Purchasing A Single User Licence For Microsoft Dynamics Nav 2018
Microsoft's server licensing can be complicated. Do you need a client access license (CAL)? If so, should it be a user CAL or a device CAL? And should your CAL operate in per-server or per-seat mode? If choosing licenses for your Microsoft products is making your head spin, our guide to Microsoft server and client licensing is here to help.
Force logins limitations for some users can boostimprove system (few active Sessions..) as standard users can login in NAV multiple times, ex of real Scenario: CEO can have multiple logins, operational people NO !!
NAV 2013 and Later
From NAV 2013 Microsoft created a table named: Active Sessions – Table ID 2000000110 This table contains information about all the active sessions, showing Connected Client TypePC and Users)
Take a look to my previous post about “ALL ABOUT” Kill (In)active Sessions when “no more licenses”, with the VB.NET app in this post, you can show Client TypePC and Connected User from this app to decide “who is the user” than try to use more than one NAV session.
Source https://robertostefanettinavblog.wordpress.com/2017/01/15/all-about-kill-inactive-sessions-when-no-more-licenses/
Starting from User Setup Table
You can add a boolean field “Multilogin” to User Setup Table (table 91)” ; with this boolean field you can check if user can login more times in NAV instead of only one time.
User Setup – Table ID 91 User Setup
Before you need to add the new field “Multilogin” on Page “User Setup” (…or comment C/AL check code… you can’t login in anyway if you haven’t configured your user in this table)
..We can’t use System Table User.. because is used by System on Login process .. if you try to use this table you can’t start Windows Client…
To Restrict multiple logins we can use Login Codeunit
Codeunit 40 – LogInManagement
This codeunit is ht first fired on Login Time and I can add C/AL code here to trap user logins.
Steps: Open Codeunit 40, goto function CompanyOpen()
In CompanyOpen function add two new local variables: locUser and locActiveSessione
Modify the CompanyOpen function in this way:
C/AL Code “Before”
CompanyOpen()
IF GUIALLOWED THEN LogInStart; C/AL Code “After”
CompanyOpen()
locUser.GET(UPPERCASE(USERID));
IF NOT locUser.Multilogin THEN
BEGIN
locActiveSession.RESET;
locActiveSession.SETRANGE(“User ID”,UPPERCASE(USERID));
locActiveSession.SETRANGE(“Client Type”, locActiveSession.”Client Type”::”Windows Client”); //For RTCWindows Clients
IF locActiveSession.COUNT > 1 THEN
ERROR(‘You are currently logged in NAV, you can’t have more sessions!’);
END;
IF GUIALLOWED THEN
LogInStart;
// Register all Microsoft Dynamics CRM connection strings
IF CRMConnectionSetup.GET THEN
CRMConnectionSetup.UpdateAllConnectionRegistrations;
Results
System abort login codeunit and display the Error Message “’You are currently logged in NAV, you can’t have more sessions!”; you can usetrap also others login types: ex: Web Client, Web Service, Background Sessions and so on.
Another Nice Feature
You can decide also “how many sessions” each user can launch adding a “No. Sessions” field in User Table.
C/AL Code
CompanyOpen()
locUser.GET(UPPERCASE(USERID));
IF NOT locUser.Multilogin THEN
BEGIN
locActiveSession.RESET;
locActiveSession.SETRANGE(“User ID”,UPPERCASE(USERID));
locActiveSession.SETRANGE(“Client Type”, locActiveSession.”Client Type”::”Windows Client”); //For RTCWindows Clients
IF locActiveSession.COUNT > 1 THEN
ERROR(‘You are currently logged in NAV, you can’t have more sessions!’);
END
ELSE
BEGIN
locActiveSession.RESET;
locActiveSession.SETRANGE(“User ID”,UPPERCASE(USERID));
locActiveSession.SETRANGE(“Client Type”, locActiveSession.”Client Type”::”Windows Client”); //For RTCWindows Clients
Purchasing A Single User License For Microsoft Dynamics Nav 2018 Server Installation
IF locActiveSession.COUNT > locUser.”No. Sessions” THEN
ERROR(‘You are currently logged in NAV, you can’t have more than ‘ + FORMAT(locActiveSession.COUNT-1) + ‘ sessions!’);
END;
IF GUIALLOWED THEN
LogInStart;
// Register all Microsoft Dynamics CRM connection strings
IF CRMConnectionSetup.GET THEN
CRMConnectionSetup.UpdateAllConnectionRegistrations;
Results
Bingo !
-->Microsoft Dynamics NAV 2018 supports several credential authorization mechanisms for Dynamics NAV users. When you create a user, you provide different information depending on the credential type that you are using in the current Microsoft Dynamics NAV Server instance.
Important
All users of a Microsoft Dynamics NAV Server instance must be using the same credential type. You specify which credential type is used for a particular Microsoft Dynamics NAV Server instance in the Microsoft Dynamics NAV Server Administration tool.
For more information about how to create users, see How to: Create Microsoft Dynamics NAV Users. Alternatively, you can create new users using the Windows PowerShell cmdlet, New-NAVServerUser. For more information, see Microsoft Dynamics NAV Windows PowerShell Cmdlets.
Credential Types
Dynamics NAV supports the following credential types.
| Credential types | Description |
|---|---|
| Windows | With this credential type, users are authenticated using their Windows credentials. You can only specify Windows as the credential type if the corresponding user exists in Windows (Active Directory, local workgroup, or the local computer’s users). Because they are authenticated through Windows, Windows users are not prompted for credentials when they access Dynamics NAV. |
| UserName | With this setting, the user is prompted for username/password credentials when they access Dynamics NAV. These credentials are then validated against Windows authentication by Microsoft Dynamics NAV Server. There must already be a corresponding user in Windows. Security certificates are required to protect the passing of credentials across a wide-area network. Typically, this setting should be used when the Microsoft Dynamics NAV Server computer is part of an authenticating Active Directory domain, but the computer where the Microsoft Dynamics NAV Windows client is installed is not part of the domain. |
| NavUserPassword | With this setting, authentication is managed by Microsoft Dynamics NAV Server but is not based on Windows users or Active Directory. The user is prompted for username/password credentials when they start the client. The credentials are then validated by an external mechanism. Security certificates are required to protect the passing of credentials. This mode is intended for hosted environments, for example, where Dynamics NAV is implemented in Azure. |
| AccessControlService | With this setting, Dynamics NAV relies on Microsoft Azure Access Control service (ACS) or Azure Active Directory (Azure AD) for user authentication services. ACS is a cloud service that provides user authentication and authorization for web applications and services. ACS integrates with standards-based identity providers, including enterprise directories such as Active Directory, and web identities such as Microsoft account, Google, Yahoo!, and Facebook. For more information, see Authenticating Users with Microsoft Azure Access Control Service. Azure AD is a cloud service that provides identity and access capabilities, such as for applications on Azure, in Microsoft Office 365, and for applications that install on-premises. If the Microsoft Dynamics NAV Server instance is configured to use AccessControlService authentication, you can specify an Azure AD account for each user in the Office 365 Authentication field so that they can access both the Microsoft Dynamics NAV Web client and their Office 365 site. Also, if you use Dynamics NAV in an app for SharePoint, users have single sign-on between the SharePoint site and Dynamics NAV. For more information, see Authenticating Users with Azure Active Directory. |
| None | For internal use on system sessions and typically should not be used. If you choose None, then the Microsoft Dynamics NAV Server instance cannot start. |
| ExchangeIdentity and TaskScheduler | For internal use only, and should not be used. |
Important
If Microsoft Dynamics NAV Server is configured to use NavUserPassword or AccessControlService authentication, then the username, password, and access key can be exposed if the SOAP or OData data traffic is intercepted and the connection string is decoded. To avoid this condition, configure SOAP and OData web services to use Secure Socket Layer (SSL). For more information, see Walkthrough: Configuring Web Services to Use SSL (SOAP and OData).
Configuring the Credential Type
RoleTailored clients and Microsoft Dynamics NAV Server must be configured to use the same credential type.
To edit the configuration for the Microsoft Dynamics NAV Server instance, you can use either the Microsoft Dynamics NAV Server Administration tool or the Microsoft Dynamics NAV Administration Shell. In the Microsoft Dynamics NAV Server Administration tool, you configure the credential type in the Credential Type field on the General tab. Alternatively, you can edit the CustomSettings.config file. For more information, see Configuring Microsoft Dynamics NAV Server.
Important
When Microsoft Dynamics NAV Server services are deployed on Azure, you must configure them on Azure. For more information, see How to: Open Microsoft Dynamics NAV Clients that Connect to Microsoft Dynamics NAV on Microsoft Azure.
For each Microsoft Dynamics NAV Windows client user, you must modify the ClientUserSettings.config file. The default location for this file is C:Users<username>AppDataRoamingMicrosoftMicrosoft Dynamics NAV100, where <username> is the name of the user. For the Microsoft Dynamics NAV Web client users, you must modify the configuration file for the Microsoft Dynamics NAV Web Server components. For information, see Configuring Microsoft Dynamics NAV Web Client by Modifying the Web.config File. In the relevant configuration file, find the ClientServicesCredentialType parameter and change the value to one of the options listed earlier.
When you change the credential type for a Microsoft Dynamics NAV Server instance and the relevant client configurations, the changes take effect when you restart the Microsoft Dynamics NAV Server instance and users connect to the instance again.
See Also
How to: Create Microsoft Dynamics NAV Users
Configuring Microsoft Dynamics NAV Server
Configuring Microsoft Dynamics NAV Web Client by Modifying the Web.config File
Configuring the Windows Client
Microsoft Dynamics NAV Windows PowerShell Cmdlets
How to: Open Microsoft Dynamics NAV Clients that Connect to Microsoft Dynamics NAV on Microsoft Azure