Have anyone else experienced how the Security Development Tool gets crippled if there are multiple roles having the same name? In the Norwegian translation, there are 4 different roles carrying the name "Regnskapssjef", and it appears to me like the Tool index the roles by name and when analyzing the roles they just don't add up at all.
I just hope this is a bug in the tool and not in AX 2012 itself (meaning AX2012 require the names to be unique in order to function as expected).
Anyone seeing the same?
Tommy Skaue | Dynamics AX Developer from Norway | http://yetanotherdynamicsaxblog.blogspot.no/ | www.axdata.no
In the Netherlands we have a duplicate name as well for two AR roles. Bad translation...
The tool just shows the contents of one of those roles. No mather which one of the two is selected from the list. So it is indeed a bug in my opinion.
Luckily all security setup itself is based on ID's in stead of the names. So for AX2012 security it is not a problem.
I'm not a big fan of the security tool right now. I like the insight by viewing the menu-tree or testing the role. For recording new roles it is also good, but it is way too slow and mistakes can be created easy for already existing roles. If you don't know the architecture of the security in AX2012 you can easily adjust 500 privileges and this will not affect just one but many roles.
André Arnaud de Calavon | Microsoft Dynamics AX Solution architect | My blog | My company
This post is my own opinion and does not necessarily reflect the opinion or view of my company, Microsoft, both its employees, or other MVPs.
Thanks for sharing! :-)
I have to investigate this some more. I noticed when browsing the roles in standard AX, I get a different result in some of the forms depending whether or not I am browsing using Norwegian or English (US). Again, you might be completely right about security being effective only by analyzing the actual RecId based relations. I would however feel somewhat more sure if the UI actually reflected it.
Here are two screenshots from same system, but running the client on the two languages and clicking the same role and further clicking "Override Permissions".
Interesting findings... :-)
The override permissions do have a bug as well! I checked it with the duplicate name in the Netherlands and has the same wrong behaviour. When I changed the name of the duplicate role into an unique name it was solved...
When opening the override permissions form the name of the role will be used here as well, thinking this one should be unique. See the next printscreens of the init and run method of this form. Based on the role name a record is being retrieved.
I wonder one thing....
I think they got the right record in the init method, but did an override with the wrong one in the run method... WHY?
Remove or disable the highlighted code in the second print screen and this form works correctly again. Even with the duplicate role names.
I checked this in AX2012 R2 with CU1. So is this all? Maybe not...
Unfortunately there is more. If you attempt to apply these roles to certain users, you will also notice the InfoParts showing what users having "this" role will not load the users correctly. It seems it will load the users bound to the first role having the same name, and that list only.
I guess the only viable solution is to rename the roles, making them uniquely named.
The most easy workaround is to rename the ducplicate role names indeed. At least for this moment. The names in the EN-US language are all unique out of the box.
Thanks, Andre. It is a relief to see you stand by me on this one. ;-)
I'll just mark it as answered and let the Norwegian and Dutch use this thread as an explanation for the Security Role discrepancies.