Well, luckily Microsoft has server and infrastructure issues that came great in solving this problem.
When thinking about how to solve this problem main thing that came to my attention is how to transfer permissions from one domain to another with same users, and at the end how will those users authenticate to NAV server with Windows authentication. I must say that I was really surprised when I found out that windows recognizes users between domains as same users if they have same user name and password.
For start, lets assume that You have created users on NAV server which is in different organizational unit and different domain.
Active Directory Setup
Create users on Server in Active Directory with appropriate rights and in appropriate organizational unit.
When creating users remember that newly created users must have:
- Same username as users on NAV Server
- Same password users set up on NAV Server
To check if Your user is created as it should check your Organizational unit to see if Your new user is positioned in that Organizational unit.
SQL Server Setup
Create New login with Windows authentication. This user must be with same user name as the one on NAV server, but with domain where is SQL server.
Don't forget to Map user on appropirate NAV Database.
VIEW SERVER STATE on SQL ERROR
Now, users are created and theoretically they should be able to connect to SQL server – but not.
If You try to connect to database (and You have created users in NAV), You'll get View Server State Error.
Next thing is to set up Database properties and grant View Server State Permission to all users that need to connect to Your NAV Database.
To set up users edit Database Permissions on SQL Server Properties.
In upper part of Form You need to find user who You'll give that permission to. After You have found it You need to Grant Explicit permission to View Server State parameter in lower part of form.
Confirm setup with OK button and You're set.
Create Users in NAV
Following standard procedure in NAV create users with Windows Logins and with appropriate permissions.
When created, don’t forget to Synchronize them.
This principle is best used in companies who want to use NAV RTC client in their business, otherwise You can direct users to connect through Database logins.
No comments:
Post a Comment