An enterprise business solution must have a built-in security system to ensure that only people with the appropriate authorization can gain access to the information contained in the system. A minimum level of security requires that users be assigned user IDs and passwords, thereby limiting access to the program. Navision satisfies this requirement by integrating its own security system with the Active Directory security system provided by Windows and with the single sign-on system supported by Windows.
Navision gives you complete control over the information that each user can access. You can create users, give them roles and modify the permissions of these users and roles from within Navision. Furthermore, in the SQL Server Option for Navision you can also apply security filters that limit the permissions that you grant to each user or role so that they only gain access to information about particular customers, vendors, dimensions and so on.
In order to create users in Navision, you must give them an identity within the database that allows them to log on to the system. When the user has logged into the database, they are able to perform tasks in accordance with the permissions that they have been allocated.
Navision allows you to use two different methods to log on:
Database Server Authentication
Windows Authentication
In order to use Database Server Authentication you must be granted a database login within Navision. In order to use Windows Authentication you must have a valid Windows account in the current domain and be granted a Windows login within Navision.
All the Active Directory security groups will be visible within Navision . It is possible to give these Active Directory groups a Windows login and assign them roles within Navision.
The Navision security system is company specific and contains information about the permissions that have been granted to each individual user with access to each particular company. This includes information about the roles the users have been given as well as any particular rights that they have been granted as individual users. If you specify that the permissions a user has only apply to a particular company in the database, the user in question will only be able to see that company.
The Navision security system is initiated when you create the first login. The first login should therefore be for a superuser who is given the SUPER role in Navision. The superuser then owns and administers all access to this database from within Navision. Until you create a superuser, any user with access to the system can carry out any transactions they want to in a Navision database.
One of the first things that the superuser should do is create user IDs for the other people who will have access to the database and assign roles to these users. Permissions are allocated at company level in Navision.
For more information about security in Navision, see the Installation and System Management manual for either Microsoft Business Solutions–Navision Database Server or the Microsoft Business Solutions–Navision SQL Server Option.
Giving Windows Users or Groups a Role
Modifying Permissions for Roles
Assigning Permissions to Multiple Objects