Microsoft Dynamics AX Security Roles
Today’s post is going to cover everyone’s favorite Dynamics AX topic of security roles. Security has come a long way since AX 2009 and is becoming much easier to manage and maintain with each release. A common security role mistake that we see is people using the AX out of the box roles as their own company roles to modify and assign to users. This is not recommended. Below I will outline:
- Duplicating a security role
- Renaming a security role
- Adding/removing privileges duties
- Using the security permissions tool to find a specific privilege or duty
One thing to keep in mind before we review this process, is the difference between a privilege and a duty. A duty contains many privileges and a privilege provides access to a specific task or function.
1. Duplicate the out of the box security role that you want to modify in the AOT
2. Rename the security role to be specific to your company. Ex: Tridea_Accountant
3. Right click on your newly created role and click Save. AX will compile the new role and then you can close the AOT
4. You can now locate your newly created security role back in System administration > Setup > Security role
5. In order to remove privileges and duties, select the privilege/duty and click remove. To add a privilege/duty click Add and then search by privilege/duty to locate the privilege/duty you would like to add. Click close once you have selected the privilege/duty you are adding.
6. Go back to your System administrations module > Setup > Security entry point permissions. This will load your security tool.
7. Select the role you would like to view permissions for and open a node to a module you want to see access for
8. Right click on an area you want to view the privileges or duties for and click reference duty or privilege
9. Select the privilege or duty you want to add and click Add to role
by Laura Garcia, AX Application Consultant at Tridea Partners. Tridea is a Microsoft Dynamics AX partner serving Southern California.
This was originally posted here.
*This post is locked for comments