Home » Listing Details
Top Websites
  1. Dynamics GP Help
    Over 5600 resources listed.
  2. Mark Polino's DynamicAccounting.net
    Over 5100 resources listed.
  3. Rose Business Solutions Blog New
    Over 2200 resources listed.
  4. Developing for Dynamics GP - By David Musgrave and the MS GP Dev Support Team
    Over 1100 resources listed.
  5. Mariano Gomez at The Dynamics GP Blogster
    Over 900 resources listed.
  6. Microsoft Dynamics Partner Community Blog
    Over 900 resources listed.
  7. Christina Phillips, Steve Endow & Lorren Zemke at Dynamics GP Land
    Over 700 resources listed.
  8. Mohammad Daoud's Dynamics GP Blog
    Over 600 resources listed.
  9. Vaidy Mohan at Dynamics GP - Learn & Discuss
    Over 500 resources listed.
  10. Inside Microsoft Dynamics GP Official Blog
    Over 500 resources listed.
  11. eOne Business Solutions Blog
    Over 400 resources listed.
  12. About Dynamics, Development and Life
    Over 300 resources listed.
  13. Frank Hamelly at GP2theMax
    Over 300 resources listed.
  14. Dynamics CPM
    Over 300 resources listed.
  15. BKD Dynamics GP Insights Blog
    Over 200 resources listed.
  16. Leslie Vail at Dynamics Confessor Blogspot
    Over 200 resources listed.
  17. Victoria Yudin's Dynamics GP Website
    Over 200 resources listed.
    Victoria Yudin
  18. Janakiram M.P. at DynamicsBlogger
    Over 100 resources listed.
  19. VS Tools Forum
    Over 100 resources listed.
    Your Resource for Visual Studio Tools for Dynamics GP
  20. Inside Microsoft Dynamics GP Official Blog
    Over 100 resources listed.
  21. US Dynamics GP Field Team Blog
    Over 100 resources listed.
  22. Catherine Eibner MBS Developer Evangelist
    Over 100 resources listed.
  23. Sivakumar Venkataraman at Interesting Findings & Knowledge Sharing
    Over 100 resources listed.
  24. Dynamics Small Business
    Over 100 resources listed.
  25. Belinda, The GP CSI
    Over 100 resources listed.

ID:8071
Title:Do we really want Windows Authentication for Microsoft Dynamics GP?
URL:http://blogs.msdn.com/developingfordynamicsgp/archive/2009/12/09/do-we-really-want-windows-authentication-for-microsoft-dynamics-gp.aspx
Description:

David Meego - Click for blog homepageOver the years, I have seen many requests for Windows Authentication support for Microsoft Dynamics GP, and I have to say I have mixed feelings about it. In theory, it sounds good, but in practice it may be a threat to your customer's financial information security.

Regardless of authentication method, users will still have to select a company to access which defeats the purpose of having a single sign-on.

If we have true Windows Authentication, then a workstation left unattended without being locked, could be used to access the financial system without the additional level of security of requiring a login.  Also, if Windows Authentication is used, the password will not be encrypted (see article below). 

The encryption of the passwords is what prevents access to the financial data using external tools to access the SQL Server.  Having an encrypted password means that you must use the Microsoft Dynamics GP application to access the data and so are then subject to the application's security system. You cannot bypass the application level security as the password will not work from an external tool.

When a customer asks for Windows Authentication, I think we should not apologize and say that it is not supported.  Instead we should sell the benefits of having an extra level of security provided by SQL Server Authentication with encrypted passwords.  This extra level will protect the customer's valuable financial data. 

Note: There are some third party ISV solutions which can synchronize the SQL user names and passwords with the Windows user names and passwords.  While this simplifies the system by not having to remember more than once password, it is not true Windows Authentication.

For more information related to this topic, have a look at the following article:

Why does Microsoft Dynamics GP encrypt passwords?

Post a comment and let me know what you think?

David

11-Dec-2009: Added follow up comment:

Please don't get me wrong, I am not saying I don't want Windows Authentication, just that the extra layer of security with a second login and encrypted password can be a good thing.

I think we should sell the benefits of the way it works now rather than getting defensive when asked by a customer about Windows Authentication.

I would like to see both methods supported in future so that the customer can choose what they want.

The idea of this post WAS to start an open discussion on the topic.... so please keep posting your thoughts as comments.

Category:SECURITY IN GP
Link Owner:
Date Added:June 16, 2010 08:21:04 PM
Number Hits:18
RatingsAverage rating: (0 votes)
Reviews

No Reviews Yet.

 
GPWindow.com

Thank you for your support for GPWindow. It helps us cover part of the hosting costs for GPWindow.