Security with SQL Server installation
The SQL security system is very robust and comprises the following two main components:
Access to the server:
This is the layer of security that involves granting access to the
server using logins to authenticate the users and provide them with a
secure connection to the server.
Access to the database: This refers to the security defined by roles and permissions for appropriate database access to the users.
Dynamics NAV security models
There are two distinctive but
not-so-different security models that build the security system for
Dynamics NAV. They are mainly differentiated by how they synchronize the
Dynamics NAV security system with the SQL Server security system and
Windows security system. In the following table, we highlight the key
differences between the two security models—Standard and
Enhanced.
Synchronization
|
Standard Security Model
|
Enhanced Security Model
|
Speed of synchronization
|
Fast
|
Slow. The synchronization of all logins is slower with multiple companies.
|
Option to synchronize one login
|
No
|
Yes
|
Auto synchronize when logins are inserted, modified, or deleted in Dynamics NAV
|
Yes
|
No
|
Windows Users & Groups
|
Active Directory Windows groups and users + local groups
|
Only Active Directory Windows groups and users. Local groups are not displayed.
|
Windows Groups
|
Local domain Windows groups and from forest of domains(trusted domain).
|
Only Windows groups from local domain are displayed.
|
Required Extended Stored Procedure
|
xp_ndo_enumuserids
|
xp_ndo_enumusergroups
|
Switching between Enhanced and Standard security models
To change the security model from Enhanced to Standard or vice versa, we will have to alter the database, changing the Security Model option (on the Advanced tab). We need to make sure that the database is made as "single user only" (by clicking on the Single User checkbox on the Alter Database window). We must also synchronize all logins after the Security Model is changed.
Why synchronize?
Synchronization is the
process for the Dynamics NAV security system to match the SQL Server
security system. This does not happen automatically and must be done
manually after performing the following options:
Applying a change to the objects in the database
Changing the security model
Making changes to the users, roles, and permissions in Dynamics NAV
Restoring a backup
Upgrading or converting the database and/or the client executables
Synchronizing one or multiple users
To synchronize one or multiple users, go to the Windows Login option under Tools | Security. Highlight the login(s) that need to be synchronized. Go to Tools | Security | Synchronize Single Login or Synchronize All Logins.