Hey folks,
In this article, I will share a solution when an organization using 2-tier architecture for NAV/Business Central and running an instance with Network Service Account and using SQL Server authentication for Database authentication where both servers (DB and NAV/Business Central) have shared the same workgroup users. And you see the instance is running for the default instance but due to some reason you want to change the database in your existing instance or want to run clients with a new instance then may you face any of the following issues that can be easily understood by looking into the event viewer.
Error 1:
Server instance: DynamicsNAV90
"An encryption key must be imported using Import-NAVEncryptionKey before using Sql Authentication to access the database"
Error 2:
Server instance: DynamicsNAV90
Cannot establish a connection to the SQL Server/Database.
This could be due to one of the following reasons:
* The SQL server is not started.
* The database does not exist.
* Proper permissions have not been given to the NAV Server Account.
Try again later or contact your system administrator.
The reason behind this issue can be understood as:
Basically, when you create the first instance with database credentials (by using SQL Authentication with 'sa' username and password), a new key is generated and written in the database, so when you create a new instance or change the Database to an existing instance a new key is generated and written to the database, and because of this, the first instance will stop because of mismatch key.
So if you face any above issue you need to export the working existing key from the working instance and need to import the key to the changed or new instance to make it work.
Follow the below steps to resolve this type of issues:
- Step 1: First, delete the generated key from the below location:
C:\ProgramData\Microsoft\Microsoft Dynamics NAV\90\Server\Keys
Change 90 with your folder name this in my case this is 90 because our client is using Navision 2016 for their business you can change this based on your NAV or Business Central versions.
- Step 2: Run 'Windows PowerShell ISE' as Administrator
- Step 3: Import NAV modules to run the scripts using the below command:
Set-ExecutionPolicy unrestricted -Force
Import-Module 'C:\Program Files\Microsoft Dynamics NAV\90\Service\NavAdminTool.ps1'
- Step 4: Export Encryption Key
Export-NAVEncryptionKey -ServerInstance DynamicsNAV90 -KeyPath "C:\Keys\nav.key"
- Step 5: Import Encryption Key to new Instance or only changed DB:
Set Credential:
$Credential = (New-Object PSCredential -ArgumentList 'sqluser',(ConvertTo-SecureString -AsPlainText -Force 'sqluserpassword'))
Import-NAVEncryptionKey -ApplicationDatabaseCredentials $Credential -ApplicationDatabaseServer 'dbServerName' -ApplicationDatabaseName 'DatabaseName' -KeyPath "C:\Keys\nav.key" -ServerInstance InstanceName -Force
I hope this article is helpful for you as a NAV/Business Central Administrator or Developer.
Stay Tuned!