An enterprise business solution must have a built-in security system to ensure that only people with the appropriate authorization can gain access to the information contained in the system. A minimum level of security requires that users be assigned user IDs and passwords, thereby limiting access to the program. Microsoft Dynamics NAV satisfies this requirement by integrating its own security system with the Active Directory security system provided by Windows and with the single sign-on system supported by Windows.

Microsoft Dynamics NAV gives you complete control over the information that each user can access. You can create users, give them roles and modify the permissions of these users and roles from within Microsoft Dynamics NAV. Furthermore, in the SQL Server Option for Microsoft Dynamics NAV you can also apply security filters that limit the permissions that you grant to each user or role so that they only gain access to information about particular customers, vendors, dimensions and so on.

In order to create users in Microsoft Dynamics NAV, you must give them an identity within the database that allows them to log on to the system. When the user has logged into the database, they are able to perform tasks in accordance with the permissions that they have been allocated.

Microsoft Dynamics NAV allows you to use two different methods to log on:

In order to use Database Server Authentication you must be granted a database login within Microsoft Dynamics NAV. In order to use Windows Authentication you must have a valid Windows account in the current domain and be granted a Windows login within Microsoft Dynamics NAV.

All the Active Directory security groups will be visible within Microsoft Dynamics NAV. It is possible to give these Active Directory groups a Windows login and assign them roles within Microsoft Dynamics NAV.

The Microsoft Dynamics NAV security system is company specific and contains information about the permissions that have been granted to each individual user with access to each particular company. This includes information about the roles the users have been given as well as any particular rights that they have been granted as individual users. If you specify that the permissions a user has only apply to a particular company in the database, the user in question will only be able to see that company.


The Microsoft Dynamics NAV security system is initiated when you create the first login. The first login should therefore be for a superuser who is given the SUPER role. The superuser then owns and administers all access to this database from within Microsoft Dynamics NAV. Until you create a superuser, any user with access to the system can carry out any transactions they want to in a Microsoft Dynamics NAV database.

The RoleTailored client requires Windows logins and does not support Database logins.

One of the first things that the superuser should do is create user IDs for the other people who will have access to the database and assign roles to these users. Permissions are allocated at company level in Microsoft Dynamics NAV.

All administration of security and permissions is performed through the Classic client and not the RoleTailored client.

Related Topics

Creating Database Logins

Creating Windows Logins

Giving Database Logins a Role

Giving Windows Users or Groups a Role

Creating Roles

Modifying Permissions for Roles

Assigning Permissions to Multiple Objects

Security Filters

Applying Security Filters

© 2009 Microsoft Corporation. All rights reserved.