mibuso.com
Home NAV/Navision Classic Client
Options

Windows Authentication and Navision

rigolorigolo Member Posts: 5
edited 2004-07-30 in NAV/Navision Classic Client
Hi,

currently we have most of our users setup as SQL database users on the Navision SQL server. However our security department would like us to move to NT authenication.

In the ideal world we would like to add people to a Windows Group (via our Active Directory system) and then he or she will be automatically given access to the relevent companies/forms etc in Navision.

Are there any pointers, how-to's or any other documentation that might help me set this up?

Thanks,

Hein Rigolo

Comments

  • Options
    elToritoelTorito Member Posts: 191
    Hi,

    look up in to the Navision Online Help Doku.
    And search for:

    - Windows Users and Groups
    - Creating Windows Logins
    - Giving Roles to Windows Logins
    - Security
    ...

    Or Lookup in the Manual Installation and Systemmanagement from Navision Database Server, there is a chapter about Navision and Active Directory.
    (Oo)=*=(oO)
  • Options
    RobertMoRobertMo Member Posts: 484
    we added an active directory group to win accounts in Navision and setup proper roles. it worked. users form the group could login and had apropriate roles...

    but when user logs in, you will not see AD group id in stauts bar, but he's AD userid. and if you want to use userid through app, you will still have to define all users (by their user id) in G/L Setup Users table. and you will have to enter userids manually and not select form the list (remember that separate userids are not defined as win logins).
    luckily validation still works - if you type in a userid that is not in group, error is shown.

    this model is quite comprehensive, since you have userid/groups on AD and also userid/groups/roles in Navision.

    after everything we ended with defining all users as Win logins (and not groups) and defining for each their roles.

    The reason was also because DB administration and AD administration were done by different persons and changes through AD took a lot more time&effort.
               ®obi           
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
  • Options
    H10_MarcH10_Marc Member Posts: 9
    That's Right!!
    My problem is the ID in Navision it's defined that CODE 10 characters, and my IDs in AD have more characters.
    Can you help me?
  • Options
    dmccraedmccrae Member, Microsoft Employee Posts: 144
    You enter the IDs under Tools/Security/Windows Logins, not Database Logins.
    Dean McCrae - Senior Software Developer, NAV Server & Tools

    This posting is provided "AS IS" with no warranties, and confers no rights.
  • Options
    H10_MarcH10_Marc Member Posts: 9
    Under Tools/Security/Windows Logins I added a Windows Group.
    But if I want to work it correctly I have to created under Tools/Security/Database Conections the Id's users. These id's users have to be like id's pre-windows 2000 accounts.
    In Navision, Our Id user field are CODE 10 long. And our pre-windows accounts are more that 10 long. And I can't modify pre-windows accounts.

    Now do you understand my problem?
  • Options
    sfisfi Member Posts: 10
    Are you sure that you have the latest version.

    In table 2000000002 User the User ID field is 20 char.s long.
    In table 91 User Setup the User ID field is 20 char.s long.

    Have a look into Codeunit 418 Login Management and see how Navision solves the problems with UserID.
    This Codeunit is called from table 91 User ID triggers.

    Regards,
    Steen Fisker
    Regards,
    Steen Fisker
    Microsoft Certified Professional
  • Options
    H10_MarcH10_Marc Member Posts: 9
    The version is 2.60 Financials.

    In table 2000000002 User, the User ID field is 10 char.s long.
    In table 2000000003 Member of, the User ID field is 10 char.s long.
    In table 91 User Setup, the User ID field is 10 char.s long.

    Don't exist Codeunit 418.

    I think it's impossible solve this problem in my case :cry: . Only I can define the pre-windows User ID 10 char.s long. I do not want this solution because it can cause many problems in Windows.

    Thanks of all ways.
  • Options
    facadefacade Member Posts: 57
    That's why the forum is called

    Navision
    Version >= 3.70 to avoid mixup's :P

    But it still is pretty mixed up :)
  • Options
    H10_MarcH10_Marc Member Posts: 9
    I can not upgrate Navision. I haven't power of this. Another suggestion?
  • Options
    H10_MarcH10_Marc Member Posts: 9
    H10_Marc wrote:
    I can not upgrate Navision. I haven't power of this. Another suggestion? I visited all forum that refered Active Directory and here I have finded the best opinions of AD :lol:
  • Options
    facadefacade Member Posts: 57
    H10_Marc wrote:
    I can not upgrate Navision. I haven't power of this.

    I was merely referring to the fact that the forum in what you are discussing this, is a forum for items related to MBS-Navision 3.70+ not Navision Financials :lol:
  • Options
    H10_MarcH10_Marc Member Posts: 9
    I Know it. In Navision Financials forum nobody discusses of Active Directory connection. So, I have proved luck here.
Sign In or Register to comment.