Microsoft recommends customers get ahead any potential issues by removing TLS 1.0 and 1.1 dependencies in your environment. It is also recommended that you disable both TLS 1.0 and 1.1 protocols at the operating system level where possible. More information on this can be found on the official Microsoft Support page linked here.

An alternative driver is required to be used within the .udl files used throughout the SnowdropKCS HR product. There is a choice of the SQL Server Native Client (11.0) or the new replacement driver for the currently user driver: Microsoft OLE DB Driver for SQL Server. The replacement driver can be found on the official Microsoft Support page linked here.

The SnowdropKCS HR suite of applications use a Microsoft Data Link File (UDL) for connecting to a database, this will need to be amended to use a new provider.

CAUTION: Disabling TSL 1.0, 1.1 and 1.2 will not impact Payroll but it will impact HR.

CAUTION: The instructions below are to advise you to switch off TLS 1.0 and 1.1 only due to potential security risks. The recommended changes to the .udl files listed use a driver that is compatible with TLS 1.2. If TLS 1.2 is also disabled this will cause issues HR (service such as: Win32, Self Service and Workflow). We would recommend that TLS 1.2 is not disabled.

CAUTION: The steps in this article are intended to be carried out by an experienced IT Administrator. 

There are three .udl files that the HR program used that need to be amended.

HRConnection.udl - Open the HR Updater -> Tools -> Configuration -> HR Database Connection -> .udl: {HRConnection.udl location}

SelfService.udl - {HR Server Local Disk}:\SnowdropKCS\HR\Live\SelfService\SelfService.udl

Workflow.udl - {HR Server Local Disk}:\SnowdropKCS\HR\Live\Workflow\Workflow.udl

NOTE:  Before modifying the .udl files, please ensure that a backup has been taken of the original files. It is strongly advised that changes to the .udl files are carried out on the Test System before applying to the changes to the Live System.

Modifying the .UDL files

1. Open HR and make a note of the number of employees currently in the system. This can be found in the header information of the application.
2. Open the .udl file by double clicking on the file in Windows Explorer. Take a copy of the connection information before amending the .udl file – this can be done by taking a screenshot of the opened .udl file so that this can be compared and referenced when amending the file.
3. In the HRConnection.udl file click the Provider tab and select SQL Server Native Client 11.0 or Microsoft OLE DB Driver for SQL Server.
4. Click on Next to proceed to the Connection tab.
5. On this form, re-enter the connection details – refer back to the screenshot of the original details as mentioned above.
6. Once the details have been entered, click on the Test Connection button to ensure that the details have been entered correctly.
7. If the connection is successful, navigate to the All tab and highlight the Data TypeCompatibility row. Click on the Edit Value button to display a new dialog box to enable you to enter a new value.
8. Change the value in the Property Value field to 80 and click on the OK button.
9. The Edit Property Value dialog box will disappear, and you can click on OK to save the .udl file.

Modifying the .UDL through Notepad

1. Open up Windows Explorer and navigate to the desired folder. Locate the appropriate .udl file and right-click the file.
2. Select Open with and from this menu either select NotePad (if you can't see this, click Choose Another App and then select NotePad).
3. The .udl file will then open in NotePad.
4. Replace the entry after Provider= with either SQLNCLI11.1 to use the Native Client, or MSOLEDBSQL.1 to use the Microsoft OLE DB Driver for SQL Server.
5. The new data compatibility setting will need to be added to the end of the line: add the following: ;DataTypeCompatibility=80
6. Click on file and select Save.

SSL 2 and 3

SSL has been unsupported since 2014. HR and Payroll do not require SSL 2.0 or 3.0. As this is a change to your environment it is advisable to disable SSL 2.0 and 3.0 within your Test System before applying to  your Live System.