates.ps1 -ConfigurationFilePath .\ConfigTemplate.xml
• .\Export-PfxFiles.ps1 -ConfigurationFilePath .\ConfigTemplate.xml
Steps to Create Service Fabric Cluster
7. Setup VM’s 1. Generate scripts for each VM in cluster
1. .\Export-Scripts.ps1 -ConfigurationFilePath .\ConfigTemplate.xml
2. Copy the corresponding scripts to it’s VM
2. On each VM run the following scripts1. .\Configure-PreReqs.ps1 -MSIFilePath <path of the MSIs>
2. .\Add-GMSAOnVM.ps1
3. .\Import-PfxFiles.ps1
4. .\Set-CertificateAcls.ps1
5. .\Test-D365FOConfiguration.ps1
Steps to Create Service Fabric Cluster
8. Create a Service Fabric Cluster1. Install Service Fabric standalone package
2. Generate ClusterConfig.json file• .\New-SFClusterConfig.ps1 -ConfigurationFilePath .\ConfigTemplate.xml -TemplateConfig
<ServiceFabricStandaloneInstallerPath>\ClusterConfig.X509.MultiMachine.json
3. Test Configuration and Install Service Fabric Cluster• .\TestConfiguration.ps1 -ClusterConfigFilePath .\clusterConfig.json
• .\CreateServiceFabricCluster.ps1 -ClusterConfigFilePath .\ClusterConfig.json
• https://sf.d365ffo.onprem.contoso.com:19080
Configure LCS Connectivity, SQL Encryption
9. Configure LCS Connectivity for tenant• .\AddCertToServicePrincipal.ps1 -CertificateThumbprint <OnPremLocalAgent Certificate Thumbprint>
10.Create File Shares (SMB 3.0)• Agent
• AOS-Storage
11.Configure SQL Server• Create certificate for encryption and install public certificate on each machine that would connect to SQL
• Copy certificate thumbprint to
• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\MSSQL.x\MSSQLServer\SuperSocketNetLib\Certificate
• Microsoft SQL Server Configuration Manager, set ForceEncryption to Yes.
Configure SQL Encryption & Databases
12.Configure Databases• Restore AxDB
• Create Empty OrchestratorData DB
• Create Financial Reporting DB
13.Encrypt SQL Credentials• Create a Credentials.json file with SQL Credentials
• Encrypt it using Invoke-ServiceFabricEncryptText command
• Copy it to: \\<File Server>\agent\Credentials\Credentials.json
Setup ADFS for Authentication
14. Configure ADFS • .\Publish-ADFSApplicationGroup.ps1 -HostUrl 'https://ax.d365ffo.onprem.contoso.com’
• Verify• https://<adfs-dns-name>/adfs/.well-known/openid-configuration
Install Local Agent
• Install Local Agent • LocalAgentCLI.exe Install <path of config.json>
Validate LCS Connectivity
• Validate Connector
Configure Deployment Setting
• Configure and Deploy the environment from LCS
Service Fabric Explorer View
End Result – Finance and Operations
Documentation
• On-premises deployment landing page
• System Requirements
• Features not yet implemented for on-premise
• Microsoft Trust Center
• Provisioning Guide
• Buy Dynamics 365 for Finance and Operations
Q&A
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S.
and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because
Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any
information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION