Among the many new enhancements and features delivered with Microsoft Dynamics GP 2015 is identity management with organizational accounts. A Microsoft Dynamics GP user has multiple identities: a user login for Microsoft Dynamics GP, which corresponds to an SQL login for that user, network credentials that are entered for a user’s daily work, and possibly an organizational account, an account that has been added to Windows Azure Active Directory. With the new feature, a single sign-on is now available for the organizational accounts. This is only available on the Web Client.
The challenge for Microsoft was streamlining processes by eliminating multiple sign-ons, while not sacrificing security. A user can be tied to an organizational account, but that organizational account is not in SQL. With an organizational account being used, a common SQL login can be set up in Microsoft Dynamics GP, and that login can be used to access the database.
A Windows Azure Application is required , so the first step is creating and configuring the Windows Azure Application. The application is used for authentication to Azure Active Directory. Be sure to select “Read directory data” permissions for the application you are configuring. A key is generated—remember to copy it, as you’ll never see it again after you navigate away from the window where it appears. You’ll need it during implementation.
In the Authentication Type window, you can now select “Organizational Account.” In the Microsoft Dynamics GP User Setup window, you can map a user to an organizational account.