編輯

共用方式為


Data security in Business Central

The Business Central security system allows you to control which objects or tables a user can access within each database. You can specify the type of access that each user has to these objects and tables, whether they're able to read, modify, or enter data.

You can specify which records are stored in the tables that each user is allowed to access. This means that permissions can be allocated at both the table level and the record level.

The security system contains information about the permissions that are granted to each user who can access a particular database.

This information includes the roles that the users have been assigned, and any permissions that they are granted to individual users.

There are four different levels of security:

  • Database
  • Company
  • Object
  • Record

Graphically, these can be represented as the layers, where the central layer is the records in the database.

Security overview.

The first layer of security when you open Business Central is database security.

After you start Business Central and attempt to open the database, your credentials are checked. For more information about granting a user permission to create or work with a Business Central database, see Setting Database Owner and Security Administration Permissions.

Database logins

Users are given a database sign in when they have their own user ID and password in Business Central. The user must enter the user ID and password to access the database.

Note

Database logins are only valid for connecting to the database from the Business Central.

How database logins work

Users must also have a sign in on SQL Server. SQL Server has its own authentication of the user's ID and password. SQL Server does this by checking whether a SQL Server sign in with this user's ID and password is created.

This sign in must first be created by a SQL Server administrator, with a SQL Server tool. If a SQL Server sign in hasn't been set up, authentication fails and the user receives an error. For more information, see Setting Database Owner and Security Administration Permissions.

The user is granted access to the server after their sign in is authenticated. Database security then validates the user's permissions by checking the database user accounts on the server. The permissions that the user has been granted to the various objects within the database, such as tables, are determined by the information contained in the user's database user account. This account also contains information about any extra permissions that the user might be granted to alter the database itself.