mibuso.com
Home SQL General
Options

Switching from Enhanced to Standard Security

sil21sil21 Member Posts: 55
edited 2010-10-06 in SQL General
I would like to switch a databsae from Enhanced to Standard security in a NAV 2009 database. These are the steps I have:

1. make sure no one is in NAV
2. set db to single user
3. switch security model
4. unclick single user
5. sync security

Have I missed anything? Any othe gotchas I should be aware of?

Comments

  • Options
    DenSterDenSter Member Posts: 8,304
    No need to synchronize after it's set to standard. Sometimes when you set the database to single user from the NAV client, the system hangs. I always use SSMS to set the database to single user.
    Daniel Rimmelzwaan
    RIS Plus, LLC
    MVP - Business Apps
  • Options
    Marije_BrummelMarije_Brummel Member, Moderators Design Patterns Posts: 4,262
    Make sure to switch of the nasses. And if you don't make sure you have the credentials for the nas users.

    been-there-done-that-got-the-t-shirt... :mrgreen:
    Marije Brummel | Freelance Business Central Specialist
  • Options
    krikikriki Member, Moderator Posts: 9,090
    DenSter wrote:
    No need to synchronize after it's set to standard. Sometimes when you set the database to single user from the NAV client, the system hangs. I always use SSMS to set the database to single user.
    I noticed that the system hangs because someone is still in the DB. There is never a lock-timeout in this case.
    Regards,Alain Krikilion
    No PM,please use the forum. || May the <SOLVED>-attribute be in your title!

  • Options
    diptish.naskardiptish.naskar Member Posts: 360
    Why is it not necessary to synchronize the users when the db is set to standard mode?
    Diptish Naskar
    For any queries you can also visit my blog site: http://msnavarena.blogspot.com/
  • Options
    krikikriki Member, Moderator Posts: 9,090
    NAV has its own security system (users+roles+permissions).
    Also SQL has a security system that works independently from the NAV security system.
    Meaning: if you are a sysadmin in SQL, you can delete the NAV DB and you can read from/write to it via SQL. But if you want to enter through the NAV client it is possible you can't if the admin has no rights in NAV (the sysadmin can easily hack this by inserting records in the NAV security tables).

    To avoid there are to independent security systems, you can push the NAV security to the SQL server by using the enhanced security model and synchronizing.

    If you use the standard model, it is NAV that decides if you can do something. And if you can, it sends it to SQL. In this case the NAV client has permissions in SQL to do anything in the tables. This way you don't need to synchronize anymore.
    Regards,Alain Krikilion
    No PM,please use the forum. || May the <SOLVED>-attribute be in your title!

Sign In or Register to comment.