Checklist: Configure Enterprise Portal security
Important
This content is archived and is not being updated. For the latest documentation, see Microsoft Dynamics 365 product documentation. For the latest release plans, see Dynamics 365 and Microsoft Power Platform release plans.
Applies To: Microsoft Dynamics AX 2012 R3, Microsoft Dynamics AX 2012 R2, Microsoft Dynamics AX 2012 Feature Pack, Microsoft Dynamics AX 2012
In Enterprise Portal for Microsoft Dynamics AX, security is enforced by using a combination of features and services. This topic includes checklists that can help you configure security in Enterprise Portal.
Checklists for configuring Enterprise Portal security
By default, only the administrator who installed Enterprise Portal can access the site. Therefore, Enterprise Portal is effectively locked after it is installed. The configuration of security in Enterprise Portal involves verifying roles, enabling security features, and granting users access to the site. Information in the following tables can help you configure Enterprise Portal security.
Table 1: Security tasks for the server and operating system
Task |
More information |
|---|---|
Verify security settings for Internet Information Services (IIS) and SharePoint. |
See the product documentation on Microsoft TechNet and MSDN. |
Encrypt Enterprise Portal client-server communications by using Secure Sockets Layer (SSL). |
Table 2: Security tasks for extranet deployments
Task |
More information |
|---|---|
Enhance Enterprise Portal security in extranet deployments by using two domain controllers and two firewalls. This deployment model is called a traditional perimeter network. Tip If you prefer not to deploy Enterprise Portal with multiple domain controllers, you can authenticate Enterprise Portal users by using claims-mode authentication. For more information, see the next item in this checklist. |
Install Enterprise Portal in a traditional perimeter network |
Deploy an Enterprise Portal site that uses the claims mode authentication that is provided by SharePoint. In the context of Microsoft Dynamics AX, this claims mode authentication is called Flexible authentication. Flexible authentication enables businesses and organizations to authenticate Enterprise Portal users without having to store user accounts in Active Directory Domain Services. |
Deploy an Enterprise Portal site that uses forms-based authentication |
Table 3: Security tasks to enable user access
Task |
More information |
|---|---|
Verify that the Enterprise Portal site is registered in Microsoft Dynamics AX. |
Click System administration > Setup > Enterprise Portal > Web sites. |
Verify that Microsoft Dynamics AX role-based security is configured. At a minimum, users and groups must be members of the System user role. |
|
Grant users and groups permission to view the site in SharePoint. |
|
Specify user relations. User relations trim data based on a user's designated role and account. User relations are required for extranet deployments and for an employee self-service portal. Employees who only access an employee self-service portal must be assigned a Worker relation in the User relations form. |
|
Grant users and groups access to Microsoft SQL Server Reporting Services (SSRS) reports. Users and groups must have this access to view SSRS reports in Enterprise Portal and Role Centers. |
|
Grant users and groups access to Microsoft SQL Server Analysis Services (SSAS) cubes. Users and groups must have this access to view SSAS reports in Enterprise Portal and Role Centers. |
|
Configure Enterprise Portal for data partitions. |