Connection between MS Dynamics NAV 2017 and MS SQL Server 2014

I restored a database called NPFDB1 into MS SQL SERVER "DESKTOP-T6U5FJC\MSSQLSERVER2014"

In the Database (Server Instance table) Server Computer Name was "devtestserver.npfpensions.com" and changed it to "localhost"

I run this SQL Script:

 

USE NPFDB1

delete from [dbo].[User]

delete from [dbo].[Access Control]

delete from [dbo].[User Property]

delete from [dbo].[Page Data Personalization]

delete from [dbo].[User Default Style Sheet]

delete from [dbo].[User Metadata]

delete from [dbo].[User Personalization]

GO

I later check the tools > Options and Files > Database > Information. it was set and restarted both the Instance and NAV Server Administrator  

After I run the role tailored center error message occur "The Program could not create a connection to the server. Do you want to try again?" Please I need your help, have done all I know about Client config. Thanks

My Client Config:

<?xml version="1.0" encoding="utf-8"?>
<appSettings>
<!--
The network protocol used to access the database.
Valid options: Default, NamedPipes, Sockets
-->
<add key="NetworkProtocol" value="Default"/>

<!--
Name of the database server to connect to.
-->
<add key="DatabaseServer" value="DESKTOP-T6U5FJC"/>

<!--
Name of the database instance to connect to.
-->
<add key="DatabaseInstance" value="MSSQLSERVER2014"/>

<!--
Name of the database to connect to.
-->
<add key="DatabaseName" value="NPFDB1"/>

<!--
Database user name, specified when SQL authentication is used.
-->
<add key="DatabaseUserName" value=""/>

<!--
Protected database password, specified when SQL authentication is used.
-->
<add key="ProtectedDatabasePassword" value=""/>

<!--
Configures the server to request encryption on the SQL Connections used against the database.
-->
<add key="EnableSqlConnectionEncryption" value="false"/>

<!--
Configures the server to trust the SQL Server certificate.
-->
<add key="TrustSQLServerCertificate" value="false"/>

<!--
Name of the Microsoft Dynamics NAV Server instance to connect
to (for client) or listen on (for server).
-->
<add key="ServerInstance" value="DynamicsNAV100"/>

<!--
The listening TCP port for the Microsoft Dynamics NAV Server.
This is part of the server's URL.
Valid range: 1-65535
-->
<add key="ClientServicesPort" value="7046"/>

<!--
The listening HTTP port for the Microsoft Dynamics NAV
Business Web Services.
This is part of the web service's URL.
Valid range: 1-65535
-->
<add key="SOAPServicesPort" value="7047"/>

<!--
The listening HTTP port for the Microsoft Dynamics NAV
OData services.
This is part of the data service's URL.
Valid range: 1-65535
-->
<add key="ODataServicesPort" value="7048"/>

<!--
The listening TCP port for the Microsoft Dynamics NAV management Endpoint.
Valid range: 1-65535
-->
<add key="ManagementServicesPort" value="7045"/>
<!--
Configures the server to support management services.</value>
-->
<add key="ManagementServicesEnabled" value="true"/>

<!--
Configures the server to support connections from the Microsoft Dynamics NAV clients.
-->
<add key="ClientServicesEnabled" value="true"/>

<!--
Configures whether fonts are embedded in PDF files that are generated for reports.
The setting applies to reports that are run server-side and client-side.
-->
<add key="ReportPDFFontEmbedding" value="true"/>

<!--
Specifies whether users can open or save a report that is based on an RDLC report layout as Microsoft Word document from the report request page.
If you clear this check box, the Word option is removed from the Print menu on the request page.
-->
<add key="EnableSaveToWordForRdlcReports" value="true"/>

<!--
Specifies whether users can open or save a report that is based on an RDLC layout as Microsoft Excel document from the report request page.
If you clear this check box, the Excel option is removed from the Print menu on the request page.
-->
<add key="EnableSaveToExcelForRdlcReports" value="true"/>

<!--
Specifies whether users can save a report as a PDF, Microsoft Word, or Microsoft Excel document from the report preview window.
If you clear this check box, the Save As icon is removed from the report preview window.
-->
<add key="EnableSaveFromReportPreview" value="true"/>

<!--
Configures whether the server should compile and warm up the whole Business Application at startup.
This can improve the perceived startup performance on cold server.
-->
<add key="CompileBusinessApplicationAtStartup" value="true"/>

<!--
Configures the server to support SOAP web services.</value>
-->
<add key="SOAPServicesEnabled" value="false"/>

<!--
Configures the server to support OData web services. This will be used by both ODataV3 and ODataV4.
-->
<add key="ODataServicesEnabled" value="false"/>

<!--
Configures whether the ODataV3 service endpoint will be enabled.
-->
<add key="ODataServicesV3EndpointEnabled" value="true"/>

<!--
Configures whether the ODataV4 service endpoint will be enabled.
-->
<add key="ODataServicesV4EndpointEnabled" value="true"/>

<!--
Turns on or off the https for SOAP Services
-->
<add key="SOAPServicesSSLEnabled" value="false"/>

<!--
Turns on or off the https for OData Services
-->
<add key="ODataServicesSSLEnabled" value="false"/>

<!--
The public URL for accessing OData services.
The URL must have the following format:
httpSleep://<hostname>:<port>/<nav-instance>/
For example
Cronus.Nav.net:7048/.../
-->
<add key="PublicODataBaseUrl" value=""/>

<!--
The public URL for accessing SOAP web services.
The URL must have the following format:
httpSleep://<hostname>:<port>/<nav-instance>/WS/
For example
Cronus.Nav.net:7047/.../
-->
<add key="PublicSOAPBaseUrl" value=""/>

<!--
The public URL for Web Clients to access the Web Server.
The url must have the following format:
httpSleep://<hostname>:<port>/<nav-instance>/Webclient/
For example
Cronus.Nav.net:443/.../
-->
<add key="PublicWebBaseUrl" value=""/>

<!--
The public URL for accessing Windows (RTC) clients.
The URL must have the following format:
dynamicsnav://<hostname>:<port>/<nav-instance>/
For example
dynamicsnav://Cronus.Nav.net:7046/dynamicsnav/
-->
<add key="PublicWinBaseUrl" value=""/>

<!--
The default client type.

This is used in order to define URLs when the GetUrl method is called with the client type set to Default.
The value must be one of the following; Windows, Web, SOAP, or OData.
-->
<add key="DefaultClient" value="Windows"/>

<!--
The Option format to use with SOAP web services and OData services.

The value must be one of the following; OptionCaption, OptionString.
The service will deliver the option value in the specified format and will expect it in the same format back
-->
<add key="ServicesOptionFormat" value="OptionCaption"/>

<!--
The Global Language to use to use with SOAP web services and OData services.

The value must be a valid CultureInfo string like en-US or da-DK.
-->
<add key="ServicesLanguage" value="en-US"/>

<!--
Maximum permitted size of a SOAP and OData Services request, in kilobytes
-->
<add key="SOAPServicesMaxMsgSize" value="1024"/>
<!--
Turns on or off NTLM authentication protocol for SOAPServices and ODataServices
false: Use SPNEGO for SOAPServices or Windows for ODataServices (recommended)
true: Use NTLM only
-->
<add key="ServicesUseNTLMAuthentication" value="false"/>
<!--
The default time zone in which WebService, OData and NAS calls are run.
Supported values "UTC" (the default), "Server Time Zone"
(the time zone of the server), or the ID of a Windows
time zone defined in the system registry under
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones,
for example "Romance Standard Time"
-->
<add key="ServicesDefaultTimeZone" value="UTC"/>

<!--
The default company that is used for Client, OData, and NAS Services.
-->
<add key="ServicesDefaultCompany" value=""/>

<!--
Maximum permitted page size of a Data Services response, in number of entities
-->
<add key="ODataServicesMaxPageSize" value="1000"/>

<!--
Maximum time in seconds a call from the client to the server
may take to return.
Time span format: [dd.]hh:mm:ss[.ff]
dd: days
hh: hours
mm: minutes
ss: seconds
ff: fractions of a second
Or "MaxValue" to indicate there is no timeout.
-->
<add key="ClientServicesOperationTimeout" value="MaxValue"/>

<!--
The security services used to protect the client/server data stream.
Valid options: EncryptAndSign, Sign, None
-->
<add key="ClientServicesProtectionLevel" value="EncryptAndSign"/>

<!--
Maximum number of concurrent client calls that can be active on the
Microsoft Dynamics NAV Server. To disable this setting set the value
to "MaxValue".
-->
<add key="MaxConcurrentCalls" value="1000"/>

<!--
The maximum number of concurrent client connection that the service
will accept. To disable this setting set the value to "MaxValue".
-->
<add key="ClientServicesMaxConcurrentConnections" value="500"/>

<!--
Sets the grace period within which the client can reconnect to a
running session.
Time span format: [dd.]hh:mm:ss[.ff]
dd: days
hh: hours
mm: minutes
ss: seconds
ff: fractions of a second
Or "MaxValue" to indicate there is no timeout.
-->
<add key="ClientServicesReconnectPeriod" value="00:10:00"/>

<!--
Sets the maximum number of orphaned connections to be kept alive
simultaneouly for a maximum time specified by the
ClientServicesReconnectPeriod setting. A connection becomes an orphan when
the client becomes involuntarily disconnected from the server.
-->
<add key="ClientServicesMaxNumberOfOrphanedConnections" value="20"/>

<!--
Threshold for when to start compressing data sets to avoid that they
consume prohibitive amounts of memory.
-->
<add key="ClientServicesCompressionThreshold" value="64"/>

<!--
Sets the Metadata Provider cache size (in number in objects cached).
Set to 0 to disable cache.
-->
<add key="MetadataProviderCacheSize" value="150"/>

<!--
Limits the size of files that can be uploaded in order to avoid out of memory errors. This value is in megabytes.
-->
<add key="ClientServicesMaxUploadSize" value="30"/>
<!--
With the EnableDebugging flag set to true the Microsoft Dynamics NAV Server
will start with debugging mode enabled. This mode has three main functions:
1) Upon first connection by a RoleTailored Client all C# for that application
will be generated.
2) C# files will be persisted between server restarts.
3) Application Objects will be compiled with debug information.
-->
<add key="EnableDebugging" value="false"/>
<!--
Specifies whether C/AL debugging is allowed for this Microsoft Dynamics NAV Server instance.
-->
<add key="DebuggingAllowed" value="true"/>
<!--
Sets the maximum number of items to serialize or deserialize.
-->
<add key="ClientServicesMaxItemsInObjectGraph" value="512"/>
<!--
Sets the default size of a chunk, in KB. Should be a value between 4 and 80.
-->
<add key="ClientServicesChunkSize" value="28"/>
<!--
Limit the file types that can't be upload to or downloaded from the server.
Possible ways of setting this:
1) * - all file types prohibited.
2) Empty string or not specified - all file upload or download allowed.
3) List of file types separated by; - e.g. "txt;xml;pdf" will prohibit file type txt, xml & pdf.
-->
<add key="ClientServicesProhibitedFileTypes" value="ade;adp;app;asp;bas;bat;chm;cmd;com;cpl;csh;exe;fxp;gadget;hlp;hta;inf;ins;isp;its;js;jse;ksh;lnk;mad;maf;mag;mam;maq;mar;mas;mat;mau;mav;maw;mda;mdb;mde;mdt;mdw;mdz;msc;msi;msp;mst;ops;pcd;pif;prf;prg;pst;reg;scf;scr;sct;shb;shs;url;vb;vbe;vbs;vsmacros;vss;vst;vsw;ws;wsc;wsf;wsh"/>
<!--
This is codeunit-id that contains the method that will be called by the NASServicesStartupMethod.
Examples are
value="", the NAS does not start (default)
value="1", runs the trigger specified by NASServicesStartupMethod key in codeunit 1
-->
<add key="NASServicesStartupCodeunit" value=""/>
<!--
Specifies whether the NAS service runs with administrator rights instead of the rights granted by the Microsoft Dynamics NAV Server service account.
-->
<add key="NASServicesRunWithAdminRights" value="false"/>
<!--
Specifies whether the deadlock monitoring is enabled on the server.
-->
<add key="EnableDeadlockMonitoring" value="true"/>
<!--
This is method name that will be called by the NAS at startup.
Examples are
value="", runs the OnRun trigger (default)
value="StartNAS", runs the StartNAS method in the codeunit specified NASServicesStartupCodeunit
-->
<add key="NASServicesStartupMethod" value=""/>
<!--
This is the argument that will be used by the NAS when it starts up.
-->
<add key="NASServicesStartupArgument" value=""/>

<!--
When this value is set to true, then the NAS will startup with a 60 sec delay.
-->
<add key="NASServicesEnableDebugging" value="false"/>

<!--
The type of client credential used for authentication.
Possible values:
Windows - Windows authentication is used, and client will connect with "current user"
this user is expected to be the same and known to both server and client
This is the default mode and is typically used on a LAN with Active Directory
In this mode X.509 certificates are not used and options set below are ignored
UserName - Windows authentication on the server. Client is expected to present username/password
identifying a windows user known (created) on the server.
Typically the client will ask for these credentials and pass them to the server
Certificates are used to protect the passing of credentials.
This is typically used when only the server is part of an Active Directory, or
when the client is not trusted, e.g. connection over a WAN/Internet
AccessControlService - Authentication is handled by Windows Azure Access Control Service or Microsoft Azure Active Directory
To support Windows Azure Access Control Service, you must specify the symmetric key for signing in ClientServicesTokenSigningKey.
To support Microsoft Azure Active Directory, you must specify the federation metadata location in WSFederationLoginEndpoint.
Web services (SOAP and OData) are configured for OAuth authentication. You must specify AppIdUri and WSFederationLoginEndpoint.
NavUserPassword - Authentication is managed by the server but not based on windows users.
Client is expected to present username/password matching a user known to the server.
Typically the client will ask for these credentials and pass them to the server
Certificates are used to protect the passing of credentials.
This mode is used in hosted environments, such as Azure, where the list of allowed users
are maintained by Microsoft Dynamics NAV and not based on Windows users.
In this configuration, the Microsoft Dynamics NAV Server also allows Windows and Web clients to connect using ACS or Azure AD
as well as Web Service clients to connect using OAuth (see above).
-->
<add key="ClientServicesCredentialType" value="Windows"/>

<!--
The type of permissions used for removing UI elements:
Possible values:

None - No UI Elements will be removed
LicenseFile - Only object permissions in the License File will be used.
LicenseFileAndUserPermissions - Both object permissions from the License File and User Permissions system will be used.
-->
<add key="UIElementRemovalOption" value="LicenseFileAndUserPermissions"/>

<!--
ACS signs all SWT security tokens it issues using a 256-bit symmetric key.
SWT tokens can be issued over multiple protocols, such as OAuth WRAP and WS-Federation, and are always signed using a symmetric key.
-->
<add key="ClientServicesTokenSigningKey" value=""/>

<!--
Microsoft Azure Active Directory and other identity providers support SAML2.0 tokens, which they sign using certificates. The public keys of
these certificates are included in the token payload as well as in the federation metadata document of the Azure AD.
The Microsoft Dynamics NAV server will establish a trust relationship with the issuer of the tokens based on the federation metadata.
The federation metadata location is available in Windows Azure Management Portal.
It typically has the following format:
login.windows.net/.../FederationMetadata.xml
- When NAV is configured for single-tenancy, just replace the placeholder with the value of the the aad tenant id.
- When NAV is configured for multi-tenancy, and the corresponding AAD application is also configured as a multi-tenant application, use "common" as the {AADTENANTID} value.
- When NAV is configured for multi-tenancy, and each NAV tenant corresponds to an AAD tenant, which contains an AAD service principal, use "{AADTENANTID}" as the value.
NAV will automatically replace that value with the value that was used when mounting the NAV tenant.
-->
<add key="ClientServicesFederationMetadataLocation" value=""/>

<!--
The CertificateThumbprint, for the x509 certificate that is going to be used for authentication
The Certificate is required to be stored in the "local computer", "personal" folder in the certificate store and
the private key of the certificate needs to be present and exchangable (.cer file is not enough, you will need a .pfx file)
Depending on the setting below (validation), the certificate can either be self-signed or issued by a trusted CA

To issue a self-signed certificate for use on a server for testing purposes issue the following commands:

makecert -n "CN=YourServiceNameOrURL" -r -sky exchange -sv YourFileName.pvk YourFileName.cer
pvk2pfx -pvk YourFileName.pvk -spc YourFileName.cer -pfx YourFileName.pfx
certutil -importpfx YourFileName.pfx

You can optionally protect the private key with a password.
This password is only used during certificate import/export operations.

See online documentation if you want to use trusted certificates
-->
<add key="ServicesCertificateThumbprint" value=""/>

<!--
Indicate if you want to enforce validation of the certificate.

When validation is enabled, the certificate needs to be trusted, not revoked and the CN name should
match the URL of your service.

When validation is disabled you can use a self-signed certificate with no revocation list and there
are no constraint on the CN name
-->
<add key="ServicesCertificateValidationEnabled" value="true"/>
<!--
When this parameter is set to TRUE, Microsoft Dynamics NAV Server collects basic information
about your hardware configuration and how you use Microsoft Dynamics NAV software.
Microsoft uses this information to identify trends and usage patterns. When this parameter is
set to FALSE, no data is collected. The default value is FALSE.
-->
<add key="EnableSoftwareQualityMetrics" value="false"/>
<!--
Sets the data cache size. This is an abstract value with contextual meaning on the type of the item being cached.
-->
<add key="DataCacheSize" value="9"/>
<!--
Sets the number of months sessions older will be purged from the session event table.
-->
<add key="SessionEventTableRetainPeriod" value="3"/>

<!--
Timeout for Sql command
-->
<add key="SqlCommandTimeout" value="00:30:00"/>

<!--
Specifies whether to enable the SQL Buffered Insert functionality to buffer rows that are being inserted into a database table.
When this parameter is enabled, up to 5 rows will be buffered in the table queue before they are inserted into the table.
To optimize performance in a production environment, you should set this parameter to TRUE (enabled). In a test environment,
you can set this parameter to FALSE (disabled) to debug SQL insert failures.
-->
<add key="BufferedInsertEnabled" value="true"/>

<!--
Specifies whether to disable the SmartSql feature.
The SmartSql feature converts find requests and calculation of flow-fields into a single SQL statement.
-->
<add key="DisableSmartSql" value="false"/>

<!--
Default document service provider name
-->
<add key="DocumentServicesProvider" value="SHAREPOINTONLINE"/>

<!--
Specifies whether full C/AL function tracing is enabled when an ETW session is performed.
When this setting is enabled, all C/AL functions and statements are logged in an ETL log file.
-->
<add key="EnableFullALFunctionTracing" value="false"/>

<!--
Specifies whether this is a multitenant server.
When this settings is enabled multiple tenants can be mounted on the server.
-->
<add key="Multitenant" value="false"/>
<!--
Specifies when inactive SQL server connections are closed. The value specifies the age at which to close the connection.
While a connection is inactive, the age is increased by one every 30 seconds. When the age of the inactive connection reaches the specified value, the connection is closed.
A value of MaxValue means inactive SQL connections are never closed.
-->
<add key="CloseInactiveSqlConnectionsGeneration" value="10"/>
<!--
Specifies whether access to server files by C/AL file data type functions is allowed.
-->
<add key="EnableALServerFileAccess" value="true"/>
<!--
Specifies whether to log events in the Windows Application log of the computer running Microsoft Dynamics NAV Server. You can view events by using Event Viewer.
Regardless of this setting, events are always logged in the Microsoft Dynamics NAV Server event log channels of the Applications and Services Logs.
The default setting is TRUE to support backwards compatibility.
-->
<add key="EnableApplicationChannelLog" value="true"/>

<!--
Specifies the encryption provider. It can be one of LocalKeyFile or AzureKeyVault
The default setting is LocalKeyFile to support backwards compatibility.
This setting is valid only when running in legacy (single-tenant) mode.
-->
<add key="EncryptionProvider" value="LocalKeyFile"/>

<!--
Specifies the AzureKeyVault encryption provier configuration. It should be specified only when AzureKeyVault has been selected as the encryption provider and only if running in legacy (single-tenant) mode.

<add key="AzureKeyVaultClientId" value=" The guid value of the client id 00000000-0000-0000-0000-000000000000" />
<add key="AzureKeyVaultClientCertificateStoreLocation" value="The certificate store location name: LocalMachine or CurrentUser" />
<add key="AzureKeyVaultClientCertificateStoreName" value="The certificate store name: AddressBook, My, Root, TrustedPeople or TrustedPublisher" />
<add key="AzureKeyVaultClientCertificateThumbprint" value="The certificate thumbprint" />
<add key="AzureKeyVaultKeyUri" value="The key uri mykeyvault.vault.azure.net/.../MySecretKey" />
-->

<!--
Specifies the URL for Microsoft Exchange authentication metadata document of the service or authority that is trusted to sign Exchange identity tokens.
This URL is compared to the Exchange authentication metadata document URL in the Exchange identity token. The scheme and host part of the two URLs must match to pass authentication. Paths in the URLs require only partial match.
The default value is "outlook.office365.com/".

<add key="ExchangeAuthenticationMetadataLocation" value="mailhost.contoso.com:443/.../1" />
-->
<add key="ExchangeAuthenticationMetadataLocation" value=""/>

<!--
Specifies the App ID URI that is registered for Microsoft Dynamics NAV in the Microsoft Azure Active Directory.
The App ID URI is used when Microsoft Dynamics NAV web services are configured for OAuth authentication, i.e., when the ClientServicesCredentialType is AccessControlService.
The App ID URI is a logical identifier and doesn't have to represent a valid location, although it is common practice to use the physical URL of the Microsoft Dynamics NAV service.
It is typically the same as the "wtrealm" parameter of the ACSUri client setting that is found in web.config or ClientUserSettings.config files.
Example of valid AppIdUri:
https://localhost:7047/
-->
<add key="AppIdUri" value=""/>

<!--
Specifies the sign-in page that Microsoft Dynamics NAV redirects to when configured for Single Sign-On.
For Azure AD (Office 365) authentication, the WSFederationLoginEndpoint setting has the following format:
login.windows.net/<AAD TENANT ID>/wsfed?wa=wsignin1.0&wtrealm=<APP ID URI>&wreply=<APP RETURN URL>
Where
"<AAD TENANT ID>" is the ID of the Azure AD tenant, for example "CRONUSInternationLtd.onmicrosoft.com".
"<APP ID URI>" is the ID that was assigned to the Microsoft Dynamics NAV application when it was registered in Azure AD, for example "https://localhost/".
"<APP RETURN URL>" is the reply URL that was assigned to the Microsoft Dynamics NAV application when it was registered in Azure AD, for example "https://localhost/".
The following ensures that Microsoft Dynamics NAV redirects to the right sign-in page:
- When NAV is configured for single-tenancy, just write the URL with has the same format as specified above. Like the client-side ACSUri.
- When NAV is configured for multi-tenancy, and the corresponding AAD application is also configured as a multi-tenant application, use "common" as the {AADTENANTID} value.
- When NAV is configured for multi-tenancy, and each NAV tenant corresponds to an AAD tenant, which contains an AAD service principal, use "{AADTENANTID}" as the value.
NAV will automatically replace that value with the value that was used when mounting the NAV tenant, for example login.windows.net/.../wsfed

The following ensures that the Azure AD sign-in page redirects back to Microsoft Dynamics NAV correctly:
- When Microsoft Dynamics NAV redirects to the Azure AD sign-in page, it dynamically adds a wreply query parameter.
This is how Azure AD knows how to redirect back to Microsoft Dynamics NAV.
- In some cases, the dynamically added wreply query parameter is not what you want. This is the case when the public URL
is different from the private URL on which Microsoft Dynamics NAV actually lives. An example is when Microsoft
Dynamics NAV is deployed in a load-balanced environment, where the public URL is that of the load-balancer,
and the private URLs are different for each Microsoft Dynamics NAV instance.
- To enable scenarios where the public URL is different from the private URL, you must hard-code the public URL in the WSFederationLoginEndpoint.
In the following example, the public URL is www.cronusinternational.com:
login.windows.net/<AAD TENANT ID>/wsfed?wa=wsignin1.0&wtrealm=<APP ID URI>&wreply=www.cronusinternational.com/.../SignIn.aspx

- Furthermore, Microsoft Dynamics NAV may be configured to use host name-based tenant resolution, i.e., each tenant is assigned a unique
domain such as customer1.cronusinternational.com. A customer then accesses their tenant using e.g. customer1.cronusinternational.com/.../WebClient.
This implies that the public URL is different for each tenant. To support this scenario, you can specify that the host name should be dynamically
calculated by Microsoft Dynamics NAV as follows:
login.windows.net/<AAD TENANT ID>/wsfed?wa=wsignin1.0&wtrealm=<APP ID URI>&wreply=https://{HOSTNAME}/NAV/WebClient/SignIn.aspx
Microsoft Dynamics NAV replaces the placeholder with the actual request domain at runtime, resulting in:
login.windows.net/<AAD TENANT ID>/wsfed?wa=wsignin1.0&wtrealm=<APP ID URI>&wreply=customer1.cronusinternational.com/.../SignIn.aspx

- The value for AppIdUri can also be used to substitute a placeholder {APPIDURI} value with the value specified in the AppIdUri configuration setting.
login.windows.net/<AAD TENANT ID>/wsfed?wa=wsignin1.0&wtrealm={APPIDURI}&wreply=....

For ACS authentication, the WSFederationLoginEndpoint setting is a top level partition of ACS that is used to create the ACS tokens, for example "CRONUSInternationalLtd.accesscontrol.windows.net/.../wsfederation

Remarks:
- Notice the difference between ACS "wsfederation" and Azure AD "wsfed" resource
-->
<add key="WSFederationLoginEndpoint" value=""/>

<!--
Specifies the ID of this application tenant. Used when accessing data in Azure Active Directory.
The authentication token for communicating with AAD, must be retrieved preferably by specifying the AzureActiveDirectoryClientCertificateThumbprint,
with a fallback to use the AzureActiveDirectoryClientSecret.
-->
<add key="AzureActiveDirectoryClientId" value=""/>

<!--
The Secret, is going to be used with AzureActiveDirectoryClientId for AAD authentication.
-->
<add key="AzureActiveDirectoryClientSecret" value=""/>

<!--
CertificateThumbprint is for the x509 certificate that is going to be used with AzureActiveDirectoryClientId for AAD authentication.
Public certificate file (.cer) must be must be registered on the AAD Service Principal.
Private certificate file (.pfx) must be installed on the NST machine, under LocalMachine\My (the personal certificates for the local machine)
Certificates can be self signed, so it isn't nessesary for the certificate have a trusted root, but the service account must have access to the private key of that certificate.
Easy verification that the certificate is installed in the corrent location, by running this command.
PS C:\> dir Cert:\LocalMachine\My
-->
<add key="AzureActiveDirectoryClientCertificateThumbprint" value=""/>

<!--
Configures the server instance to use membership entitlement.
-->
<add key="EnableMembershipEntitlement" value=""/>

<!--
Specifies the maximum number rows that are allowed in an Excel document generated from a list in the client.
To disable the setting, set the value to MaxValue.
-->
<add key="MaxRowsToExportToExcel" value="MaxValue"/>

<!--
Configures the server instance to run the Task Scheduling Engine.
-->
<add key="EnableTaskScheduler" value="true"/>

<!--
Maximum number of scheduled tasks concurrently running.
-->
<add key="TaskSchedulerMaximumConcurrentRunningTasks" value="10"/>

<!--
Specifies the time interval between keep-alive messages that are sent from the Dynamics NAV Windows client to Dynamics NAV Server instance. This setting is used to keep inactive sessions alive until the time that is specified by the ClientServicesIdleTimeout setting expires. You should use a time interval that is less than the ClientServicesIdleTimeout.
-->
<add key="ClientServicesKeepAliveInterval" value="00:02:00"/>

<!--
Specifies whether the simplified quick filter and simplified lookup filter should be used.
A simplified filter will do a case-sensitive prefix search on the chosen column. This should enable use of the SQL indexes, improving search performance.
-->
<add key="UseSimplifiedFilters" value="false"/>

<!--
The Azure AD client ID for the Excel add-in and other OAuth clients that access the Dynamics NAV Server.
-->
<add key="ExcelAddInAzureActiveDirectoryClientId" value=""/>

<!--
Specifies whether to raise an error when C/AL code that is executed in the scope of a TryFunction writes to the database.
It is recommended to update the C/AL code to avoid writing to the database from a TryFunction. However, in cases where this is not possible, setting this value to false allows TryFunctions to write to the database, and behave as they did in Dynamics NAV 2016.
-->
<add key="DisableWriteInsideTryFunctions" value="true"/>

</appSettings>

  • In NAV Administrative tool, did you gave right database name, database server name and database instance name? Try restarting the service once you are sure of this, also so try to configure with your user id instead of network service to connect between sql server and NAV.
  • In reply to Harikiran BM:

    Thank for your responded,
    It was pointed to the right database name, server name and instance name but the config with window login of the system to connect between sql server and NAV.

    Now,
    At the Service, I right click on SQl server database instance (properties) and pointed to the "Log on" Chose Log System account and checked "Allow service to interact with desktop".
    After then, i restarted the Instance and it was working fine.
Related