Breaking news from around the world
Get the Bing + MSN extension
Choose your path Increase your proficiency with the Dynamics 365 applications that you already use and learn more about the apps that interest you. Up your game with a learning path tailored to today's Dynamics 365 masterminds and designed to prepare you for industry-recognized Microsoft certifications.
Visit Microsoft Learn
2019 release wave 2 Discover the latest updates and new features to Dynamics 365 planned through March 2020
Release overview guides and videos Release Plan | View virtual launch event
Ace your Dynamics 365 deployment with packaged services delivered by expert consultants. | Explore service offerings
Connect with the ISV success team on the latest roadmap, developer tool for AppSource certification, and ISV community engagements | ISV self-service portal
The FastTrack program is designed to help you accelerate your Dynamics 365 deployment with confidence.
FastTrack Program | Finance TechTalks | Customer Engagement TechTalks | Talent TechTalks | Upcoming TechTalks
We have AX support staff who need to use AOT to trobuleshoot issues reported by end users, however, giving AOT can direct access and overwrite value in database/tables, it is a compliance issue. How can we restrict the support staff can view-only in AOT but not modify the database in AOT?
No, it's not possible. Only System administrator role has access to AOT and it has full access.
Thanks for your prompt response. Any work around I can achieve the compliance while allow the feasbility for support staff in troubleshooting?
What kind of issues are you having, which need AOT access to be resolved? I would expect that in almost all cases the issues would be resolvable by looking at the AX user interface.
If you always have issues with certain tables, you can develop forms that show data from these tables. Then allow your support staff to access these forms.
Finaly, you can grant your support staff read-only access to AX database. But I can't imagine that this would be needed. I would really try the other approaches first.
Read-only AOT access can't be granted. I would assume you don't need all the time and of customer has concern, then something like screen share during issue review can be done (not the best alternative). We have had instance where customer support team is on call while accessing production. If issue needs more through analysis, consider environment restore to lower environment.
Also use this restriction to your leverage. When you move to D365, no one has AOT access @ production. Max access is table browser and that is read only.
What is the reason that they have to use the AOT? If it is about browsing records in the table browser, consider providing an option to start this from the user interface.
Business Applications communities