At my wits end with AX User Security

This question has suggested answer(s)

There is a report in AR -> Reports -> External -> Customer Account Statement

When I run this report as an Admin, for a specific customer, I get a report generated as expected.  When I run it as one of our AR Manager users (who have been given Full Control over the entire AR security tree), I get "Report is empty".

Obviously, some kind of security access is missing for these users, but I have not been able to figure out what it is after searching for hours.  Given that the report prompt actually displays, I know it isn't a security setting for the report itself, but must somehow be related to data which that report is trying to access.  Setting Full Control and Cascade on the Account Statement security key does nothing to help.

Can anyone give me any pointers?  How do I figure out where this security is breaking down?

Thanks!

- Matt

All Replies
  • Hi Jackson,

    In the user group permissions form, under:  (Viewing: Security) AR > reports > Customer account statement (report) & Customer account statement (tmp table)

    Can you confirm that the report has view access and the tmp table has full control access?

  • Yes, the group has both of those access settings.  Still getting the "Report is Empty" message for those users, but not for Admins.

    In further testing, I have gotten the report to work for a test user by giving them Full Control over BOTH AR and GL.  When I take GL away, it stops working.  So it would seem that some part of the data for the report needs to come from that area, but I have had no luck in figuring out what that may be.  Giving full control over GL to the AR users is not an option.

  • Hi Jackson,

    It seems weird that you are not getting a "Not enough access..." error when you run the report and are instead getting report is empty.

    This sounds silly but please make sure that the user tests in the same company you are testing in.

    Also, take away all GL permissions except for table permissions.  You should have those two keys open that i mentioned above.  If it works with those two keys and GL permissions at least you have it narrowed down to a table problem.

    I took just a few minutes to look at the class that drives this report and it uses a bunch of different tables but tables used in a class ignore permissions all together.

  • There are probably some General Ledger and Bank tables invoked in this report.  Adding read access to all the tables under GL, Bank and A/R may resolve your issues.  If they persist, try Basic/Tables and Admin/Tables.

  • I am also facing the same issue! I have tried all the suggested steps but still no go.Now the only step left is to give full access Customer account statement (tmp table) but not able to find this table.

    Need help!

  • Did you ever resolve this? Having the exact same issue. Very frustrating!

  • I'd recommend running the report under admin while doing a sql trace. Figure out the tables you need access to, and then make sure that those groups have access to those tables.

    There's also the AX2009 security profiler which sounds like it does this work for you, but I haven't tried it out yet.

    blogs.msdn.com/.../ax-2009-securityprofiler-tool.aspx

  • The security profiler is hit and miss really. I do have it installed, but it isn't giving me any additional info on this report.

    I will give a sql trace a try. Thanks for the suggestion.

  • I just ran into the same problem.  For me I needed to grant View access to:  GL->Miscellaneous->Transaction reversal on the "User group permissions" form