Question Status

Verified
Nadeem Bhatti asked a question on 26 Mar 2014 5:03 AM

I am working AX 2012 security privileges and duties. To give duties of Account Payable I have create a cycle -> privilege -> duty.  In duty section I have open the Rich Client and clicking each node because I have give full rights to some user. Is it a good way? to give rights of any module in dynamic AX.

Or please suggest me some better way how I can give full module rights to any user as I am thinking the current way I am following is a complicated way.

Reply
Verified Answer
André Arnaud de Calavon responded on 27 Mar 2014 6:20 AM

Hi Nadeem,

In this case you can use the Security Development Tool to get insights which privileges and/or duties are used for the menu entries.

You can also search the form or menu-item in the AOT. Then right click, Add-ins, Security tools, View related security roles. This will give you a list of the roles, duties and privileges with the corresponding access level. Note that when you have searched for a report, the standard duty and privilege can  give access to more objects.

kind regards,

André Arnaud de Calavon  |  Microsoft Dynamics AX Solution architect  |  My blog  |  My company

This post is my own opinion and does not necessarily reflect the opinion or view of my company, Microsoft, both its employees, or other MVPs.

Reply
Suggested Answer
André Arnaud de Calavon responded on 26 Mar 2014 5:33 AM

Hi Nadeem,

If you want to create a role to grant all menu items, you can actually open the AOT. Open two forms with the AOT tree. Search for the role you newly created in one of the tree forms. The other form, search for the duties. Select them all and drag and drop the duties on the Duties section of the Security role.

kind regards,

André Arnaud de Calavon  |  Microsoft Dynamics AX Solution architect  |  My blog  |  My company

This post is my own opinion and does not necessarily reflect the opinion or view of my company, Microsoft, both its employees, or other MVPs.

Reply
Suggested Answer
Patrick Hawker responded on 26 Mar 2014 6:14 AM

Hi,

I would suggest you take a look at the Security development tool to assist in this process. I've found a blog that you can have a look at below:

amllpdynamics.blogspot.co.uk/.../using-the-security-development-tool-in-microsoft-ax-2012.html

(you do need to install this tool however)

technet.microsoft.com/.../hh859727.aspx

I plan on writing my own blog on the subject soon but till then I do have other bit of info that you might be interested in:

patrickhawker.wordpress.com/.../security-part-1

Regards

---------------------------------------------------------------------------------------------------

Please read my blog at: http://patrickhawker.wordpress.com/ 

Follow me on twitter at: https://twitter.com/Patrick_Hawker 

Reply
Suggested Answer
Kumar Gaurav responded on 26 Mar 2014 11:33 PM

Any privilege in ideal case scenario should flow to role through task, that way it will be modular, reusable and prism.

Reply
Suggested Answer
André Arnaud de Calavon responded on 27 Mar 2014 12:46 AM

Hi Nadeem,

Please follow these steps...

Note that this is an easy, quick way, but it will include all duties. To have all funcitonality available you can remove the 'Inquire into' Duties. Maybe clean up some more duties.  Loading security might be slower when all duties are included. But you can try it first without the clean up.

First open two AOT windows. Left is my new Role and the Duties are still empty. In the right window the first Duty is selected.

Use the scrollbar to scroll down, in this step do not click any node until you found the last Duty. Then hold the Shift button and select the last Duty.

Now drag and drop all dutiies into the Duties section of the new role.

Save the Role and you have completed the role with access to all functionality.

 

kind regards,

André Arnaud de Calavon  |  Microsoft Dynamics AX Solution architect  |  My blog  |  My company

This post is my own opinion and does not necessarily reflect the opinion or view of my company, Microsoft, both its employees, or other MVPs.

Reply
Suggested Answer
Patrick Hawker responded on 27 Mar 2014 7:24 AM

Hi,

I've written a blog about using the security tool if you want have a look at that and see if that helps.

patrickhawker.wordpress.com/.../security-part-3-security-development-tool-recording

Regards

---------------------------------------------------------------------------------------------------

Please read my blog at: http://patrickhawker.wordpress.com/ 

Follow me on twitter at: https://twitter.com/Patrick_Hawker 

Reply
Suggested Answer
André Arnaud de Calavon responded on 26 Mar 2014 5:33 AM

Hi Nadeem,

If you want to create a role to grant all menu items, you can actually open the AOT. Open two forms with the AOT tree. Search for the role you newly created in one of the tree forms. The other form, search for the duties. Select them all and drag and drop the duties on the Duties section of the Security role.

kind regards,

André Arnaud de Calavon  |  Microsoft Dynamics AX Solution architect  |  My blog  |  My company

This post is my own opinion and does not necessarily reflect the opinion or view of my company, Microsoft, both its employees, or other MVPs.

Reply
Suggested Answer
Patrick Hawker responded on 26 Mar 2014 6:14 AM

Hi,

I would suggest you take a look at the Security development tool to assist in this process. I've found a blog that you can have a look at below:

amllpdynamics.blogspot.co.uk/.../using-the-security-development-tool-in-microsoft-ax-2012.html

(you do need to install this tool however)

technet.microsoft.com/.../hh859727.aspx

I plan on writing my own blog on the subject soon but till then I do have other bit of info that you might be interested in:

patrickhawker.wordpress.com/.../security-part-1

Regards

---------------------------------------------------------------------------------------------------

Please read my blog at: http://patrickhawker.wordpress.com/ 

Follow me on twitter at: https://twitter.com/Patrick_Hawker 

Reply
Nadeem Bhatti responded on 26 Mar 2014 11:22 PM

Thanks Calavon

Can you please explain it little more detail, as I do not understand what I have to do correctly. However I am trying If I can get luck.

Reply
Suggested Answer
Kumar Gaurav responded on 26 Mar 2014 11:33 PM

Any privilege in ideal case scenario should flow to role through task, that way it will be modular, reusable and prism.

Reply
Suggested Answer
André Arnaud de Calavon responded on 27 Mar 2014 12:46 AM

Hi Nadeem,

Please follow these steps...

Note that this is an easy, quick way, but it will include all duties. To have all funcitonality available you can remove the 'Inquire into' Duties. Maybe clean up some more duties.  Loading security might be slower when all duties are included. But you can try it first without the clean up.

First open two AOT windows. Left is my new Role and the Duties are still empty. In the right window the first Duty is selected.

Use the scrollbar to scroll down, in this step do not click any node until you found the last Duty. Then hold the Shift button and select the last Duty.

Now drag and drop all dutiies into the Duties section of the new role.

Save the Role and you have completed the role with access to all functionality.

 

kind regards,

André Arnaud de Calavon  |  Microsoft Dynamics AX Solution architect  |  My blog  |  My company

This post is my own opinion and does not necessarily reflect the opinion or view of my company, Microsoft, both its employees, or other MVPs.

Reply
Nadeem Bhatti responded on 27 Mar 2014 3:30 AM

Thanks again Calavon,

Hope our this effort will help lot of others. Ok I got in this way I assign full rights to a role. One more question here how I will come to know which duty is related to which module like "Account payable". Mover over how I will identify the duties for Journal and report. Because I have to assign Journal and reports right to the user.

I try to soft it out but I do not find it by any naming convention that I can find the duties for "Account Payable" or "Account Receivable" etc.

Reply
Verified Answer
André Arnaud de Calavon responded on 27 Mar 2014 6:20 AM

Hi Nadeem,

In this case you can use the Security Development Tool to get insights which privileges and/or duties are used for the menu entries.

You can also search the form or menu-item in the AOT. Then right click, Add-ins, Security tools, View related security roles. This will give you a list of the roles, duties and privileges with the corresponding access level. Note that when you have searched for a report, the standard duty and privilege can  give access to more objects.

kind regards,

André Arnaud de Calavon  |  Microsoft Dynamics AX Solution architect  |  My blog  |  My company

This post is my own opinion and does not necessarily reflect the opinion or view of my company, Microsoft, both its employees, or other MVPs.

Reply
Suggested Answer
Patrick Hawker responded on 27 Mar 2014 7:24 AM

Hi,

I've written a blog about using the security tool if you want have a look at that and see if that helps.

patrickhawker.wordpress.com/.../security-part-3-security-development-tool-recording

Regards

---------------------------------------------------------------------------------------------------

Please read my blog at: http://patrickhawker.wordpress.com/ 

Follow me on twitter at: https://twitter.com/Patrick_Hawker 

Reply