Guide to Understanding D365 Business Central User Security and Setup    

by | February 19, 2021 | Dynamics 365 Business Central

Here is your guide to understanding D365 Business Central user security and setup. In Dynamics 365 Business Central, there are two different areas related to user security & setup – Profiles (Roles) and Permissions.

User Profiles (Roles) in Business Central

The first area is the User Profiles (Roles).  This allows administrators to set up what a user sees across the system from the role center (homepage) to individual pages and lists throughout the system.  Navigate to Profiles to see what is available out of the box.  Select Profiles (Roles) to open the page.

user profiles roles

Within the Profiles (Roles) page there are a number of different Profiles available out of the box from Microsoft.  Users can also create their own Profiles from scratch or by copying an existing role to start from that. In smaller companies, there may only be a need to have 1 default Profile that is assigned.

out of the box profiles

To create and new Profile, click on the +New button on the ribbon or use the actions à copy action to build based on an existing profile. Here you can create the Profile ID and Display Name along with a Description of the Profile.  You can also define if this Profile should be used as the default profile when setting up new users.

create new profiles

To customize what the users will see, click on the Customize pages button on the ribbon.  This will open the home page of your instance in customization mode.  In the top left-hand corner after choosing customize pages, you will want to choose unlock to be able to begin making changes. Users can rearrange, remove, and add to the pages/lists across the whole system. The designer can go into each of the pages that require changes and make the subsequent changes or do this piece by piece as the profile (role) will keep track of all changes.  When you have completed your changes in this session, click on the Done button for this to save and register those changes in the profile (role).

customize profiles view

Once you click on Done, you will receive the message below.

confirmation message

Back on the Profile page, the changes have been saved to the Profile and can be cleared per page if needed in the event of mistakes.

The next step is to assign the Profile to your users.  To do this, stay on the Profiles page, click on Related > User Personalization List

assign a profile to your users

This will open the User Personalization page.

user personalization page

Select the user that you want to assign the Profile to and click on Manage > Edit

user personalization manage

This will open the User Personalization Card.

user personalization card

Choose the Profile ID that you want to assign to the user.  Then close out of the page.

Permissions in Business Central

Permissions are how you can set up what a user has access to and what actions they can or cannot perform in Business Central.

To look at the out-of-the-box Microsoft Permissions, navigate to Permission Sets as shown below.

permission sets

The Permission Sets page allows you to define and assign access and activities down to a granular level.

From the top, there are out-of-the-box Permission Sets available based on a particular area like Accounts Payable and Accounts Receivable that cover most of the actions a user would need to do when accessing that module in the system.

***Please note that only user-defined permission sets can be altered so if you want to adjust an out of the box permission set or create one yourself, you will need to create a permission set using the + icon at the top of the list or by copying an existing permission set and modifying that.

permission sets overview

We’ll look at Accounts Payable – I know the screenshot is very small, however, this gives you an idea of how many specific tables there are that users need access to in order to do their jobs.

accounts payable tables

The options for granting different types of access are across the page and include:

  • Read – read-only access – the user can view but not make any changes to the data
  • Insert – the user can create new records
  • Modify – the user can make changes to the existing records
  • Delete – the user can delete records
  • Execute – the user can run this object
  • Security Filter – limit the users access based on a filter – for example, if a user can create a payment journal but cannot create a cash receipts journal – the screenshot below shows that the user is limited to entering Payment Journals

accounts payable table filter

With all of the information needed to grant and restrict access, there must be an easier way to do this.  There is – users can record the actions that other users can perform and Business Central will populate the data in this table based on the recording.

Let’s assume that a user can create a new vendor and look at the history of that vendor.  The following steps would be followed to create this Permission Set:

  1. On the Permission Sets page, click the +New button and define the new Permission Set
  2. Open the Permissions window
  3. Click on Start and answer Yes to start the recording
  4. Go to Purchasing > Vendors
  5. Click on +New and add the new vendor
  6. Click on Vendor > Ledger Entries
  7. Navigate back to the Permissions page and click on Stop
  8. Answer Yes to add the recorded Permissions – this will add all of the needed tables and code units that are required

tables shortcuts

Next, you can assign the Permission Set to the users.  Click on Permission Set by User, scroll to the new Permission Set and check the box for each user that should have access to the new permission set.

assign the permission set to user

assign the permission set to user overview

For additional information on setting up Permissions and Profiles for users, follow the link below:

This article was co-authored by Jack Peterson, view more blogs by Jack here

Related Posts


Submit a Comment

Your email address will not be published. Required fields are marked *

Upcoming Events


02jun2:00 pm2:30 pmBusiness Intelligence for Batch Manufacturers

16jun10:00 am10:30 amHow AP automation can speed up month-end close in D365 Finance

17jun11:00 am12:00 pmConfab Live with Stoneridge – Real Time Marketing Strategies for Success

23jun10:00 am10:30 amThe Modern Manufacturer: Cost Accounting in D365

30jun10:00 am10:30 amAP Automation Checklist for a 2022 Rebound

30jun2:00 pm2:30 pmAchieving Success: How Technology Is Helping Nonprofits Thrive


01jul11:00 am12:00 pmConfab Live with Stoneridge – Dataverse Virtual Entities

14jul12:00 pm12:30 pmBeyond Reporting - What Business Intelligence Can Do For Your Agribusiness

14jul2:00 pm3:00 pmMastering the Production Floor

15jul11:00 am12:00 pmConfab Live with Stoneridge – Integration Strategies for End User Success

21jul10:00 am10:30 amThe Modern Manufacturer: Manufacturing Software in the Real World

21jul12:00 pm1:00 pmIs it Worth it to Upgrade to Dynamics 365 Finance and Supply Chain Management? - Everything AX Users Need to Consider

28jul2:00 pm2:30 pmConsiderations for Successful Testing Plans for Major Releases of Dynamics 365 Finance and Supply Chain Management

About Stoneridge
Stoneridge Software is a unique Microsoft Gold Partner, with emphasis on partner. With specialties in Microsoft Dynamics 365, Microsoft Dynamics AX, Microsoft Dynamics NAV, Microsoft Dynamics GP and Microsoft Dynamics CRM, we focus on attracting the most knowledgeable experts in the field to our team, and prioritize delivering stellar solutions with maximum impact for your business. At Stoneridge, we are deeply committed to your results. Each engagement is met with a dedicated team, ready to provide thorough, tailored, and expert service. Based in Minnesota, we intentionally “step into your shoes,” wherever you are. We focus on what you care about, and develop trusting, long-term relationships with our clients.

Subscribe To Our Blog

Sign up to get periodic updates on the latest posts.

Thank you for subscribing!