Security in Navision SQL server option for Navision 4.0

GoMaD

Hi,

I've got a question.

In the older SQL option versions Navision only had one Application Role: $ndo$shadow

In the 4.00 version it looks like a new application role is created everytime you run the Synchronise function.

and it's given the name:
$ndo$ar$...

But i can not see the link between the user (or dabatabase) and the application role it uses.

Is there a way to find out, because i'm having a lot of trouble with Navision security on a SQL Server DB.

Thanks in advance!

GoMaD

I think I found the difference.

the 4.00 version creates a application role per user that has rights on the nav db.

Using the Synchronising function updates these application roles and I found that the best practice is to use a 'TOP DOWN' approach.

Start from the super role, then run synchronisation and then start shutting permissions down. Once done, run the synchronisation again.

If you do it the other way around you'll bump into access violations a volonté. This is becaust the application role has priority above the permission rights inside navision. And the application roles are adjusted to the Navision permissions vai the synchronisation function.


](*,)

kine

I do not know, what is you target, but you are settings permissions directly on MS SQL server???

GoMaD

nope, i'm setting security from inside navision but i'm encountering a lot of trouble.

One remark: DO NOT DETTACH, MOVE DB TO ANOTHER SERVER AND ATTACH DB -> TROUBLE ON THE HORIZON !
8-[

kine

If it is in another domain, yes, there will be troubles. But in same domain??? Ok, can be some problem that there are not transfered the user accounts which are saved in master DB (if you did not transfer it too). May be that helps, if you have one database login to login as super into Navision and run synchronization after the transfer...

Can you post more info about the troubles? I want know what can be problem in the future for me...

Thanks...