Import-NAVEncryptionKey
Imports an encryption key from a file to a Business Central Server instance and database in SQL Server.
Syntax
Import-NAVEncryptionKey
[[-ServerInstance] <String>]
-ApplicationDatabaseServer <String>
[-ApplicationDatabaseCredentials <PSCredential>]
-ApplicationDatabaseName <String>
[-KeyPath] <String>
[-Password <SecureString>]
[-Force]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
When using SQL Server authentication between the Business Central Server instance and database in SQL Server,Business Central encrypts passwords that are used by a Business Central Server instance to access to Business Central databases in SQL Server. This includes, for example, the Business Central Server service account credentials and the database credentials.
To encrypt and decrypt the passwords, an encryption key is used. Business Central uses a single encryption key per server instance. The encryption key must be installed on the computer where Business Central Server is installed and in the Business Central database.
In some cases, such as when upgrading or migrating a system from one set of hardware to another, you might need a copy of the encryption key that is used on one Business Central Server instance to use on another Business Central Server instance.
By first using the Export-NAVEncryptionKey cmdlet to export the encryption key from one Business Central Server instance to a file, you can then use the Import-NAVEncryptionKey to import the encryption key from the file to another Business Central Server instance. The Import-NAVEncryptionKey cmdlet enables you to specify a destination file for the encryption key and also specify a password that is used to protect the file, if any.
You cannot import an encryption key on the Business Central Server instance if an encryption key file already exists. You must first delete the encryption key from the computer where Business Central Server is installed. By default, encryption keys are stored in the C:\ProgramData\Microsoft\Business Central\130\Server\Keys folder.
Examples
EXAMPLE 1
Import-NAVEncryptionKey -ServerInstance BC -KeyPath "C:\Keys\nav.key" -ApplicationDatabaseServer MyNavSQLServer\MyNAV -ApplicationDatabaseName MyNavDB -Password (Get-Credential).Password
This example imports an encryption key from a password protected file that has the file path C:\Keys\nav.key to the Business Central Server instance that is called BC. The encryption key is imported to the MyNavDB database on the MyNavSQLServer\MyNAV server instance in SQL Server.
Parameters
-ApplicationDatabaseCredentials
Specifies the user name and password of the login account to use to access the application database in SQL Server by using SQL Server authentication
Type: | PSCredential |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-ApplicationDatabaseName
Specifies the name of the Business Central database in SQL Server to which you want to import the encryption key. In a multitenant deployment, this is the application database, which contains a list of mounted tenants.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-ApplicationDatabaseServer
Specifies the SQL Server name and instance, such as MyServer\MyInstance, that hosts the Business Central database in which you want to import the encryption key. In a multitenant deployment, this is the application database, which contains a list of mounted tenants.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before executing the command.
Type: | SwitchParameter |
Aliases: | cf |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Force
Forces the command to run without asking for user confirmation.
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-KeyPath
The full path to the file that contains the encryption key. The full path includes the drive, folders and file name.
Type: | String |
Position: | 1 |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-Password
Specifies a password that protects the encryption key file that are importing.
Type: | SecureString |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ProgressAction
A common PowerShell parameter that determines how PowerShell responds to progress updates generated by a script, cmdlet, or provider. Learn more.
Type: | ActionPreference |
Aliases: | proga |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ServerInstance
Specifies the name of a Business Central Server instance, for example, BC or myinstance. You can specify either the full name of an instance, such as MicrosoftDynamicsNavServer$myinstance or the short name such as myinstance.
Type: | String |
Position: | 0 |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-WhatIf
Describes what would happen if you executed the command without actually executing the command.
Type: | SwitchParameter |
Aliases: | wi |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Inputs
System.String
You can pipe the ServerInstance and KeyPath as strings to this cmdlet.
Outputs
None