Technical Installation Authorization Box
This document describes how to install the Authorization Box Connector and the Dynamics 365 Business Central On-premise (formerly known as Dynamics NAV, new name introduced October 1st, 2018) web service. These steps are required for installing the Authorization Box Connector. This service is required for (secure) communication with the other components of Authorization Box.
Please contact 2-Control support if you have any questions: firstname.lastname@example.org. Be sure to provide:
- Version of your Windows- and Dynamics environment
- Screenshot of any error or message you receive
- If possible, send any log files or other error messages which may be relevant.
Installation Requirements Authorization Box
Supported Dynamics 365 Business Central / Dynamics NAV versions: Dynamics NAV 2013 R2 and up;
- SOAP Services needs to be enabled on the service tier configuration;
- A free object ID for execution of the web service codeunit in your Dynamics license:
- For on premise installations:
- If you have 2-Control extension or module such as Field and Dataset Security or Field Validation, you do not need a free object ID, the codeunit is included in every 2-Controlware add-on. You might need to upgrade to the most recent version;
- Otherwise, please pass the free object ID to 2-Control support so we can provide you with the correct codeunit. If you have problems in finding a free object ID, please contact your Microsoft partner;
For Dynamics 365 Business Central in the cloud:
- We can provide you with an extension that can be used as connector;
- A Windows version supported by Microsoft;
- .Net framework 4.6.1 or more recent.
Accounts and permissions
Authorization Box requires two accounts:
- Dynamics access: a Dynamics user with SUPER permissions in any environment which needs to communicate with Authorization Box;
- Account permissions for the Authorization Box Connector (Windows service): by default this service is installed with the Network Service account. You are free to use a different account for this service afterwards, the following permissions are then required:
- Log on as a service
- Read and execute permissions for the service installation folder.
The firewall needs to enable communication between:
1. The Authorization Box Connector and any Dynamics service tier to be connected;
2. The Authorization Box Connector and https://login.2-control.nl. This concerns only outside communication from your server to the Authorization Box web application (port 443).
Installation by 2-Control
In case a consultant installs Authorization Box Connector for you, we need a contact or an account with administrator rights on the machine where the service will be installed in addition to the requirements mentioned above.
See below the different steps for installing the Dynamics web service and the Authorization Box Connector. Finally, we help you setting up your first database connection.
Dynamics 365 Business Central / Dynamics NAV
For on premise installations:
- Import the provided codeunit ABWebService (id 111120222) in your development environment.
- If you have the most recent version of 2-Controlware, you already have this codeunit with id 11112022
- 2-Control support will help you if you need the object with a different object id because of license permissions
- Create in the page Web Services a web service with this information:
- Object Type: Codeunit
- Object ID: 11112022 (or a customization number if you do not have 2 Controlware)
- Service Name: AB
- Published should be True (ticked)
- OData URL is not applicable
- Copy the SOAP URL, you will need it in the next steps.
- The Authorization Box Connector should be installed on a server which can access the above installed web service. Check on the machine on which the connector will be installed whether you can open the SOAP URL in a browser. You might have to enter account credentials used by the service for Dynamics access. You should see a valid XML-document (see below for an example). If you do not get something like the screenshot below, either:
- the configuration of the web service is incorrect;
- the codeunit is not compiled in Dynamics;
- any credentials entered are incorrect – check by starting the Dynamics client with Run as other user in the right mouse menu combined with shift;
- the (domain) name of the server needs to be replaced with its IP address because incorrect set up of delegation (SPN’s) - see https://docs.microsoft.com/en-us/previous-versions/dynamicsnav-2016/jj551742(v=nav.90) for more information about delegation;
- or the browser cannot reach the URL because of firewall restrictions or a disabled SOAP-service.
Install Authorization Box Connector
- On the server where you want to install the connector, run the installer setup.exe from the zip file authorizationbox-setup.zip. You can download the installer from: https://2-control.nl/nl/software/authorization-box/ (bottom of the page: Authorization Box Connector Windows Service);
- Choose a different location for installation if required;
- Insert the security key you received in the welcome mail after registration:
- Permit changes to the system from the UAC dialog.
- If required, you can set the recovery model of the Authorization Box Connector to restart the service after the first failure in the default Windows Services console;
- If required you can change the user account of the Authorization Box Connector in the default Windows Services console. The connector is by default installed with the Network Service account.