Microsoft Dynamics Mobile - Server Components Security

Dynamics Mobile 1.5

Before you install and configure Microsoft Dynamics Mobile - Server Components, review the following security information:

  • By default, the Microsoft Dynamics Mobile - Server Components Web services are configured to use Windows authentication. The Microsoft Dynamics Mobile - Server Components Web services do not support Anonymous authentication. If you use Anonymous authentication, the Web server returns an error.

  • Ensure that the deployment of the document, management, deployment, and logging services observe the best practices that are described in the Windows Server 2003 Security Guide or Windows Server 2008 Security Guide. Familiarize yourself with the contents of the Security Guide, paying special attention to Chapter 9, “The Web Server Role.” For more information about how to make the individual Web services more secure, see ASP.NET Web Site Security.

  • Microsoft Dynamics Mobile - Server Components supports both SQL and Windows authentication for connection strings to the Microsoft SQL Server databases from the Web services. By default, the document, management, logging and deployment Web services are configured to use the Default Application Pool of the IIS, which runs under the Network Service account by default. Because multiple services can use the Network Service account, it is difficult to control which services have access to SQL Server databases. Observe the guidelines for setting SQL Service Agent accounts as described in Microsoft SQL Server 2005 Books Online or Microsoft SQL Server 2008 Books Online.

  • Ensure that you have set up appropriate access control to files and shares. For example, if you integrate with Microsoft Dynamics NAV using Microsoft Dynamics NAV Application Server, the user account for Microsoft Dynamics NAV Application Server must have access to read and execute the business connector file, Microsoft.Dynamics.Mobile.Server.Services.Document.NAVBusinessConnector.dll. Other users must not have access to this file.

  • To increase security, use Hypertext Transfer Protocol over Secure Sockets Layer (http over SSL or https) on the Web services and encrypt the web.config files. You can set up SSL and encryption during installation of the Web services or by changing the web.config file after installation. For more information, see How to: Encrypt a web.config File.

Community Additions

ADD
Show: