Dynamics AX 4.0
Before implementing an Microsoft Dynamics AX system, you should carefully plan the system topology.
 Note |
|---|
This topic describes network and system topologies, not how a Microsoft Dynamics AX system communicates internally. For information on architecture, see Microsoft Dynamics architecture.
|
- With your customer, define and document:
- Number of transactions
- Number of users
- Uses of system (modules and features to be implemented)
- External user access required
- Web access required
- Required availability
- Projected growth rate
- Number of sites
- Evaluate and document the existing infrastructure:
- Bandwidth
- Operating system
- Databases present
- Applications to integrate
- With this information in hand, you can start to determine how to structure the system. Key decisions are:
- Whether any Microsoft Dynamics AX computer roles can be combined on a single computer, and if they can, which to combine
- Whether to create network load-balanced clusters to host the Application Object Server (AOS)
- Whether to create network load-balanced clusters to host the database
- Whether to have a cold, warm or hot backup system for the database
If your customer does not have users outside their domain (external users) that need to access data, you can use one of the following basic topologies.
| Note |
|---|
Although you can install Microsoft Dynamics AX on a single computer for development and trial purposes, we recommend that you do not install a production system on a single computer.
|
The figure below shows one of the more common topologies that uses three computers:
The figure below shows a core system topology running on clustered servers.
| Note |
|---|
If you choose to install the application file server on the AOS cluster, it should only be installed on a single computer in the cluster.
|
Enterprise Portal can be set up to run for an intranet-only scenario, or it can be set up to run in an Internet-facing scenario.
Intranet-only Enterprise Portal
The figure below shows a topology for a simple intranet-only Enterprise Portal.:
The figure below shows a larger-scale intranet-only Enterprise Portal.
Internet-facing Enterprise Portal
There are two recommended topologies for Internet-facing Enterprise Portal--which you use depends on the configuration of the perimeter network.
The primary difference between the two topologies is how access to Enterprise Portal is managed for external users.
The following sections describe two options for configuring a perimeter network to support Microsoft Dynamics AX.
Standard perimeter network
In this configuration, called a standard perimeter network, the Active Directory domain contains:
- All internal users to be added to Microsoft Dynamics AX.
- Special users required for Microsoft Dynamics AX functionality.
- An organizational unit containing any users from outside the organization that require Enterprise Portal access. These users' rights must be restricted in the following ways:
- Cannot log on locally
- Cannot access networkThe organizational unit can contain other organizational units, as long as the top node is associated with Microsoft Dynamics AX.
The following illustration shows a standard perimeter network configuration.
Traditional perimeter network
This configuration, called a traditional perimeter network, contains two Active Directory domains. The internal domain contains:
- All internal users to be added to Microsoft Dynamics AX.
- Special users required for Microsoft Dynamics AX functionality.
- Group required for application integration server functionality.
The perimeter network contains:
- A second domain controller with a one-way trust relationship to the first domain controller that contains any users from outside the organization that require Enterprise Portal access. These users cannot have any rights in the internal domain, and their rights must be restricted in the following ways in the perimeter network domain:
- Cannot log on locally
- Cannot access networkOn the Enterprise Portal computer, you must override the group policy set to cannot access network to allow access to that computer.
The following illustration shows a traditional perimeter network configuration.
Aucun commentaire:
Enregistrer un commentaire