Active Directory Security Group and NAV Security

RJMullins

We are running NAV 4.03, MS SQL.

We have an Active Directory Security Group setup called BEP-NAV-ServiceTechs, the Service Technicians have been added to this group, the NAV security has been set to the group, but any user in this group cannot log into NAV… any ideas?

Thanks

- Bob

karllu

Were you getting 'The combination of user ID and password entered is invalid. Try again' error message?

You can not longer use Windows group to login without adding each user in the group to be a direct Navision user according to the following quote in the version 4 change document:

"In Navision 4.0 you must enter the Windows group in the Windows Login table and enter the Windows account for each individual user that is a member of that group. You do not need to assign any Navision roles to the individual users as long as the roles that the Windows group is assigned contain all the permissions that the users need. The users Windows account must be entered in the Windows Login table before any SQL permissions can be assigned to that user in the SQL database."

DenSter

You set up the group as a user, and you assign roles to that user. Anyone that is a member of the group must be set up as a user as well, but they inherit the roles from the group, so you don't have to assign any roles or individual permissions to the users individually.

kine

And it can be different when using Extended and Standard security model. Which you are using?

RJMullins

Here is the setup,

Active Directory group named DOMAIN\BEP-NAV-ServiceTechs, domain users are added to the AD group users are also added to NAV for Navigation Pane rights etc.

Anyone in the DOMAIN\BEP-NAV-ServiceTechs group cannot log into NAV, the group permissions are listed below. The error message they get is:

You do not have permission to run the 'MBS' MenuSuite
Contact your system manager if you need to have your permissions changed.

We also have another AD group with a similar name, DOMAIN\BEP-NAV-Service, these user have no issues and can login just fine. Could NAV be looking at this group for the BEP-NAV-ServiceTechs user permissions since the names are similar?


Role ID Role Name
ALL All users
INS-REC Read Inspection Receiving
INVT-ANALYSIS Read S&R/P&P/Inv. Analys. Rep.
INVT-ITEM/BOM Read items/BOMs/SKUs/entries
INVT-POSTED TRANSFER Read posted transfer orders
P&P-VENDOR Read vendors and entries
P&P-VENDOR, EDIT Edit vendors
RM-CONT Read contacts, entries, etc.
RM-CONT, EDIT Edit contacts
S&R-CUSTOMER Read customers and entries
S&R-CUSTOMER, EDIT Edit customers
S&R-JOURNAL Create entries in jnls. (S&R)
S&R-JOURNAL, POST Post journals (S&R)
S&R-PERIODIC S&R periodic activities
S&R-POSTED S/I/R/C Read posted shipments, etc.
S&R-Q/O/I/R/C Create sales orders etc.
S&R-Q/O/I/R/C, POST Post sales orders, etc.
S&R-REGISTER Read G/L registers (S&R)
SM-CONTRACT Read service contracts
SM-CONTRACT,EDIT Create Service Contracts
SM-PERIODIC SM periodic activities
SM-POSTED Q/O Read posted service orders
SM-Q/O Create orders,quotes,etc.
SM-Q/O,POST Post service orders
SM-SERVITEM Read service items
SM-SERVITEM,EDIT Create service items
WM-R/PA/A/P/S Create receipt, put away, etc.

Thanks for your help with this.

- Bob

themave

double check that menusuite 0 is in the "All" role with execute permission