Skip to content
KSD Consultancy

KSD Consultancy

Microsoft Dynamics [Navision & 365 Business Central] – (Tips & Tricks)

  • Home
  • About
  • ForNAV – Reports made easy for Microsoft Dynamics 365 Business Central
  • Training
  • NAV Dynamics Community
  • YouTube
  • Nav Videos
  • Shared Files
  • WordPress on Mobile

Tag: Certificate’s

Development Tips

Implementing Security Certificates to support login over a WAN

August 7, 2015August 7, 2015 Ashwini Tripathi

Today we will set up an environment to test integrating certificates into a configuration for connecting computers running the Microsoft Dynamics NAV Windows client or Microsoft Dynamics NAV Web Server components to Microsoft Dynamics NAV Server instances over a wide area network (WAN) with the chain trust configuration.

What all we need to get our today’s exercise done?

To complete this process, we will need:

  • The Certificates snap-in for Microsoft Management Console (MMC). If you do not already have this snap-in installed, then follow these steps:
    • Choose Start, choose Run, and then type Mmc.exe.
    • In the console, on the File menu, choose Add/Remove Snap-in.

Certificate-1

    • In the Add Standalone Snap-in dialog box, select Certificates, choose Computer Account, choose Local Computer, and then choose Add.

Certificate-2

Certificate-3

  • The makecert.exe utility. The makecert.exe utility is installed with Microsoft Visual Studio and Microsoft Windows SDK.

We created and installed a root certification authority (CA) and a server certificate on the computer running Microsoft Dynamics NAV Server in previous posts.

If not please follow below posts and then return here to continue.

Previous Step Link- How to create a root CA and a private key file by using the makecert.exe utility

Previous Step Link- How to create certificate revocation list for the root certification authority

Previous Step Link- How to create and install a test certificate for the Microsoft Dynamics NAV Server computer

Previous Step Link- How to grant access to the certificate’s private key to the service account for the Microsoft Dynamics NAV Server

How to modify the Microsoft Dynamics NAV Server configuration file to support login over a WAN

  • Start the Microsoft Dynamics NAV Server Administration tool.
  • Stop the Microsoft Dynamics NAV Server instance.

Certificate-17

  • Modify the following settings for the Microsoft Dynamics NAV Server instance in the Microsoft Dynamics NAV Server Administration tool.
Key New value Description
ClientServicesCredentialType(General tab) NavUserPassword or Username This parameter is on the General tab in the Microsoft Dynamics NAV Server Administration tool. The default value is Windows. When you change it to NavUserPassword or Username, client users who connect to the server are prompted for user name and password credentials.
CertificateThumbprint(Client Services tab) Value of the Thumbprint field in the previous post The default value is <key>. Remove any leading or trailing spaces in the thumbprint.

Certificate-18

  • Choose Save.
  • Restart the Microsoft Dynamics NAV Server instance.

To modify the Microsoft Dynamics NAV Windows client configuration file to add certificate information

  • Open the ClientUserSettings.config configuration file.

The location of this file is Users\<username>\AppData\Roaming\Microsoft\Microsoft Dynamics NAV.

By default, this file is hidden. Therefore, you may have to change your folder options in Windows Explorer to view hidden files.
Certificate-19

  • Modify the following settings.
Key New value Description
ClientServicesCredentialType NavUserPassword or Username The default value is Windows. When you change it to NavUserPassword or Username, client users who connect to the server are prompted for user name and password credentials
DnsIdentity The subject name of the service certificate The default value is <identity>.For this exercise, set the key to NavServiceCert.

Certificate-20
I am using NavUserPassword as credential Type in this example.

  • Save and close the ClientUserSettings.config file.

When you start the client, you are prompted for a valid user name and password for the server domain.
Certificate-21

Enter your User Name and Password to Login, I have created one for my testing as below:
Certificate-22
To modify the Microsoft Dynamics NAV Web client configuration file to add certificate information

  1. On the computer that is installed the Microsoft Dynamics NAV Web Server components, open the installation folder for the Microsoft Dynamics NAV Web client. By default, the folder is C:\Program Files\Microsoft Dynamics NAV\80\Web Client.
  2. Open the web.config file in a text editor, such as Notepad.
  3. Find the <DynamicsNavSettings> element, and then change the following settings:
Key New value Description
ClientServicesCredentialType NavUserPassword or Username The default value is Windows. When you change it to NavUserPassword or Username, client users who connect to the server are prompted for user name and password credentials.
DnsIdentity The subject name of the service certificate For this exercise, set the key to NavServiceCert.
  1. Save the web.config file.

This too works as above, credentials will be asked when you open WebClient.

While writing this post I am not having Web Client installed on my computer so unable include screen shots for same.

 

28.629409 77.432905

Rate this:

Share this with:

  • Click to share on Twitter (Opens in new window)
  • Click to share on Facebook (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Pocket (Opens in new window)
  • Click to share on WhatsApp (Opens in new window)
  • Click to share on Skype (Opens in new window)
  • Click to email this to a friend (Opens in new window)

Like this:

Like Loading...
Tagged 2015, Certificate's, Dynamics, Implementing, Login, Microsoft, MS, Nav, Navision, Over, Security, Support, WAN2 Comments
Development Tips

How to grant access to the certificate’s private key to the service account for Microsoft Dynamics NAV Server

August 7, 2015August 7, 2015 Ashwini Tripathi

To start with this exercise you need to first create certificate and certificate revocation list, if not yet created refer to previous post.

Previous Step Link- How to create a root CA and a private key file by using the makecert.exe utility

Previous Step Link- How to create certificate revocation list for the root certification authority

Previous Step Link- How to create and install a test certificate for the Microsoft Dynamics NAV Server computer

Let’s start with this exercise:

  • In the left pane of MMC, expand the Certificates (Local Computer) node, expand the Personal node, and then select the Certificates subfolder.
  • In the right pane, right-click the NavServiceCert certificate, choose All Tasks, and then choose Manage Private Keys.
  • In the Permissions for NavServiceCert private keys dialog box, choose Add.

In the Select Users, Computers, Service Accounts, or Groups dialog box, enter the name of the service account that is used by Microsoft Dynamics NAV Server By default, the service account is NETWORK SERVICE. Choose OK when done.
Certificate-15
Security Note

In a production environment, you run Microsoft Dynamics NAV Server under a dedicated domain user account instead of the less secure NETWORK SERVICE account. Because this is a test implementation, the NETWORK SERVICE account is acceptable.

  • In the Permissions for NavServiceCert private keys dialog box, select the account, and then select the Allow check box next to Full Control. Choose OK when done.
  • In the right pane, double-click the NavServiceCert certificate.
  • In the Certificate dialog box, choose the Details tab, and then select the Thumbprint field.

Copy or note the value of the Thumbprint field.
Certificate-16
In next step we will Implement Security Certificates and configure Microsoft Dynamics Server and update configuration file for Windows & Web Clients to support login over a WAN.

Next Step Link- Implementing Security Certificates.

28.629409 77.432905

Rate this:

Share this with:

  • Click to share on Twitter (Opens in new window)
  • Click to share on Facebook (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Pocket (Opens in new window)
  • Click to share on WhatsApp (Opens in new window)
  • Click to share on Skype (Opens in new window)
  • Click to email this to a friend (Opens in new window)

Like this:

Like Loading...
Tagged 2015, Access, Account, Certificate's, Dynamics, Grant, How, Key, Microsoft, MS, Nav, Navision, Private, Server, Service3 Comments

Click for enquiry mail

Listed in 2016 Top 25 Dynamics NAV Blog

Top 25 Dynamics NAV Blog
Follow KSD Consultancy on WordPress.com

Now We Are Partner with ForNAV

Click Image to send your Query

Blog Stats

  • 314,222 hits
Click Here

Recent Posts

  • Update Tracking Line, Post Shipment using Web Services in Business Central February 17, 2021
  • Cumulative Updates for Microsoft Dynamics NAV 2016/2017/2018 And BC Released in Feb 2021 February 10, 2021
  • Cumulative Updates for Microsoft Dynamics NAV 2016/2017/2018 And BC Released in Jan 2021 January 13, 2021
  • Extension Install Code January 9, 2021
  • Docker Maintenance January 6, 2021

LinkedIn

View Ashwini Tripathi's profile on LinkedIn

Archives

Categories

Click Here

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 806 other followers

RSS Feed RSS - Posts

Follow On Facebook Page

Follow On Facebook Page

Started from 07 May 2016

Flag Counter

Location

Crossing Republic, Ghaziabad, India
+919650806714
09:00 PM to 08:00 AM
Create a website or blog at WordPress.com
loading Cancel
Post was not sent - check your email addresses!
Email check failed, please try again
Sorry, your blog cannot share posts by email.
%d bloggers like this: