Active Directory user topology
Before you install or deploy Microsoft Dynamics AX, carefully plan the user topology of your Active Directory directory service. Before being made Microsoft Dynamics AX users, all users must first be defined in Active Directory. You can import Active Directory users based on a variety of search criteria in the Active Directory Import wizard. The computers running Microsoft Dynamics AX must have access to computers in the same domain running Active Directory configured in native mode.
Document Active Directory structures
Work with your system administrator to understand the existing Active Directory structures. Existing Active Directory structures do not require modifications to be used to support Microsoft Dynamics AX users within the domain. If you do not have Active Directory installed and configured, refer to the best practices in the deployment kit of your Microsoft Windows Server operating system.
Determine domain requirements for Internet-facing Enterprise Portal sites
If external user access to Enterprise Portal is required, domain accounts must be set up for external users. For details about setting up Web users, see the Server and Database Administration Guide. The location of the external user domain accounts depends on the structure of your perimeter network. You can secure Enterprise Portal using either a traditional perimeter network or a standard perimeter network.
A traditional perimeter network enhances the security of the Enterprise Portal configuration by using two firewalls and two domain controllers to restrict access to Microsoft Dynamics AX data. We recommend using a traditional perimeter network for your Enterprise Portal network environment. If a traditional perimeter network is not a feasible option for your organization, consider using a standard perimeter network that uses Microsoft ISA Server as your perimeter network's firewall server. You can access the Microsoft Business Solutions Perimeter Network Configuration Wizardon the Web to help you install and configure your standard perimeter network
For more information on setting up the perimeter network, see the Enterprise Portal Administration Guide.
Create special accounts for required functionality
You must create dedicated domain accounts that are required by different components of Microsoft Dynamics AX. For details on security requirements for Microsoft Dynamics AX servers, see the Installation Guide.