sql 2005 security for dynamics nav 4.0 sp 3

we are using dynamics nav with sql 2005 database,when new user is created i need to give pubic & sysadmin permissions in sql database and permission to connect dababase engine kept deny ,i have done user synchronize in nav,but basic nav user with view permission also able to connect to sql database engine through sql management studio how to block it please suggust

In Navision : change the security model to standard. This also avoids synchronizing.

In SQL : just give public server and DB-rights to the users. With the standard security model in Navision, they don’t need more.

HI,

I have 2 suggestions for you.

(1) While creating a new user , just give him the public role on the navision database. and for developers you have to give him public as well as sysadmin on navision and Master databse. If you don’t give permissions on the master databse . he can’t change/modify any objects in navision database.

(2) The most important point. After creating new users in SQL 2005 for navision, you will find that he is not able to change his password from the navision interface.

Its because of the change in permission settings in SQL 2005 from SQL 2000. In SQL 2000, the permission to change the password was inclded in the “PUBLIC” role. So we never had to worry for that.

But with SQL 2005 in modified security they have not defaulted the “login modification” permission in “PUBLIC” role

You have to explicitly open the “PUBLIC” role and go to its permissions and add the permission to modify logins.

thanks and regards

Anurag

thank you for reply,when i am creating user in server roles tab if sysadmin is not selected navsion is giving error message as user name pass word is wrong

No application (not just NAV) should ever require you to grant SysAdmin permissions to a normal user.