Hello In pervious version of navision e.g. 3.7 Navision creates a $ndo$shadow application role on sql server. I’ve created a new 4.0 db on sql and looking at roles, I don’t see that role. Instead, there are multiple roles with random numbers e.g. $ndo$ar$B866D3884E4BAC3E17BA28032554C85. I’ve tried this on 3 different sql servers, and the roles are the same way with different numbers. Also using windows authentication and adding a windows Group to the list, the users under the group need to have a db_owner role in order to connect to db. Otherwise they get an error. The combination of login and password is incorrect. Has anybody installed 4.0 on sql and can replicate these problems? Thank you.
The app role model has changed in 4.0 for improved security. Why are you interested in the app roles anyway? When setting up the security in Navision you must ensure that you have chosen to Synchronize security form the Security menu after any changes to any security setting, prior to testing it out with a user. When adding a windows group you must also assign the individual login as well that are in the group, that you want to use Navision. However you only have to assign the Navision roles you need to the Group, not to the individual logins. You do not need db_owner rights in SQL if the above is setup correctly. Another thing about 4.0 is that it uses a different Active Directory API for enumerating a user’s windows groups, which leads to much fewer groups than with 3.70. You can check what groups are available for a particular user in Query Analyzer: exec master…xp_ndo_enumusergroups ‘domain\user’ If you are trying to use a windows group that is not in the list given 4.0 will not find it and the login will fail.