There are two main ways to deploy D365FO for development and testing purposes, the more streamlined way is to deploy a preconfigured environment via LCS. While this is extremely straightforward it does incur Azure costs as the resources (virtual machine, networking, storage, etc) are deployed within your Azure instance. The other option is to deploy these resources locally via a virtual hard drive (VHD). This process can help you save overall cost but is also not as straight forward. Let’s look at the steps to do this.
Download the VHD
The first thing to do is to download the VHD from Lifecycle Services (LCS) and navigating to the ‘Shared Asset Library’:
Then navigate to ‘Downloadable VHD’:
Next find the latest VHD version available and download all files related to it, the download will be broken into ‘parts’ be sure to download all parts:
Once downloaded put all files into one folder, you should see one file is of type .exe and the rest are of type .rar. This is because the download is compressed, we need to uncompress it by executing the .exe file which will create the VHD for us:
When you run the .exe file, you will be guided through the extract process and asked for a folder where you would like the VHD to be placed.
After the extraction is complete a VHD file will be created, please note here that these files are MASSIVE (in the screenshot below you can see it is over 133 GB) so be sure wherever you extract this file to has plenty of room. Also for performance reasons, I always recommend these to be stored on a SSD.
The next step is to set up your VHD in a virtualization setup, for my example I am going to use the Hyper-V Manager built into my version of Windows but you can also use others. For some instances of Windows you may need to ‘enable’ the Hyper-V Manager. Within Hyper-V Manager, right click on your computer name and go to New -> Virtual Machine.
Next specify a computer name and ensure where you want to store the virtual machine data.
For the virtual machine generation, I have found that these VHDs only work with Generation 1. If you try to select Generation 2 you will not be able to actually deploy the machine.
On the Assign Memory step, you can set up the amount of RAM you want to allocate to the virtual machine. If feasible with your setup, I would recommend 16 GB or above for performance.
If you want your D365FO environment to be able to connect to the public Internet be sure to set the Connection to ‘Default Switch’ on the Configure Networking step.
It is important that you select the ‘Use an existing Virtual Hard Disk’ option when on the Connect Virtual Hard Disk step. Then point to the path to the VHD you created in the earlier step.
Once you select ‘Finish’ you will see your machine is successfully created.
You can then right click on the machine and select ‘Start’
Once the machine is running you can right click again on it and select ‘Connect’ (also note that this is where you can also control the machine eg: shutdown, machine settings, create a checkpoint).
Once you connect and the machine starts, you will be presented with an initial login screen. An account named ‘localadmin’ is automatically created on the machine and has administrative privileges. The password for this account is: pass@word1
Once you successfully log into the machine, there are some steps that need to be done prior to your D365FO instance actually working.
The first is that you have to tie the VHD you just created to an Azure AD instance via an App Registration (this will allow for D365FO to authenticate users within this tenant to the instance). This can either be through a work instance or a personal instance (I am going to use the instance tied to my @outlook.com account). Navigate to https://portal.azure.com and then select Active Directory, then select App Registrations.
Give your app registration a name and select the ‘Accounts in this organization directory only) radio button, in the Redirect URI add an entry of ‘https://usnconeboxax1aos.cloud.onebox.dynamics.com/’ then click Register.
Once the app registration is created, navigate to the Authentication blade and add an additional redirect URI of ‘https://usnconeboxax1aos.cloud.onebox.dynamics.com/oauth/’ and then click Save.
Once both redirect URIs are added navigate to the Overview page and make a note of the Application (client) ID field, we will need this GUID in the next step.
Now back on your D365FO environment, on your desktop you should see a ‘Generate Self-Signed Certificates’ PowerShell shortcut, double click it:
It will ask for your Application Id, copy the value from the Azure AD app registration you just created and then hit Enter:
Once the PowerShell script has executed you will get a verification that the certificates have been successfully generated:
Next we need to provision our initial admin user within the environment, double click the AdminUserProvisioning tool:
You will need to supply an email address of the user who will be the initial admin of the D365FO instance, please note that this must be an AAD user in the same Azure tenant as the app registration created earlier:
Now that the setup is done, we can launch our D365FO environment. Microsoft uses the Internet Information Services (IIS) Manager to administer the website. If you open this utility and navigate to the AOSService in the left hand pane, you can then find the default URL of the D365FO instance and launch it by clicking on it (or you can use this https://usnconeboxax1aos.cloud.onebox.dynamics.com/).
And you can see that you can successfully navigate to your D365FO instance.
Post Setup Steps
1) Bookmark the default D365FO URL
2) Create a separate ‘admin’ user on the VHD so you don’t have to log in as ‘localadmin’
3) Be sure that RDP is enabled (allows for you to connect from any machine on your network not just the host machine).
4) Install other apps (Google Chrome/Mozilla Firefox, Notepad++, Classic Start etc). I recommend using Ninite to help speed up the process
5) Don’t forget about Windows server licensing, the license attached to the VHD deployment is only good for a small amount of time. If the license expires you will notice that your virtual machine will start to turn off randomly.
There are two options to address this:
- Apply a valid Windows Server license
- You can extend the license validity via Command Prompt command
Feedback: What steps do you do after deploying a new D365FO instance?
Good instructions, thank you!
What I would add is a few words on how to set the environment into maintenance mode (e.g., if you want to change the License configuration).
Since the password of the SQL admin user is not known anymore (the old password does not work for me), the easiest way which I have found is to create a new SQL admin user (for creating a new user, you can use the Windows credentials) and run the Microsoft.Dynamics.AX.Deployment.Setup.exe command with this user.
Could you please share the system requirements to install these vhd?
https://learn.microsoft.com/en-us/dynamics365/fin-ops-core/dev-itpro/dev-tools/development-system-requirements
Alex, thanks for this guide. I followed every step but when try to log into the browser, I’m getting the error AADSTS700016 : Application with identifier ‘MYAPPID’ was not found in the directory ‘Microsoft Services’. This can happen if the application has not ….’
Surprising I can start the debugger and get a user session going with the same email account I used before and failed. Any idea what’s wrong ?
Frank,
Does the user you are logging in as exist in the same Azure Active Directory tenant where your app registration is created? (They need to be in the same tenant)
Is the user you are using to log in a non-work account (ex: email ending in @outlook.com)? (Logging into the UI requires a Azure AD / work account, you can create a free following the first part of this blog post: https://alexdmeyer.com/2023/05/09/how-to-sign-up-for-power-apps-with-microsoft-account/)
Launching a debugger session does not use a normal user session and instead uses a ‘services’ account.
Hi Alex, thanks for this. Unfortunately I am also having error when logging into the onebox url – “AADSTS700016 : Application with identifier ‘xxx’ was not found in the directory ‘ ’ ” I do have an Entra (formerly Azure AD) personal account with assigned role Global Administrator, registered the app (it shows up in both Entra and Azure portals) and assigned myself as the app owner. Should I be using @[EntraIDname].onmicrosoft.com rather than my actual account’s email address? If so, should I enter that when using the AdminProvisioningTool, when logging into the onebox url, or BOTH?
Tee,
I don’t think this is a permissions issue, I think it is an account issue. You have to create a user account on our tenant (similar to this blog post https://alexdmeyer.com/2023/05/09/how-to-sign-up-for-power-apps-with-microsoft-account/). You cannot use a @outlook.com account to log into D365FO, you would need to use a @.onmicrosoft.com (for example I used me@alexitguy.onmicrosoft.com) and that is the email address I used in the AdminProvisioningTool.
Hi Alex,
Thanks for Grate post. I did all as shown above. all good.
but USMF not showing in frontend. data nothing coming. but in SQL data there. in my frontend only DAT showing no data for me. Can you please help me on it.
Krishna,
If the data is there in SQL then it sounds like your user might have a user role restriction for the DAT company.
Are you assigned the SysAdmin role? Did you run the AdminUserProvisioning utility for your user?
Hello Alex,
Thank you for this post. it’s really helpful.
I have encountered error “login failed for user axdbadmin” while running AdminUserProvisioning utility. Additionally, Microsoft Dynamics 365 Unified Operations: Batch Management Service couldn’t start at all. Could you please help me on this?
Simon,
I would recommend looking through this forum post: https://community.dynamics.com/forums/thread/details/?threadid=2e4cc315-072d-4836-b2f5-77bbfde1669f
Olá Alex, no meu caso as VMs funcionaram perfeitamente, porem o build no projeto/solution no VS não funcionam apenas o Build Full na model, sabe o que pode estar ocorrendo?
Olá Diógenes, que erro você recebe ao tentar construir a solução? Você pode fornecer uma captura de tela?
Peço desculpas por quaisquer erros de tradução.
hello Alex,
i did setup everything and i can login(i’m admin) but my collegues cannot. They recieve an error stating that an approval from admin is requested but i don’t understand what to aprove where to find these approval?
thank you
Evald,
I would need the exact error message and the steps to reproduce the error to be able to assist (and screenshots would be great). My guess would be that potentially this local VHD is tied to an Entra ID instance that is separate from the Entra ID tenant the user exists in and this user was added as a ‘guest’ to D365FO. Therefore the D365FO tenant is asking for permissions to be able to view the user details from the user’s tenant. This would require approval from an administrator with access from the user’s Entra ID tenant.
My recommendation in this case would be to create a new user in whatever tenant you created your D365FO environment in and log in that way, that way no approvals are required.
I think you are right. Seems the admin of the tenant must give permission everytime a user try to login on this instance of 365FO or assign to me that role so i can do that. https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/configure-admin-consent-workflow
Waiting from the internal support for these permissions.
hi Alex,
fyi, i confirm it was a problem with the permission on the Tenant of azure.
BR