How to create an NAV Serviceaccount

During the Setup of Dynamics NAV 2016 you are asked to provide a username and password of the NAV serviceaccount. If you don’t specify an account then ‘NETWORK SERVICE’ will be used. This is a local Built-in account.

If SQL Server is running on the same machine (a two tier setup) as the NST (NAV Service Tier) you could get NAV working also. Just grant the NETWORK SERVICE account db_owner permissions to the NAV database. If SQL Server is running on a different server (a three tier setup) you can’t grant permission to Local Builtin ‘NETWORK SERVICE’ account on the NAV machine. In order to accomplish this task you need to assign a serviceaccount to your NAV Service Tier. The following configuration is needed for the serviceaccount:

  • Create a ‘Domain User’ in your AD. You can do this for example on your ‘Domain Controller’.
  • Enable the account to log in as a service on the NAV server
  • Enable the account to register an SPN
  • Give the account necessary database privileges in SQL server

How to Grant the ‘Log on as service’ permission:
Start the ‘Local Group Policy Editor’ on your NAV server. Go to Local Computer Policy > Computer Configuration > Windows Settings > Security Settings > Local Policies > User Rights Assignment and select ‘Log on as a service’.

Log On As A Service

For standard usage of NAV no additional NTFS permissions are needed.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s