web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

🚀 Season of Sharing Community Challenge Launch!
Ask A Community Pro
Introducing our New Video Series: Community Spotlight
News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Small and medium business | Business Central, N... / Security groups & effe...
Small and medium business | Business Central, N...
Unanswered

Security groups & effective permissions

(0) ShareShare
ReportReport
Posted on by RK-24041411-0 24

In Business Central, a user has multiple Security Group permission sets assigned. Two of these groups both include the same underlying system permission set, which grants permissions on Table Data, Object ID 21 (Customer Ledger Entry).

One security group is intended for read-only access and the other for read/write access including Modify permission.

The Problem:

The read/write security group has Modify permission defined for Table Data, Object ID 21, but when checking the user's Effective Permissions, Modify shows as blank — meaning it is not being applied.

However, when Modify = Yes is added to the read-only security group's direct line for Table Data, Object ID 21, it immediately shows up correctly in Effective Permissions.

This is unexpected behavior — the Modify permission should be coming from the read/write security group, not the read-only one.

Additional Observation:

In the read/write security group, Table Data, Object ID 21 does not appear as a direct line in the permission set. However, it does appear in the Expanded Permissions view of that set — meaning the permission is inherited from one of the included system permission sets within the read/write group.

This means:

Background:

  • Read/write security group → includes a system permission set → Table Data 21: Insert = Indirect, Delete = Indirect, Modify = not defined
  • Read-only security group → has direct line for Table Data 21: Read = Yes, Modify = blank
  • User Effective Permissions → Table Data 21: Insert = Indirect, Delete = Indirect, Modify = blank
  • The read/write group indirectly grants Insert = Indirect and Delete = Indirect on Table Data 21 via an included system set — but Modify is not defined in that system set
  • The read-only group has a direct explicit line for Table Data 21 with Read = Yes and Modify = blank
  • The blank Modify from the read-only group appears to be overriding or cancelling the permissions coming from the read/write group
My Questions:
1. What could be causing this problem?
2. How to solve it?

     
Categories:
Dynamics 365 Business Central
I have the same question (0)

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

🚀 Season of Sharing Community Challenge Launch!
Ask A Community Pro
Introducing our New Video Series: Community Spotlight

Quick Links

Season of Sharing Community Challenge Launch!

Jump in, show your community spirit, and win prizes!

Women in Power Builds Momentum

Expanding mentorship, skilling, and AI innovation

Congratulations to the May Top 10 Community Leaders

These are the community rock stars!

Leaderboard > Small and medium business | Business Central, NAV, RMS

#1
OussamaSabbouh Profile Picture

OussamaSabbouh 2,050 Super User 2026 Season 1

#2
YUN ZHU Profile Picture

YUN ZHU 1,441 Super User 2026 Season 1

#3
Grigorios Mavrogeorgis Profile Picture

Grigorios Mavrogeorgis 1,175 Super User 2026 Season 1

Last 30 days Overall leaderboard

Featured topics

Microsoft Training Manuals

Product updates

Dynamics 365 release plans