AOS Security

Dynamics AX 2009

In Microsoft Dynamics AX, the Application Object Server (AOS) can protect the database from security threats because clients connect to the database only through the AOS. There are several security advantages when you use the AOS. This topic describes AOS security advantages and best practices for the AOS.

The following list describes security advantages when you use the AOS.

  • No direct access to the database. The client configuration does not store the information that would enable it to connect to the database.

  • Built in data encryption based on common standards.

  • Standard Microsoft security measures are used.

  • Only valid Microsoft Dynamics AX users can log in using Active Directory service.

  • A table permissions framework avoids unauthorized access to system tables. Control access to tables in the table property sheet using the AOSAuthorization property.

When installing the AOS, the setup program will ask for a domain account. The AOS must have separate domain accounts that have sufficient user rights and permissions.

NoteNote

You can change the AOS domain account later in Services. These changes must also be made in the database for the new AOS user account.


The AOS account must be a user in the database and must be assigned to the following database roles:

  • db_ddladmin

  • db_datareader

  • db_datawriter

In addition, the AOS user must have the following user rights and permissions to execute stored procedures in the database:

  • createserversessions

  • createusersessions

Running .dll files on the server can cause problems with registration and security. To prevent problems:

  • Always try to run .dll files on the client.

  • Any .dll files that require user interface action must always run on the client.

AOS and batch processes ordinarily run on a different computer than the client. Therefore, when you refer to the operating environment from code, consider that C:\ on the server may not be the same as C:\ on the client.

Community Additions

ADD
Show: