In a previous article, we discussed security groups, one of the many features of Sage 500 ERP to ensure and contol data security. Below are instructions to help you set up your system to take advantage of the Sage 500 ERP database security features:
- Verify the SQL Server security setting in the SQL Server properties (sp_configure).
- Sage MAS 500 creates either standard (SQL) or Windows Authenticated users in SM Maintain Users.
- When creating new users, the logon is created in Sage MAS 500 and SQL Server.
- Existing SQL Server, Windows or domain (Windows Authenticated) users, or groups can be added to Sage MAS 500.
- Windows Authentication requires that logons or groups first be created in the domain or at the server.
- Windows Authenticated (domain) users can start Sage MAS 500 only when logged on to the domain.
- Domain users or groups can be added using the ellipsis in Maintain Users only after logging on to the domain. The domain must also be accessible from the SQL Server and the SQL Server startup account logon. When adding a Windows or domain group, access to Sage MAS 500 for all logons in that group is enabled. The user logons do not need to be added separately.
- Only the System Administrator (sysadmin role) in SQL Server can add new users.
- The ‘Use Windows Authentication’ option must be enabled at the logon window or the Desktop Configuration Utility to employ the domain logon for access to Sage MAS 500.
- If a user is deleted from Sage MAS 500, that user remains as a SQL Server user. This is because the logon can be used with other SQL Server applications, but that user can no longer access Sage MAS 500. If necessary, delete the user from SQL Server using Enterprise Manager or Query Analyzer.
- Configure the application role for a more secure environment.
- The application role information is configured in SM Maintain Site.
- Remove the ‘admin’ user or deselect the System Administrator role for this user.
- Sage MAS 500 prompts for the SA password to perform certain functions like adding users when you are not a System Administrator
- Select the ‘Allow Read Access’ option in SM Maintain Users to allow users to employ their logon to access the SQL Server through FRx and Crystal Reports.
- The correct authentication method, SQL Server, and database must be selected to use an ODBC DSN in FRx or Crystal Reports.
- Select the proper security option when using FRx security. This option is accessed by clicking FRx Security in Organization Information.
- Select the ‘Require User Login’ option for SQL Server authentication.
- Select the ‘Use Network ID’ option for Windows Authentication.
To learn more about Sage 500 ERP database security, download our free Sage 500 ERP Owner’s Manual available here, or by clicking the button below.
photo credit: cio.com