The need for anonymous Access
Enterprise portal (EP), being a combination of several standard Microsoft technologies (Dynamics AX, IIS, WSS/MOSS, AD), is intended to extend the functionality available on a Dynamics AX client onto a web-based portal. Typically, EP deployments are made either on an intranet or extranet environment. In the former case, the site aims at exposing functionality to users (typically employees) in order to allow them to participate in business processes using only a web browser, while connected to the corporate network. The later deployment is classically used in a context where employees, vendors and customers can use a web browser, without being connected to the corporate network, to perform specific actions. These users have their own accounts in AD and AX and are thus authenticated when they connect to the EP site.
On a different perspective, an internet facing deployment does not require users to be authenticated on the AD, which means that they will be using the Dynamics AX guest account in order to interact with the system. Usually, these interactions involve browsing a product catalog, view marketing campaign questionnaires etc. In order to allow the anonymous users to effectively interact with an EP site, several configuration steps are needed on each of the underlying technologies.
Enabling anonymous Access
“Anonymous” access at the AX Level
Non-authenticated users can access an Enterprise Portal site through the use of the Dynamics Ax guest account. The Guest user account allows anonymous Web users to log onto the Microsoft Dynamics AX Enterprise Portal customer site with limited functionality. The Guest account is created automatically during installation and is disabled by default. Administrators must enable the Guest account in order for anonymous users to have access to the Enterprise Portal customer site. To do this, follow these 4 easy steps:
- From a Microsoft Dynamics AX client, go to Administration > Users
- On the tab, select the Guest user account.
- Select the enabled check box.
- Close the form to save changes.
Next, you should create a guest user group, in order to organize all guest permissions.
Anonymous access at the IIS Level
You also need to enable anonymous access at the IIS level. To do this, open the IIS manager (Start/Administrative tools/ IIS manager). Select your site collection from the sites folder, ad select authentication from the IIS Area. Select Anonymous Authentication and under the actions pane, select enable.
Anonymous access at the SharePoint Level
Finally, you need to enable guest access at the Enterprise portal level (SharePoint). To do this, open the SharePoint Central Administration site and navigate to the Application management tab. Under the Application Security group, select Authentication providers and select your provider. Under Anonymous Access, select the Enable Anonymous Access checkbox.
Once you have enabled guest access on the SharePoint central administration, you need to grant access to the anonymous users on the different SharePoint sites and libraries. Go to site administration: Site actions/advanced Permissions/ under the settings action bar select Anonymous access, and choose: entire site. Once this is done, you can then set individual access to libraries or sites by breaking the SharePoint security inheritance.
Once this is done your site is now ready to receive its first anonymous users.
