This section describes SQL security needed for MoversSuite
and Microsoft Dynamics GP users.
NOTE: If
MoversSuite Administration is loaded on the same server as SQL, then the
application pool identity account will need the MssExec role on
MoversSuite2 database and the MssGPExec roll on the
company-specific Dynamics GP database.
NOTE: If
MoversSuite Administration or the MoversSuite queuing service is
ran on machine other than the SQL server, then the machine account will need the
MssExec role on MoversSuite2 database and the MssGPExec
roll on the company-specific Dynamics GP database.
SQL Security for MoversSuite
Users
MoversSuite integrates with Windows Authentication
protocol to validate transactions through an SQL server.
This protocol requires MoversSuite users to have domain
accounts set with the following roles:
§ MoversSuite users will need to have the
following roles on the MoversSuite2 database:
MssExec
public
§ MoversSuite users and the MssAPI service
users will need to have the following roles on the company-specific
Microsoft Dynamics GP database:
MssGPExec
public
NOTE: MssAPI service users
need MssGPExec rights for importing payments through the CSV Import.
Assign roles to individual domain user accounts or domain
groups. The following procedure describes the process of setting these roles to
a new domain user/group for MoversSuite:
|
|
|
|
1 |
Open the Microsoft SQL Server Management
application. |
|
2 |
Open a connection to the server hosting MoversSuite
using the Connect > Database Server option, which opens the
Connect to Server window. |
|
3 |
Select the Server name and appropriate
authentication and press Connect to open. |
|
4 |
Expand the Security folder and then expand the
Logins folder. |
|
5 |
Right-click on Logins and choose New
Login.
Figure 42: New Login
option
This will open the Login – New screen. |
|
6 |
Enter the name of the domain user/group in the Login
name field. Note: Keep the default settings for other
fields on the General page. |
|
7 |
Click on the User Mapping link (under Select a
page) to accessing the login to role mapping page. |
|
Set roles for this user for
the MoversSuite2 database |
|
8 |
In the “Users mapped to this login” section, select the
MoversSuite2 database for the user by placing a check ( ) in the Map column.
Figure 43: Users mapped to
this login section
|
|
|
Map roles to the login by selecting MssExec and
public within the “Database role membership for” section.
Figure 44: Database role
membership for section
|
|
Set roles for this user for
the company-specific Dynamics GP database |
|
9 |
In the Users mapped to this login section, select the
company-specific Dynamics GP database for the user by placing a check
() in the Map column.
Figure 45: Users mapped to
this login section
|
|
10 |
Map roles to the login by selecting MssGPExec and
public within the “Database role membership for” section.
Figure 46: Database role
membership for section
|
|
|
Press OK to save the new domain
user/group. |
SQL Security for Microsoft
Dynamics GP Users
Dynamics GP user accounts are created from within Microsoft
Dynamics GP. Microsoft Dynamics GP creates a corresponding SQL user
account. These SQL user accounts will need the following roles:
§ Dynamics GP users will need to have the
following roles on the MoversSuite2 database:
MssExec
Public
§ Dynamics GP users will need to have the
following roles on the Dynamics database as well as any
company-specific Dynamics GP database:
DYNGRP
public
The following procedure instructs a user on assigning roles
through Microsoft SQL Server Management:
|
|
|
|
1 |
Open the Microsoft SQL Server Management
application. |
|
2 |
Open a connection to the server hosting MoversSuite
using the Connect > Database Server option, which opens the
Connect to Server window. |
|
3 |
Select the Server name and appropriate
authentication and press Connect to open. |
|
4 |
Expand the Security folder and then expand the
Logins folder. |
|
5 |
Locate appropriate domain users and choose
Properties from the right-click option. This opens the
Login Properties window.
Figure 47: Right-click
options from Logins entries
|
|
6 |
From Login Properties, select User
Mappings from the Select a page menu. |
|
7 |
In the “Users mapped to this login” section, select the
MoversSuite2 database for the user by placing a check () in the Map column.
Figure 48: Users mapped to
this login section
|
|
8 |
Map roles to the login by selecting MssExec and
public within the “Database role membership for” section.
Figure 49: Database role
membership section
|
|
9 |
Repeat Steps 7 and 8 for the Dynamics
database and the company-specific Dynamics GP database but setting
the DYNGRP role for each instead of MssExec.
Figure 50: User Mappings
page
|
|
9 |
Press OK to keep the changes and to close the
Login Properties screen. |