MICROSOFT DYNAMICS NAV 2009 R2 PASSWORD
Specifically, you choose settings that indicate that this channel will be using an SSL certificate and that allow for user name and password NTLM authentication. You must edit the Microsoft Dynamics NAV Server and RoleTailored client configuration files to configure Microsoft Dynamics NAV 2009 R2 for SSL. The client is then authenticated using the NTLM authentication protocol. After the server has been authenticated the channel is converted to a TLS channel, and the server and clients negotiate the keys. Clients authenticate that the certificate is valid by looking up the certificate revocation list (either locally or by calling the Certificate Authority). The certificate must be issued to the server, and the name on the certificate must match the name of the server. The SSL certificate on the Microsoft Dynamics NAV Server computer must be a server certificate issued by a trusted Certificate Authority. When the connection is created via the traditional SSL method, the client validates the server’s identity in the same way that an https client does on the web. Microsoft Dynamics NAV 2009 R2 allows you to configure the connection between Microsoft Dynamics NAV Server and RoleTailored clients to use SSL. For more information on this see the standard Oasis document on Kerberos.
If for any reason Kerberos authentication is not accomplished then clients and server fall back to NTLM authentication to negotiate encryption keys and start encrypting the channel. The initial key exchange takes place as part of the Kerberos authentication with the server, and the channel is thereafter encrypted using the standard WCF implementation. When clients and server are all members of the same domain or mutually trusting domains, Kerberos is an appropriate security mechanism. See “Protecting Open Networks with SSL,” below, for details.
See “Trusted Connections – Kerberos,” below, for details. If clients are physically connected to the organization’s network and all in the same domain as Microsoft Dynamics NAV Server computers (or in a domain trusted by that domain), then clients will use standard Kerberos connection techniques to establish the initial connection to Microsoft Dynamics NAV Server.What’s New in Microsoft Dynamics NAV 2009 R2ĭepending on how they are configured and where they are located, RoleTailored clients in an Encrypt and Sign implementation typically use one of the following security mechanisms in establishing a connection.Connecting the RoleTailored Client over a Wide Area Network.Encrypt and Sign security utilizes TLS (Transport Layer Security), SSL (Single Sockets Layer), and Kerberos tickets. All clients and their associated server must have matching values for this parameter. This behavior is controlled by the ProtectionLevel parameter in both the RoleTailored client and the Microsoft Dynamics NAV Server configuration files. The default behavior for Microsoft Dynamics NAV 2009 R2 is to use the transport security setting Encrypt and Sign, encrypting all traffic between the RoleTailored client and Microsoft Dynamics NAV Server. This usage of WCF includes transport security. Microsoft Dynamics NAV 2009 R2 uses WCF (Windows Communication Framework) for the core of its transport of data between the RoleTailored client and Microsoft Dynamics NAV Server.
0 kommentar(er)
