Security 101 in Dynamics AX 2012

by | Feb 28, 2013 | Dynamics AX, Installation, Security, Set Up

Security was a topic that I became well versed in during my years on the Microsoft Dynamics AX support team and as a Partner Technical Consultant for Dynamics AX.  Therefore, I wanted to do a series of blog articles covering some things that I have learned.  I decided to start by covering the basics of security in Dynamics AX 2012.

Security was completely re-designed in Dynamics AX 2012.  This resulted in some benefits such as having out of the box roles to assign users to, but it meant that there was a learning curve to setup security.  Another large change to security in Dynamics AX 2012 was the development aspect that was added.  While you can maintain security and do some setup of security in the Dynamics AX client, most of the work to create security objects is done in the AOT.  So let us look at the nodes under Security in the AOT.

Security Node in AOT

 

Roles – These are the security roles that you create to assign to users.  These are typically going to be created around jobs/positions that exist within the organization.  An example of this is the Accounts Payable clerk role.

Duties – I like to think of duties as tasks, specifically the tasks that you would need to do as part of your job/position which are considered roles in Dynamics AX.  An example of this would be ‘Maintain vendor invoices’ which is assigned to the Accounts Payable Clerk role.

Privileges – These are the specific forms, reports, etc that a user needs to perform a task and the level of access that is required.  Permissions are made up of entry points and the level of access.  Entry points are menu items (forms, reports, actions), web, services.  An example would be the ‘VendTransMaintain’ privilege that is part of the ‘Maintain vendor invoices’ duty.

Code Permissions – These are used when you have a menu item that is running a method of a class.  Code Permissions allow you to specify access levels to forms, tables, web controls, and reports that are related.  On example of this would be the VendEditInvoice code permission which deals with the executeTransfer method of the subledgerJournalTransferOperation class.  It also involves permissions to the VendEditInvoice form.

Process Cycles – These are used to group duties together so that it is easier to find them when searching in the Dynamics AX client to create or modify a role.  For example, let’s say you are trying to add the Approve Vendor Invoices duty to the Accounts Payable Clerk role. It is easy to use process cycles because the find feature is available, as opposed to if you try to use the Duty/privilege view by option as the find is greyed out.

Policies – These are used to restrict what data a user is able to see in a form or report.  This is the new method in Dynamics AX 2012 to limit data similar to what you have with record level security.  With this feature you create a query with restrictions.  Then, you create a security policy that can be applied to a security role.  For example, if you wanted to limit your account payable clerks from seeing retail vendors, you could create a query on the vendor group table with a range that limits the retail vendors.  You would then create a policy that includes this query and security role.

Now that you have a brief explanation of the security nodes in the AOT you are ready for my next blog articles that cover how to remove a field from a form for certain users.

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Upcoming Events

april

08apr10:00 am10:30 amLicensing Preparedness for Dynamics 365 Customer Engagement

08apr12:00 pm1:00 pmMaking Project Information Management (PIM) a Priority

08apr2:00 pm2:30 pmFeatures in the Spring Release of Dynamics 365 Customer Engagement Users Can Take Advantage of Immediately

09apr11:00 am12:00 pmConfab With Stoneridge - Livestream - Portals

13apr11:30 am12:30 pmStoneridge Connect Online Keynote: Business Transformations Throughout History

14apr8:00 am5:00 pmStoneridge Connect Online - Day 1

15apr8:00 am5:00 pmStoneridge Connect Online - Day 2

15apr1:15 pm5:00 pmWhat’s New for Developers in Dynamics 365 Finance and Supply Chain Management – Online Workshop

16apr8:00 am5:00 pmStoneridge Connect Online - Day 3

22apr11:00 am12:00 pmPower BI and Reporting with Dynamics 365 Business Central

22apr2:00 pm2:30 pmNew Features for Power Apps Users

23apr11:00 am12:00 pmConfab With Stoneridge - Livestream - Internet of Things (IoT)

29apr10:00 am11:00 amStreamlining Customer Service and Enabling Your Sales Team with a Self-Service Portal

29apr12:00 pm12:30 pmUpdates to the Dynamics 365 Customer Engagement User Experience - What Technical Resources Need to Know

may

06may12:00 pm12:30 pmPower Apps Telemetry and AI Builder - Power Platform Updates

06may2:00 pm2:30 pmImprove Customer Experience with a Mobile Workforce Management Solution

07may11:00 am12:00 pmConfab With Stoneridge - Livestream - Manufacturing

13may12:00 pm1:00 pm3 Simple Sets Your Business Can Take to Embrace the Future of B2B E-Commerce

21may11:00 am12:00 pmEnterprise Asset Management and Manufacturing

About Stoneridge
Stoneridge Software is a unique Microsoft Gold Partner, with emphasis on partner. With specialties in Microsoft Dynamics 365, Microsoft Dynamics AX, Microsoft Dynamics NAV, Microsoft Dynamics GP and Microsoft Dynamics CRM, we focus on attracting the most knowledgeable experts in the field to our team, and prioritize delivering stellar solutions with maximum impact for your business. At Stoneridge, we are deeply committed to your results. Each engagement is met with a dedicated team, ready to provide thorough, tailored, and expert service. Based in Minnesota, we intentionally “step into your shoes,” wherever you are. We focus on what you care about, and develop trusting, long-term relationships with our clients.

Subscribe To Our Blog

Sign up to get periodic updates on the latest posts.

Thank you for subscribing!

X