Addsum web site and general info

Postings here will focus mainly on Advanced Accounting software updates, tips, and related topics. They will also include general comments relating to troubleshooting PC/Windows/network problems and may also include reference to our other software products and projects including any of our various utilities, or to the TAS Premier programming language. We considered setting up separate blogs for different topics so that users/others could subscribe to topics mostly aligned with their interests, but decided that it would be better to keep things simple since some topics cross over into others. We would nonetheless welcome your feedback/input in this regard. Our web site URL is www.addsuminc.com. Call us at 800-648-6258 or 801-277-9240. We also maintain www.advancedaccounting.us so that older Business Tools users in particular have a greater chance to find us.

Follow

We highly recommend that accounting software users "follow" this blog via e-mail (enter your address and click on Submit below) or subscribe to a feed (see also below) as a way to keep current on the latest updates and accounting software news and information. You may also want to whitelist this e-mail address: noreply@blogger.com.

Follow by e-mail

Friday, June 23, 2017

TAS and Advanced Accounting in the beginning

Many of our current customers began using the TAS development system originally developed by Business Tools, Inc. and the early versions of the accounting software called TAS Accounting Software (and TAS-Books, later Books, and Advanced Accounting) after seeing advertisements that ran in the 1985 to 1987 time period ( which continued into the early 1990's) in periodicals such as PC Magazine and InfoWorld.

The introduction of a low cost (under $100) fourth generation language with an integrated screen editor, program and report generator, data dictionary and runtime compiler was ground breaking.  It also pushed back against the "copy protection" schemes of that era. 

And including the source code with the purchase of the accounting software (a practice which Business Tools continued into the late 80's and also the early 90's with their second and third major releases) was also somewhat revolutionary. 

Advanced Accounting today remains a modifiable accounting software system.

We appreciate the loyalty, and celebrate the longevity of, the continuing TAS/Advanced Accounting end user customer base.




PC Magazine October 29, 1985
TAS Hard-Nosed Database plus optional TAS Accounting Software bundled with source code
TAS 1.0 (Level 1/2/3 releases)



InfoWorld September 22, 1986
TAS-Plus (aka TAS 2.0)


PC Magazine May 13, 1986
TAS-Plus, TAS-Books, Advanced Accounting
One of the earliest uses of the Advanced Accounting trademark

PC Magazine February 10, 1987
TAS-Books vs. Dac-Easy
TAS-Books was developed using TAS-Plus (TAS "2.0")

PC Magazine January 28, 1992
Advanced Accounting 3.0 (developed with TAS Professional 3.0)

PC Magazine April 14, 1992
Advanced Accounting 3.0 (developed with TAS Professional 3.0)






Monday, May 22, 2017

From Books 2.04 to Advanced Accounting 7i

A user that we have provided occasional support to since February of 1997 and who had been a Business Tools accounting software for well over a decade prior to that, recently decided to make the jump to a more modern version of the software.  

It remains completely possible to move data from some of the oldest legacy Books and Advanced Accounting versions to the latest release.  But there are challenges.   And in this case, even though the software had not been customized (one of the reasons why sometimes users don't move forward into new versions and which can pose an additional considerable challenge), more obstacles than might have been expected were encountered.

Challenges and obstacles:

Just to move a Books 2.04 system forward is a somewhat tricky task even when everything works exactly the way it should.  And in this case, it initially did not.

Program age and limited feature set:   Books 2.04 (Copyright 1988 Business Tools Inc.) was based on the TAS Professional 3.0 application development system (Copyright 1986-1988 Business Tools Inc.).   It had a reduced feature set compared to Advanced Accounting 3.0 which was also based on TAS 3.0.   The latest tas.exe executable file in the 3.0 series was dated October 30, 1991 and this was the executable in place on this Books 2.04 end user system.

 Books 2.04 was the next upgrade in the evolutionary line after the prior TAS-Books system developed using TAS-Plus 2.0 (both Copyright 1986 Business Tools, Inc.), and it was still using Btrieve 4.11b (Copyright 1982, 1988 Novell) dated February 29, 1988, which loaded as a TSR usually in a batch file prior to calling the tas.exe executable.  Orders in fact had been entered and processed earlier in this month.


Books 2.04
Unlike its peer product Advanced Accounting 3.0,  the Books 2.0 series lacked the concept of a sales order number (it only had invoice numbers), had no invoice history files, no purchase order history file, no multiple location handling, etc.   The 3.0 development series that both were based on also handled multiple companies very differently internally than would be the case starting with version 4.0.

Dictionary files were unexpectedly corrupt:  In moving  a legacy system forward, a Books 2.04 or Advanced Accounting 3.0 system must first be converted (in terms of its data; the program themselves are not converted but rather updated and replaced via software upgrade installations) to Advanced Accounting 5.1 (versions 4.0 and 5.0 can be skipped in terms of data conversion).   An even older system such as TAS-Books 1.02 would have to first be converted to a TAS 3.0 based system.   With over 20 years of use, some data files might be expected to become corrupt.  None however appeared to be in this case.  In running the standard conversion process to Advanced Accounting 5.1 after making the necessary preparations, we ran into an unusual problem:  the conversion process was clearly going through each file and converting each record, yet every single record saved into the 5.1 version was blank.   Yet there were no error messages encountered during the conversion process. This is not behavior that we had previously experienced. 

After a lot of troubleshooting and trial and error, we finally realized that the TASDICT.M file (version 3.0 based systems have *.M* data files; later versions starting with version 4.0 have *.B* file extensions) was corrupt after trying to reindex it in several different ways including using the Pervasive rebuild utility:   This was true of both dictionary files required in this version to support the two different sets of company data that were converted, and even though the last date stamp of these files was January 30, 1998.  The dictionary (and location) files do not change on a regular basis and there was no reason to expect that they were corrupt.   And in fact, it is rare for dictionary files to ever become corrupt in any version.

Yet the results of a Pervasive rebuild indicated that both the dictionary files (one for each company) in fact were bad.

The rebuild operation start time is 05/20/17 12:22:58.
rbldcli -c -sK -pP -f6  C:\books\tasdict.m

REBUILD-20: The utility is processing C:\books\tasdict.m.
REBUILD-68: Status code 2 was returned while copying records from the following file:
C:\books\tasdict.m.
REBUILD rejected a total of    645 records.
REBUILD copied a total of     90 records.
REBUILD rebuilt a total of      0 indexes.
The rebuild operation end time is 05/20/17 12:22:58.

Another symptom of corruption was the fact that the "maintain database" program could not find its matching field records when attempting to use it for any desired file.   The dictionary files that define fields and tables otherwise remain static and aren't even opened and used in any way by older versions including through version 5.1 other than the location file.  So the problem of the corrupt dictionary files wouldn't have caused any end user problems unless the user needed to use the maintain database option (which apparently they did not) or in the conversion process that was now desired.

Since the dictionary files could not be repaired or at least not easily, we then had to hunt for a replacement.   We no longer have an installation package that we could find for a standard Books 2.04 system.   We would not expect the user to have a backup from before 1998 of the afflicted file.  But,  we found one in connection with an old project.  And we determined that with the replaced file, the conversion did work; except, the TASDICT.M replacement file had layouts that had been customized which created problems until some of those changed layouts were changed back to match the standard Books 2.04 system being converted.  

Post 5.1 conversion problems:  Because of limitations of Books 2.04, a special utility that we completed in May of 1999 (named BKBK20) has to be run to move posted sales order invoices out of the pending file into historical files, among other things.  That program has to be run in each converted company. That worked as expected.

However, a serious year 2000 (Y2K ) issue remained, and one that was anticipated.   Books 2.0 and Advanced Accounting 3.0 were not Y2K compliant because of the century problem engendered by the use of short dates, i.e.  a system using short dates in the MM/DD/YY or other similar short year format has to make an assumption as to what the current sliding century is based on.  And legacy development systems such as TAS 3.0, simply used a 1900 to 1999 century period meaning that a date entered as 01/01/00 would be interpreted as a 1900 date.  This though was not a problem of the Btrieve record manager engine (which has always saved dates as long dates, never as short dates and this is still true with the more modern Pervasive systems) but in interpretation of a short date century by the implementing software (in this case, tas.exe).   While attempts were made by Business Tools to effect Y2K changes in later versions, only version 5.1 became the first Y2K compliant version in terms of fully and correctly interpreting dates entered in the 21st century (well, for at least the first 20 years of  the new centruy; the sliding century for versions newer than 5.1 is much greater).

Users of versions prior to 5.1 who did not upgrade their software by January 1, 2000 typically were customized users who in anticipation of a Y2K problem had TAS 3.0 developers change every "short date" to a "long date" in their system.  This is not the approach taken to solve the issue in the newer Advanced Accounting series that continues to use short dates for date entry (which saves users entry item and leads to fewer entry errors) but it was the solution of choice in customized TAS 3.0 systems (it was not however the only choice, but typically  the only option that was commonly implemented).  And there are many dates that had to be changed including changing all of the internal temporary date fields and all of the screens with dates on them had to be addressed including sometimes placing that date in a slightly different position to accommodate the extra two digits.  Lots of tedious work was involved.  So it was not a trivial undertaking also because every single program using a short date would then also have to be recompiled along with changes every single screen or report "mounted" by that program, and lookup lists also requiring realignment for the extra two digits and so forth, and then tested.

This Books 2.04 user had decided to roll the dice and live with whatever consequences came their way in terms of the Y2K issue.   This did not mean that their system stopped functioning as of January 1, 2000, a system that they continued to then use for an additional 16+ years past that data.  But it did mean that the system did not "understand" that a "99" date and prior was older than a "00" date which would have led to problems in posting things into a prior year, customer aging lists, all reports that included any prior year dates in a date range, etc.  In the year 2000 itself, there would be been lots of problems.  As time went on though and years passed, the fact that the system was not Y2K compliant meant very little and the software would have had all of the appearance of working exactly as it did prior to the turn of the century.  

But given all of the data that was dated on/after January 1, 2000 intending to be in a new century and not the old one, and given that this information was now going to be contained in a system that was Y2K compliant, the date problem had to be fixed.  Using in part a utility we had written to address this issue, the century problem in the underlying short date data was fixed so that dates would sort and behave as expected.   

There were also some GL and other technical setup issues that had to be resolved.  And finally, we had a Books 2.04 system converted to Adv 5.1


Advanced Accounting 5.1

Final phase to Adv 7i:  From here, standard tools we developed going back to 2004 and enhanced since then were used to move the 5.1 converted data for two companies to the latest version.  This involves a series of steps, but all went very quickly and very smoothly.  

And so finally the system was ready for use, containing all of the customer, inventory and sales history data from the Books 2.04 system.


Advanced Accounting 7i
















Wednesday, May 17, 2017

Windows cannot access specified device

An unusual occurrence leading to a Btrieve status code 20 ("Record manager inactive") occurred to a user of an older version of the Btrieve engine recently.  In troubleshooting the error and clicking on the legacy Microkernel engine, we received the dreaded "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item."




Yet users did have permission.   Curiously though for this one (critical) record manager engine file, Windows could not show the security and required elevated access (which it already had).   Then it showed group access and ownership erratically, sometimes as expected, sometimes not.  And when trying to take ownership and establishing security levels, permissions could not be saved. 

Trying to run the w32mkde.exe from a command prompt gave the message "Access denied" leading us to suspect that there were open sessions.

And there were. At least three sessions were still running even though apparently a power outage occurred (and when the "server" - a 2008 Server -  might have gone down, but in re-booting seemingly returned to a prior state rather than starting back up with a fresh boot). Or perhaps there wasn't a power outage and the server simply went to sleep.

After closing all of the three running sessions that had a number of files open including the w32mkde.exe, that file was then literally . . . . . gone.   Vanished.  Poof.  It alone had to be reinstalled/copied into the software folder.

We've seen this behavior before:  something (or someone) tries to delete a file but can't because it is open.  Then when the session is closed that has that file open, the operating system then, on a delayed basis, deletes the file.  But if the file is being denied access and appears to still exist, why is it deleted later?  And we've seen this happen with other executables as well when we have tried to remove them after not realizing they were open.

Sometimes this message can indicate that the file is blocked and needs to be unblocked.  That was also not however the case here.

The situation here in fact involves  a "shared delete" described here under SMB file locking:

https://docs.microsoft.com/en-us/rest/api/storageservices/managing-file-locks

"Shared delete: Allows subsequent deleting of a file. If this flag is not specified, any request to delete the file will fail until the file is closed."

So a currently open file that has a sharing violation can be flagged for deletion if an attempt is made to delete it while that file is open (e.g. at a cmd prompt:  DEL SOMEFILE.EXE).   The file will appear to exist (since it actually still does) but if run (in the case of an executable) the operating system will respond with "Access denied" and then when the processes or user sessions that had file open are closed, the file will be gone. 

The same exact situation can be duplicated with other types of files that are open and if an attempt is made to delete them while open.   This behavior is not unique to "server" class PC's.

This scenario is very different than situations where users receive an "access denied" response or "Windows cannot access the specified device" due to permission or other issues.  In this case, we do not know what had triggered the attempt to delete the w32mkde.exe in the first place.




Additional information:


Process Explorer (part of Windows Sysinternals, so it is a free download) can tell you which program has a particular or directory open and is available for Windows Vista and above:

https://technet.microsoft.com/en-us/sysinternals/bb896653

In terms of who has a file open on a PC network, we typically use compmgmt.msc (then Shared Folders and then Open Files).  However that approach alone will not necessarily identify all open files nor therefore necessarily be able to close all files that may be open  (for example, on Pervasive systems, the Pervasive monitor is needed to see open data files and to close them; and so related files/sessions should not be closed via compmgmt.msc until using the monitor utility on applicable systems to verify that a given user's data files are not open and/or to close them).






Microsoft catalog link for WannaCry

The direct Microsoft catalog update link for installing the WannaCry (aka "WannaCrypt") security update or patch (i.e. KB4012598, vulnerability MS17-010) can be found here:

http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598

You might wonder why Windows 7 is not referenced in the KB4012598 update.  This is because the updates for Windows 7 came out in March under a different KB reference (KB4012212 and others) to address the MS17-010 vulnerability.  See this link for the list:

https://blogs.technet.microsoft.com/sudheesn/2017/05/17/patches-that-fix-the-vulnerability-for-ms17-010/

See also:

http://www.infoworld.com/article/3196825/microsoft-windows/how-to-make-sure-your-windows-pc-wont-get-hit-by-ransomware-like-wannacrypt.html


U.S. users have thus far not been impacted to the same degree as elsewhere but more "WannaCry" variants are expected.

 While these updates first became available in March for most operating systems, updates for non-supported Windows XP (both 32 and 64 bit versions) only became available on May 13, 2017 (and was rather surprising since MS has not been issuing free updates for XP for some time now).  

 Users still running XP should immediately install the appropriate update from the catalog link.  Installing the update takes only a few minutes.  It does require a reboot    Even if your PC typically does not have direct Internet access, it is advisable to install this update since it would help to stop the spread of this latest  ransomware virus from spreading from one PC (that might have Internet access) to others (that might not) on the same network.  The security patch can be downloaded to a shared folder on your network or to a thumb or external drive, and then run on other PC's on your network or in your office without their having any web access.

While we are not a fan of automatic updates, some updates are from time to time important to install regardless of how careful users are with inbound e-mail, anti-virus protection, and in the web sites they visit.

There is some amount of misinformation about this virus and how it spreads.  Your greatest vulnerability is once again by opening e-mail attachments from unsavory sources, often disguised to look like it is from someone you know and/or that purports to contain an attached invoice or purchase order, etc.   End user education remains critical.

It is indeed unfortunate that there are individuals that would choose to spend their time and resources spreading malware rather than on pursuits that would benefit society and/or the health of the planet.  It is also highly unfortunate how the NSA handled this situation in terms of both safeguarding its information, in developing unsavory methods of hacking into computer systems in the first place, and not promptly acting to notify Microsoft and others of the threat so that these security updates could have been made available sooner.

Note:  If infected, do not pay the ransom.  Even if you pay it, you may still not receive an unencrypt key, more so this time around than ever.  Immediately consult your IT support if you receive any pop-up messages or if you start to see file extensions of .WCRY.



Additional information:


https://support.microsoft.com/en-us/help/4012598/title

http://www.npr.org/sections/thetwo-way/2017/05/15/528451534/wannacry-ransomware-what-we-know-monday

http://www.nbcnews.com/news/world/why-wannacry-malware-caused-chaos-national-health-service-u-k-n760126

https://www.wired.com/2017/05/wannacry-ransomware-hackers-made-real-amateur-mistakes/

https://www.ft.com/content/e2786cbe-3a97-11e7-821a-6027b8a20f23






Thursday, April 27, 2017

Keyhelp.ocx vulnerability relating to Actian PSQL 12 install

A TAS Premier 7i runtime user relating to a third party vertical market software system (for which we provide support assistance as well as programming) has reported receiving a notice from their security vulnerability analysis software relating to a file installed by Actian/Pervasive version 12 as follows:

Description: The remote host has KeyWorks KeyHelp ActiveX control installed, which is affected by multiple vulnerabilities 

- Multiple stack-based buffer overflows exist that could allow an
attacker to execute arbitrary code. (CVE-2012-2515)

- An unspecified command injection vulnerability. (CVE-2012-2516)


KEYHELP.OCX is a part of the PSQL 12 install and is not harmful.  It is also, however, a non-essential control with respect to the Pervasive engine.

See:

https://supportactian.secure.force.com/help/articles/Technical_Document/Keyhelp-ocx-reported-as-a-security-vulnerability-by-security-analyzer-utilities

https://supportactian.secure.force.com/help/articles/Bug_Document/Actian-Security-Vulnerabilities-NoticePSQL/




Note that Actian recommends the removal of this control (which is only used when running the Pervasive System Analyzer aka PSA tool).   It will not be shipping with future updates to the v12 engine starting with service pack 1,  i.e. 12.10.  

For users with older installations of version 12 (i.e prior to 12.10), the instructions in the second link above is repeated below:


You can prevent the installation of this file by using the 'Custom' Setup Type option, and changing the installation option for the optional utility to 'This feature will not be available' during the installation.  Alternatively, it can be removed from an existing PSQL installations by modifying the installation to remove the optional utility by selecting 'Uninstall/Change' from Programs and Features, selecting the default 'Modify' option and removing the utility from the installation. 











Forced Windows 10 updates causing damage to external drives

Based on now numerous reports, many Windows 10 users have experienced total data loss and even hardware damage with USB-connected devices that are being accessed when a Windows 10 "forced update" occurs.

This discussion relating to damage caused by a Windows 10 forced update is just the tip of the iceberg of reported problems.  We have had other reports of the same issue experienced recently by IT professionals.

Automatic updates that slow computers used for business purposes down to a crawl and that can only be marginally controlled are simply an unacceptable approach and must change or else business PC users will ultimately either start to migrate to something else and/or stay far, far away from Windows 10 to the greatest extent possible.  The current level of control with respect to these updates remains dismal at best making Windows 10 the least stable operating system that Microsoft has released perhaps in its history.

While our software runs on everything released by Microsoft to date, we cannot recommend the use of Windows 10 (Professional) because of its overall poor performance in multiple respects and because of the lost time and potential havoc its forced updates create.   Your maintenance and supports costs will be higher with Windows 10 and for marginal benefit.



See also:

http://addsuminc.blogspot.com/2017/04/windows-10-update-kb4015217-creates.html







Monday, April 17, 2017

Windows 10 update KB4015217 creates havoc

The Tuesday April 11, 2017 Windows 10 update started to create numerous problems for users trying to install it and then has had other unfortunate impacts.

Our first call was from a user who experienced a loss of network connectivity after the update.  Both PC's were Windows 10 Home (the Home version works with our software, but is generally discouraged).  The update also caused at least one of the PC's to be significantly slower.   This update does require a reboot and apparently in the case of this user, the update brought about a weakness in the way the two PC's had previously been configured (but which was otherwise working prior to the update).  In this case it may have been a Homegroup versus Workgroup setup issue.

Problems simply in installing the update have been somewhat widely reported including being stuck and/or taking several hours to complete.  Another example.   Problems with respect to PC's "freezing" after installing the update have also been experienced.  Prior cumulative updates have sometimes simply failed to install.    An example would be the prior KB4015438 cumulative update (which was intended to fix problems with yet another prior cumulative update; see more below).  This has also been the case with 4015217 update.

Example of issues with the KB4015438 update:


KB4015438 failing to install repeatedly



After installation, there have been reports of slowness and black screens.

As of April 14, 2017 there are reports of more esoteric issues such as with the VB ADODB.Recordset filter  property (which a related Windows 7 update has also apparently caused).   This problem does not impact our software in any way, but is nonetheless alarming.  Users have had to uninstall the update to solve the recordset filter problem (however depending on your settings and particularly if you have Windows 10 Home, users will have difficulty preventing the update from trying to install itself again in the future).

Security updates that came out last week for other versions of the Windows operating systems, including server versions, have caused widespread issues, particularly slowness.

While it may be too late for most, our recommendation would be, at least for now, to avoid this update if possible.  Windows 10 Home users, unless they are solely connected via Wi-Fi and can set that connection to 'metered' may not be able to avoid or defer it (other than to not connect those devices to the Internet at all!).

Windows 10 Professional users may be able to prevent updates through the group policy editor (but there are indications that after this cumulative "anniversary" install, this may no longer be possible).

Some pertinent links in terms of turning off and/or managing Windows 10 updates:

http://www.pcworld.com/article/3085136/windows/two-ways-to-control-or-stop-windows-10-updates.html

http://www.thewindowsclub.com/turn-off-windows-update-in-windows-10

http://www.howto-connect.com/stop-windows-10-update-in-progress/





















Friday, March 31, 2017

Unpost AR payment and DDF creator enhancements

This past month we have made many important Advanced Accounting enhancements including to two utility options.

Unpost AR payment

Accessed via the Addsum utilities (via UT-G and in the Accounts receivable section) from the Advanced Accounting 7i menu, the unpost AR payment (aka "Unpost customer payment")  utility allows an end user to reverse an accounts receivable customer payment where that payment might have been applied to the wrong customer or was for the wrong amount or was applied to the wrong invoices, etc.   While it does remove the payment record from customer transaction and related files, it nonetheless leaves an audit trail in the general ledger. Payments not fully applied can also be unposted.  

For various technical reasons, something that was not previously allowed by the utility was the ability to unpost a payment for the same amount on the same date for the same customer.  Yet, the entry of a duplicate (or even triplicate) payment for the same customer on the same date and for the same amount is one of the reasons why a payment may sometimes in fact need to be unposted. This ability now exists. The program as enhanced however does require user interaction to determine which invoices the duplicate payment was applied to when it involves the same date and amount.  So users should first determine what those invoices were before attempting to unpost such payments.  There are at least two ways to do this, the best one being the AR-O credit analysis/customer payment history report which is referenced in the utility option itself.


Unpost AR/customer payment - 7i version

Whether an errant duplicate payment  was applied to one or twenty or more invoices doesn't matter:  the user will be asked to confirm which invoices were involved and ensure that they add up to the duplicate payment amount to be unposted, followed by the normal confirmation screen.

The payment could even have been made in triplicate or quadruplicate on the same date for the same amount for the same customer but can still now be unposted as long as the program is first told which one of those to unpost, and then second, which invoices were errantly applied in connection with that payment.

This updated option will be standard with the Adv 8 add-on and will include support in that release for the expanded invoice numbers and the new GL audit file.   A version compatible with Adv 7i will also in the interim be available for users who have these utilities and that may have need of this capability. 

The Addsum utilities collection is an add-on option for Advanced Accounting.

DDF creator

Data dictionary files (DDF's) are needed to be able to access your Advanced Accounting data via ODBC through other programs such as Crystal Reports or Microsoft Access or via our SQL query tool or via the Actian/Pervasive Control Center to make SQL queries of your data thru any desired means including web site integration (via PHP for example). This software category is sometimes referred to as a "DDF builder."  The DDF files are Pervasive format files which provide structure for outside access.   (You must be using the Pervasive record manager/database engine which installs the required ODBC driver.)

This option has been dramatically changed compared to the older DDF option as released by Business Tools prior to 1997.  This version which allows you to select only desired files for outside access and it also remembers your prior selections, and has also been extensively modernized to comply with newer Pervasive requirements.  It first started to become available in 2003-2004 with significant enhancements that followed in 2007, 2008 and 2010.

The latest enhancements involve an improved interface, updates for pathing defaults, and an improved searching capability when attempting to find data files ("tables") to be included in the DDF's.


DDF creator Adv7i

This updated version is now standard for Adv 7i and will become the new standard add-on option for Adv 8.


The DDF creator is an add-on option for Advanced Accounting and when installed is available from the accounting software menu under UT-P ("Create DDF files").















Tuesday, February 28, 2017

Using Gmail with Advanced Accounting

Some background information:

SMTP (Simple Mail Transfer Protocol)  is the Internet standard protocol for sending and receiving messages between mail servers.   These servers use internally assigned ports to facilitate various communications and provide other services.  Standard (aka "well-known") ports for Internet services developed over time.  The standard port that your ISP's own mail servers use for  communication with other mail servers is port 25 (just like port 80 is used for http: web browsing, ports 20 and 21 are used for file transfer protocol (FTP), port 23 is used for telnet and so forth).

For end users wanting to send and receive e-mail using a mail client of some kind, e-mails are relayed to an actual mail server using SMTP protocol. But e-mails are instead received/delivered to mail clients using a different protocol (typically POP3 or IMAP).

 In an application like Advanced Accounting, the most typical need is the ability to send e-mail out of the software most often with an attachment (sales order, sales invoice, quote, purchase order, statement and so forth).  Therefore, in setting up a user's e-mail settings to accomplish the relay of the outbound e-mail, SMTP settings must be established including the name of the  SMTP server.   

Port 25 remained the common port for use with mail clients for much of the first 25 years since the development of Internet networking standards. Some mail server providers still provide that capability.   Increasingly however over  the past decade in an attempt to control spam, port 25 started to be blocked for use by mail clients and is now typically blocked by most providers.   At first the approach was to simply use other ports such as 2525.  Authentication started to also become routine often with the alternative port approach (or with the standard port) which basically requires that a user log-in (typically an e-mail address) with a password in order to successfully send an e-mail.

Authenticated e-mails however were still commonly being sent as plain text until so-called secure or encrypted methods were developed and started to become common practice (particularly as a result of leaked, illegal NSA surveillance techniques).  These methods, most commonly SSL/TLS (collectively "secure socket layers"), use authentication combined with more private means of communication and are most often also used in connection with ports 465 and 587.  Web-based mail clients (aka "webmail") running on web servers typically require SSL/TLS support.

With two factor authentication now becoming more common, the complexity of successfully communicating with mail servers is becoming even more complex.

Some traditional mail providers are now also requiring that your "sender" e-mail address matches your authentication user ID, and often make sudden changes to their authentication or other requirements without advance notification leading to authentication failures and "unable to send e-mail" responses.   (Troubleshoot these by clicking on the "Trace" check box on the e-mail send form, and e-mail us the results if you require assistance.)

Advanced Accounting's support for e-mail:  The Advanced Accounting 6.x series was the first version to support outbound e-mail and provide therefore SMTP communication capabilities.  Version 6, while also providing the ability to authenticate, only supported standard port 25.   Starting with a release of the Advanced Accounting 7 series in 2009, a user could specify any SMTP port.  Towards the end of 2013, SSL/TLS support was available in version 7.  

Note: in Advanced Accounting, we are only primarily concerned with sending, not receiving, e-mails.  POP3 support is however available if needed in custom program situations, and has been since version 6.

Choosing an SMTP provider

Many options exist in terms of selecting an SMTP mail services provider typically at either no or low cost.

Normally your Internet Service Provider (ISP) or other third party provider that already provides your SMTP mail services is your first contact of choice and should be able to provide SMTP services to you without charge.  If your ISP is either not also hosting your web site or providing mail services, they should still be a strong option to first consider. They will have SMTP mail servers. Another option might be your web site's hosting provider or some third party provider including providers of webmail.

It is important to note that your domain based return e-mail address does not have to correspond to a mail server that belongs to your hosting provider in most, but not all, cases.  So while normally your SMTP server might most often also be the server through which you also receive incoming mail, it does not have to be.

Your mail server provider will have other required settings and port usage and authentication requirements that must be established in order to send outbound e-mails.  You will need to determine what those are before being able to establish appropriate e-mail settings for you and/or your other users of Advanced Accounting.  

 We do highly recommend the use of separate Advanced Accounting logons so that you can create separate e-mail profiles for each user, and so that each user can use their own reply/sender e-mail address. In your Advanced Accounting settings, we highly recommend using the BCC: default and therein specifying your own e-mail address so that you will automatically receive a copy of every e-mail that is sent, and which can be archived for follow-up or future reference as desired.

Using Gmail as your SMTP provider:

Even though your incoming mail may be routed to you some other way, if you have a Gmail account, then you can use a Google SMTP server for your outbound e-mail.

Steps you will need to take:

(1)  You will need the last Adv 7i rel. 7f updates some of which occurred in Feb. 2014 when we changed how we launch the SSL/TLS capable extension.  If you are on that release but don't have those updates, we will provide and install them at no charge.  These updates will be needed for any provider that requires SSL/TLS.

(2)  Because of newer security requirements, your normal Google/Gmail password will not likely be sufficient as it once was.  Instead:

  • Go to: https://myaccount.google.com/apppasswords
  • Sign in with you usual credentials if required.
  • In the first drop down box ("Select app") choose "Mail" and in the second ("Select device") choose "Windows computer."






  • Finally, click on the Generate button (will become visible after choosing "Windows Computer").   Copy/paste this password into the password below.

(3) Establish or complete your Advanced Accounting e-mail setting under SY-C-A (System Maintenance, Enter/Chg User Security,  Maintain Logon Codes) by highlight the logon code, click on Edit, and click on the E-mail settings button.





As indicated in the example above:


  • SMTP server:  smtp.gmail.com
  • SMTP port:   587
  • Click the Use TLS check box
  • SMTP user ID: insert your user ID, the same one used in step (3) above
  • SMTP Password:  paste the "app password" generated in step (3) above
  • Sender name:  Your name or other text you want recipients to see when receiving your e-mail
  • Sender E-mail address:  The address you wish to use for the sender/reply e-mail address.  It does NOT need to be the same as your gmail address.  You will only be relaying outbound e-mail via a Gmail SMTP server, nothing more.



After saving these settings, test sending an e-mail via the Adv user logon for whom you have establish these settings. The easiest way to do that is via Tools (across the top of the menu to the right of File and Module in the full screen mode) and then E-mail 

Keep in mind that security measures are constantly changing and the steps that need to be taken in the future may differ from those outlined above.




Additional related information:

ISPs Removing Their Customers' Email Encryption (Nov 2014)

SSL versus TLS (July 2016)















Tuesday, January 3, 2017

Advanced Accounting 2017 payroll updates

In late November of 2016 we posted some initial information about upcoming 2017 payroll changes and new due dates for federal W-2 filings.  On the last day of the year, we published more information on our "year end" page including federal tax tables with new and updated screen shots, and our annual printable PDF outlining the most important changes that need to be made.

Since then we have added either updated tax tables and/or new required program logic for 15 states that have made state income withholding changes as of January 1. 

Here is the link to the year end page:

http://www.addsuminc.com/advyearend.html

Some of the states with rather significant changes include Maine, Minnestoa, South Carolina (the first time in 25 years that South Carolina has made any changes), and  Rhode lsland.


States with tax table or other changes as of January 1, 2017:

California (all of the various tax codes require updating)

Indiana

Kentucky

Maine

Maryland

Minnesota

Missouri 

Nebraska

New York

North Dakota

Oklahoma

Oregon 

Rhode Island

South Carolina

Vermont

There will no doubt be a few more to follow.

Advanced Accounting has user-maintainable payroll tax codes allowing users to make changes themselves for many of these states (as well as federally).   However, some states have had standard deduction changes or they use an approach to withholding calculation that does not follow the norm and that therefore requires program modifications whenever that state makes to its withholding formulas (examples would be Oregon and Indiana).

Advanced Accounting 7i users with employees in Indiana, Kentucky, Maryland, Missouri, Oregon or South Carolina will need the 2017 payroll update (which assumes that the prior 2015/2016 update has also been previously installed) going forward into 2017.   

Users in other states may will want to obtain the payroll update to avoid their having to update federal tables and any tables updating relating to their state.