Howdy, Stranger!
Categories
- All Categories
- 73 General
- 73 Announcements
- 66.6K Microsoft Dynamics NAV
- 18.6K NAV Three Tier
- 38.4K NAV/Navision Classic Client
- 3.6K Navision Attain
- 2.4K Navision Financials
- 115 Navision DOS
- 854 Navision e-Commerce
- 1K NAV Tips & Tricks
- 772 NAV Dutch speaking only
- 615 NAV Courses, Exams & Certification
- 2K Microsoft Dynamics-Other
- 1.5K Dynamics AX
- 298 Dynamics CRM
- 109 Dynamics GP
- 10 Dynamics SL
- 1.5K Other
- 993 SQL General
- 384 SQL Performance
- 34 SQL Tips & Tricks
- 34 Design Patterns (General & Best Practices)
- Architectural Patterns
- 10 Design Patterns
- 5 Implementation Patterns
- 53 3rd Party Products, Services & Events
- 1.7K General
- 1.1K General Chat
- 1.6K Website
- 79 Testing
- 1.2K Download section
- 23 How Tos section
- 259 Feedback
- 12 NAV TechDays 2013 Sessions
- 13 NAV TechDays 2012 Sessions
Implementing Password Policy - System Tables
markborges
Member Posts: 170
Hi everyone,
When talking about Password Policies (minimun length, expiration date/regular changes), everybody knows that Navision Native Dabase is not a master. :roll:
The problem in our company is that no SQL Server is allowed and we all MUST use the Native database.
So, I was thinking in a way of programatically changing the password policies through modifications in system tables, such as User table (Table 2000000002).
What I was thinking:
- Create a "Last Modified at" and "Last Modified by" field in this table
- On OnModify() of the table I would put some code to save the Last Modification Date and User ID.
Based on that I could have monthly/weekly reports telling me the last date of modification for all user logins, and then I take some action upon the results (asking users to change their password regularly, or something like that).
The question is:
- How comfortable do you people feel about changing System tables?
I did some testing in a test database we have, and it seemed Harmless to the database. It did not act weirdly nor caused any visual impact (warning messages, error messages, and so on) to me.
Has anybody ever tried this kind of things? Does anybody have any comments on that?
Hope to hear from you and thanks in advance,
When talking about Password Policies (minimun length, expiration date/regular changes), everybody knows that Navision Native Dabase is not a master. :roll:
The problem in our company is that no SQL Server is allowed and we all MUST use the Native database.
So, I was thinking in a way of programatically changing the password policies through modifications in system tables, such as User table (Table 2000000002).
What I was thinking:
- Create a "Last Modified at" and "Last Modified by" field in this table
- On OnModify() of the table I would put some code to save the Last Modification Date and User ID.
Based on that I could have monthly/weekly reports telling me the last date of modification for all user logins, and then I take some action upon the results (asking users to change their password regularly, or something like that).
The question is:
- How comfortable do you people feel about changing System tables?
I did some testing in a test database we have, and it seemed Harmless to the database. It did not act weirdly nor caused any visual impact (warning messages, error messages, and so on) to me.
Has anybody ever tried this kind of things? Does anybody have any comments on that?
Hope to hear from you and thanks in advance,
Marcelo Borges
D365 Business Central Solutions Architect
BC AL/NAV C/AL Developer
BC Repositories.com
D365 Business Central Solutions Architect
BC AL/NAV C/AL Developer
BC Repositories.com
0
Comments
I didn't experience any problems with changing this table.
This happens a lot in our industry... We may have 2 different users logged at the same time at the same computer doing tasks alternately...
So... no Windows Authentication...
D365 Business Central Solutions Architect
BC AL/NAV C/AL Developer
BC Repositories.com
I'd be interested in hearing more about this requirement. On the surface, it doesn't sound very efficient.
Have you considered Terminal Services? You could then use Windows Authentication and 2 (or more) users could open independent RDP sessions on the same computer.
Hi bbrown, actually it's not a requirement.
It's done for a more practical approach. The usual way, the 1st user would open Navision, post something, then close. Then the 2nd user would open Navision, post something, then close. And so on...
Your idea of using multiple RDS's in the same machine sounded good, and I could really think of a better password policy together with our AD Adminstrator, and then use Windows Authentication. Thanks! =D>
But, regarding the changes on system tables, I'm still open to any comments... :-k
Regards,
D365 Business Central Solutions Architect
BC AL/NAV C/AL Developer
BC Repositories.com
So why the comment: that is confusing? :-k
Anyway, I have often modified the login table with no problems. Just be careful what you do, and make sure not to create a scenario where you can make it impossible to login to the database. Also keep in mind the thing that you WILL forget at least once, and that is that the code will be called before CU1, so you need to close NAV each time to test your own work. The first time I did work like this it took me some time to work out why my code was not being triggered. And once its in place, really really never touch that code on the live system, one silly mistake, and you could lock out the whole database.
Hi David...
Why confusing?
The SQL Server comment was posted first, so people could know that I'm not able to use any of SQL Server password facilities (I don't even know if there any in SQL Server :-k)...
D365 Business Central Solutions Architect
BC AL/NAV C/AL Developer
BC Repositories.com