This article is contributed. See the original author and article here.
The following is the first on a series of articles by @Ali Youssefi that we will be cross-posting into this Test Community Blog. These articles were first published by Ali in the Dynamics community but since the topic is very related with Testing it makes sense to publish here as well.
We will be interrelating cross-posting content with original articles and when it’s a series. Stay tuned!
—————————————————————————————————————–
Summary
EasyRepro is a framework that allow automated UI tests to be performed on a specific Dynamics 365 organization. You can use it to automate testing such as Smoke, Regression, Load, etc. The framework is built from the Open Source Selenium web drivers used by the industry across a wide range of projects and applications. The entire EasyRepro framework is Open Source and available on GitHub. The purpose of this article is to walk through the setup of the EasyRepro framework. It assumes you are familiar with concepts such as working with Unit Tests in Visual Studio, downloading NuGet packages and cloning repositories from GitHub.
Getting Started
Now that you have a basic understanding of what EasyRepro is useful for you probably would like to start working with it. Getting EasyRepro up and running is very simple as the framework is designed with flexibility and agility in mind. However, like any other utility there is some initial learning and few hurdles toget over to begin working with EasyRepro. Let’s start with dependencies!
Dependencies
The first dependency involves the EasyRepro assemblies and the Selenium framework. The second involve .NET, specifically the .NET framework (.NET core can be used and is included as a feature branch!). Finally depending on how you are working with the framework you will want to include a testing framework to design, build and run your unit tests.
Choosing How to Consume the EasyRepro Framework
There are two ways of consuming the EasyRepro framework, one is using the NuGet packages directly while the other is to clone or download from the GitHub repository. The decision to use one over the other primarily depends on your need to explore or extend the framework and how you go about doing so. Working directly with the source code allows exploration into how EasyRepro interacts with Dynamics 365. However for extending the framework the approach of using the NuGet packages and building on top allows for increased flexibility.
Downloading using NuGet Package Manager
The quickest way to get started with the EasyRepro framework is to simply add a NuGet package reference to your unit test project. You can do by running this command in the NuGet Package Manager command line:
Create your unit test project and navigate to the NuGet Package Manager CLI. Use the Install-Package command to get the PowerApps.UIAutomation.Api package as show in the command below (v9.0.2 is the latest as of this writing please refer tothis linkfor any updates:
This will get you the references needed to begin working with the framework immediately. Once installed you should the following packages begin to download into your unit test project:
When complete the required assemblies are available and you can begin working with the EasyRepro framework. There are some settings needed for the framework to connect to your Dynamics 365 organization which if you’re new to the framework maybe unknown. If so I would suggest reviewing the next section which initiates a clone of the EasyRepro framework which happens to include a robust amount of sample unit tests that show how to interact with the framework.
Cloning from GitHub
If you’re new to the framework in my opinion this is the best way to begin familiarizing yourself how it works and how to build a wide range of unit tests. This is also the way to go if you want to understand how EasyRepro is built upon the Selenium framework and how to extend.
To begin go to the official EasyRepro project located athttps://github.com/Microsoft/EasyRepro. Once you’re there take a moment to review the branches available. The branches are structured in a GitFlow approach so if you’re wanting to work with the latest in market release of Dynamics 365 review the releases/* branches. For the latest on going development I would suggest the develop branch.
Start by cloning the project locally to review the contents and see how the interaction between the frameworks occurs.
The gif below shows cloning to Azure DevOps but cloning locally directly from GitHub is also supported.
Cloning locally from Azure DevOps
Another alternative which I highly recommend is to clone to an Azure DevOps project which can then be cloned locally. This will allow us to automate with CI/CD which we will cover in another article. If you decided to clone to Azure DevOps from GitHub the next step is to clone locally.
The gif below shows cloning locally from an Azure DevOps repository.
Reviewing the EasyRepro Source Code Projects
The EasyRepro source code includes a Visual Studio solution with three class library projects and one for sample unit tests.
The projects used by the Unified Interface are Microsoft.Dynamics365.UIAutomation.Api.UCI and Microsoft.Dynamics365.UIAutomation.Api.Browser. Most of the usage between EasyRepro and unit tests will happen with objects and commands within the Microsoft.Dynamics365.UIAutomation.Api.UCI project. This project contains objects to interact with Dynamics Unified Interface modules and forms.
The Microsoft.Dynamics365.UIAutomation.Api.Browser project is limited to interacts with the browser driver and other under the hood components.
Reviewing Sample Unit Tests
Looking into the Open Account Sample Unit Test
The unit test projectMicrosoft.Dynamics365.UIAutomation.Samplecontains hundreds of unit tests which can serve as a great learning tool to better understand how to work with the EasyRepro framework. I highly suggest exploring these tests when you begin to utilize the framework within your test strategy. Many general and specific tasks are essentially laid out and can be transformed to your needs. Examples include opening forms (OpenRecord), navigating (OpenSubArea) and searching for records (Search), creating and updating records (Save).
For this exercise we will open up theUCITestOpenActiveAccountunit test, you can find this using Find within Visual Studio (Ctrl+F). Once found you should see something like the following:
Following the steps within the unit test you can see its designed to perform basic user actions to read an account. We start by logging into an organization (Login). Then we proceed to open the UCI application titled “Sales” (OpenApp). Once in the organization we open the Accounts sub area (OpenSubArea) and search for “Adventure” in the Quick Find View (Search). Finally we open the first record (OpenRecord(0)) in the quick find view results.
Exploring Test Settings
In the current sample Unit Test project the test settings are set in two places: theapp.configfile located in the root of the project and in theTestSettings.csfile, a class object used across all of the tests.
Application Configuration file
Theapp.configfile includes string configurations that tell the tests what organization to login to, who to login as and other under the hood settings like which browser to run and how to run the tests.
Application Configuration File Settings
Property
Description
OnlineUsername
String. Used to represent the test user name.
OnlinePassword
String. Used to represent the test user password.
OnlineCrmUrl
String. Used to represent the organization (i.e. https://<your org>.crm.dynamics.com/main.aspx)
AzureKey
String. GUID representation of Azure Application Insights Instrumentation Key.
BrowserType
String. Represents enum flag for Microsoft.Dynamics365.UIAutomation.Browser.BrowserType.
RemoteBrowserType
String. Represents enum flag for Microsoft.Dynamics365.UIAutomation.Browser.BrowserType. Only used if BrowserType is Remote.
RemoteHubServer
String. Represents Selenium Server remote hub URL. Only used if BrowserType is Remote.
For this article we will focus on simply running locally with the Google Chrome browser by setting theBrowserTypeto “Chrome”. Also inside of theapp.configfile are three settings we need to modify calledOnlineUsername,OnlinePasswordandOnlineCrmUrl. In my case I am using a trial and as you can see below I am using a “user@tenant.onmicrosoft.com” username and a “https://<orgname>.crm.dynamics.com/main.aspx” URL.
Before:
After:
Test Settings and the BrowserOptions object
Another key object is theTestSettingsclass and the various properties inside. This class tells the unit tests how to render the browser, where the browser driver can be located as well as other properties. TheTestSettingsclass will need to be included in the Unit Test project and instantiate theBrowserOptionsobject as shown below:
In the next post we will explore how these settings can change your experience working with unit tests and what options are available.
Next Steps
Conclusion
From this article you should be able to begin using EasyRepro with your Dynamics 365 organization immediately. The next articles will go into designing and debugging unit tests, extending the EasyRepro code, implementing with Azure DevOps and other topics.
Marijn Somers is an MVP for Office Apps and Services who has been active in various roles to help clients deliver successful collaboration and content management solutions for more than 14 years. These roles include project manager, presales engineer, evangelist, SPOC (Single-Point-Of-Contact), trainer, analyst and administrator. Marjin is the founder and owner of Balestra, an outfit which focuses on Microsoft Office 365 and specializes in governance and user adoption for collaboration and document management. Follow him on Twitter @MarjinSomers
Sergio Govoni is a graduate of Computer Science from “Università degli Studi” in Ferrara, Italy. Following almost two decades at Centro Software, a software house that produces the best ERP for manufacturing companies that are export-oriented, Sergio now manages the Development Product Team and is constantly involved on several team projects. For the provided help to technical communities and for sharing his own experience, since 2010 he has received the Microsoft Data Platform MVP award. During 2011 he contributed to writing the book: SQL Server MVP Deep Dives Volume 2. Follow him on Twitter or read his blogs in Italian and English.
Asma Khalid is an Entrepreneur, ISV, Product Manager, Full Stack .Net Expert, Community Speaker, Contributor, and Aspiring YouTuber. Asma counts more than 7 years of hands-on experience in Leading, Developing & Managing IT-related projects and products as an IT industry professional. Asma is the first woman from Pakistan to receive the MVP award three times, and the first to receive C-sharp corner online developer community MVP award four times. See her blog here.
Vesku Nopanen is a Principal Consultant in Office 365 and Modern Work and passionate about Microsoft Teams. He helps and coaches customers to find benefits and value when adopting new tools, methods, ways or working and practices into daily work-life equation. He focuses especially on Microsoft Teams and how it can change organizations’ work. He lives in Turku, Finland. Follow him on Twitter: @Vesanopanen
Freek Berson is an Infrastructure specialist at Wortell, a system integrator company based in the Netherlands. Here he focuses on End User Computing and related technologies, mostly on the Microsoft platform. He is also a managing consultant at rdsgurus.com . He maintains his personal blog at themicrosoftplatform.net where he writes articles related to Remote Desktop Services, Azure and other Microsoft technologies. An MVP since 2011, Freek is also an active moderator on TechNet Forum and contributor to Microsoft TechNet Wiki. He speaks at conferences including BriForum, E2EVC and ExpertsLive. Join his RDS Group on Linked-In here . Follow him on Twitter @fberson
This article is contributed. See the original author and article here.
Excel MVPs are Excel experts who passionately share their knowledge with the community. They’re deeply knowledgeable of Excel and use that knowledge to solve real world problems. They’re driven by their passion, community spirit and quest for knowledge, and always willing to help each other.
We want to start sharing with you some of the knowledge directly from our Excel MVPs:
Excel MVP Liam Bastick looks at what he has been able to glean about these welcome new additions to the Excel myriad of functions, features, and formulae.
Excel MVP Ajay Anand explains 11 advantages of using Excel Tables. There are few bonus tips like the least known shortcut for creating Excel Table, Tables as source data for Dynamic Drop-Down List, shortcuts for Excel Tables, etc.
This article is contributed. See the original author and article here.
Another Friday is upon us, so time to share some of the headlines that have happened this week in terms of Azure news. We have some new preview features in Azure as well as some going Generally Available (GA).
Revised end of service date for Windows 10, version 1803: May 11, 2021
Microsoft are delaying the scheduled end of service date for the Enterprise, Education and IoT Enterprise editions of Windows 10, version 1803. This means that if you are still running that version within your environment you will continued to receive security updates until May 11, 2021 instead of the previous November 2020 date.
Azure Migrate
Support to assess physical, AWS, GCP servers now generally available within Azure Migrate
The ability to assess your physical, AWS, GCP servers with Azure Migrate has been around for a while now and it’s now generally available to use. So, it’s great for assessing those servers on another cloud provider you want to move to Azure or even those virtual machines that are hosted by a managed service provider and you can’t access the hypervisor layer on. I actually covered this off in a blog post and video recently, check it out if you want to see it in action.
Cognitive Services
Public Preview: Cognitive Services Form Recognizer v2.1
Form Recognizer is a cognitive service that uses machine learning technology to identify and extract things like text from documents. In this latest public preview edition they team have introduced support for more languages, so as well as supporting English it now supports Chinese (Simplified), Dutch, French, German, Italian, Portuguese and Spanish. It also has a new pre-built model that will help extract information from a business card.
Azure Storage Icon
AzCopy v10.6 released
A new version of AzCopy has been released, with some exciting features. If you aren’t familiar with AzCopy it is a great command line tool that helps you move data in and out of Azure Storage. One of the new features is the ability to query Blob Versioning, so you can download a specific version of a file or delete it.
MS Learn Module of the Week
MS Learn Banner
Improve incident response with alerting on Azure – responding to incidents and things that happen to your infrastructure in a timely manner is part of what makes and IT department successful. In this MS Learn module you’ll learn how alerting in Azure can help you monitor and response to things happening in your environment.
Let us know in the comments below if there are any news items you would like to see covered in next week show. Az Update streams live every Friday so be sure to catch the next episode and join us in the live chat.
This article is contributed. See the original author and article here.
We recently released an update to Microsoft JDBC Driver for SQL Server, version 8.4.1. The update addresses a few issues that are important to our customers.
Fixed issues
Fixed issue with SQLServerConnectionPoolProxy not being compatible withdelayLoadingLobs#1403
Fixed a potentialNullPointerExceptionissue withdelayLoadingLobs#1403
Fixed issue with decrypting column encryption keys using Windows Certificate Store
Add the JDBC 8.4 RTW driver to your Maven project by adding the following code to your POM file to include it as a dependency in your project (choose .jre8, .jre11, or .jre13 for your required Java version).
This article is contributed. See the original author and article here.
This article is written by Jon Shectman and Brian Delaney, Microsoft.
Have you read about the elevation of privilege vulnerability that exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller? An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network. If you haven’t, you can read about the vulnerability here a and learn how to manage the changes here. Those articles give an excellent overview of the issue, so I won’t repeat it in detail here. In short, we are addressing this vulnerability in a two-part rollout by modifying how Netlogon handles the usage of Netlogon secure channels.
Phase one, deployment, began on Aug 11. In this phase, secure Remote ProtoCol (RPC) is enforced for machine, trust and domain controller accounts. This phase also includes a new group policy object (GPO) and a registry key to manage configuration, and five new Event IDs.
These Event IDs are important for auditing and understanding of the issue. They are as follows:
Machine Events
5827 – Connection denied
5829 – Non-compliant (allowed during Deployment phase)
5830 – Allowed by policy
Trust Events
5828 – Connection denied
5831 – Allowed by policy
Phase two, enforcement, is slated to begin Feb 9, 2021. In phase two, non-compliant machine connections will be denied by default and an Event ID 5827 will be logged. It’s entirely possible to set the new GPO “Domain controller: Allow vulnerable Netlogon secure channel connections” and to simply allow the vulnerable connections. However, that is not recommended. Rather, you should use the new tab in the Insecure Protocols Workbook to detect and understand the five new Event IDs and take appropriate action to address the vulnerable Netlogon sessions prior to the enforcement phase. If you’re new to the Insecure Protocols Workbook, we recommend checking out the getting started guide and then come back here.
To populate the Workbook, take two steps:
1. On your domain controllers, apply the relevant update from CVE-2020-1472.
2. In Azure Sentinel, go to Settings, Workspace Settings, Advanced Settings, Data, Windows Event Logs, and add (or make sure you already have added) Errors and Warnings from the System Log.
Once you have data flowing, it’s time to start using the Insecure Protocols Workbook. The first addition you’ll notice is a new tab, Vulnerable Secure Channel.
The most efficient way to describe how to use this tab is to simply show it – as in the GIF below.
At the top of the tab is a counter (tile) for each of the five new Event IDs. In our lab, for example, we have eight instances of Event ID 5830. That’s the tile I clicked on to filter to that event ID. Next, I “painted” a timebrush slice to filter the queries below to a particular time; then I simply clicked on a Machine Account to show the Machine Account Connections. The result is a highly actionable data set, showing us exactly where we need to research vulnerable secure channel connections.
Once you know where to look, you’ll need to upgrade all Netlogon clients. However, there’s an additional point to consider. Though we expect it to be a rare finding, vulnerable secure channel connections can come from not only machines, but also from trusts (most likely Realm trusts). This configuration may result in significantly increased exposure (Event ID 5828) and may require more planning to remediate.
In this article, we briefly discussed the exposure in vulnerable secure channel connections, how they are logged during the first phase of CVE-2020-1472, and how to audit them with the Insecure Protocols Workbook.
A brief sidenote: If you ever feel your perspectives don’t matter or that your opinions aren’t good enough, we urge you to think again. This workbook enhancement came directly from a conversation on Twitter where multiple folks made the case for it. If you have concepts to add, functionality you’d like to see added, or ideas for improvement, please reach out on Twitter (@shectonsecurity), find us on LinkedIn, or use the comments section. We are all ears.
Thanks for reading and, as always, happy auditing. :)
Recent Comments