web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

🚀 Season of Sharing Community Challenge Launch!
Ask A Community Pro
Introducing our New Video Series: Community Spotlight
News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Microsoft Dynamics 365 | Integration, Dataverse... / Clarification on Secur...
Microsoft Dynamics 365 | Integration, Dataverse...
New Discussion

Clarification on Security Structure – Why Separate View and Maintain Privileges in the Same Duty?

(1) ShareShare
ReportReport
Posted on by Bogdan Pristinskyi

Hello everyone,

I’m looking for clarification regarding security design best practices in Dynamics 365 Finance & Operations.

Currently, I have the following security structure:

Role  
 └── Duty  
      ├── View Privilege (Read access to menu item)  
      └── Maintain Privilege (Update access to same menu item)

Both privileges are inside the same Duty, and that Duty is assigned to a Role.

When I assign this Role to a user, the user effectively receives Maintain (Update) access, since Update already includes Read access.

My question is:

- If Maintain already includes Read, what is the purpose of keeping the View privilege inside the same Duty?

- Is this considered good practice, or should View and Maintain be separated into different Duties to support role flexibility?

From my understanding, separating them would allow:

  • One role to have View-only access
  • Another role to have Maintain access
  • Better alignment with the least privilege principle

However, if both privileges are always assigned together within the same Duty, the View privilege seems redundant.

I would appreciate guidance on:

  • Microsoft best practice for structuring View vs Maintain privileges
  • Whether Duties should represent business responsibilities rather than access levels
  • How this is typically handled in enterprise implementations

Thank you in advance for your insights.

Categories:
Dynamics 365 general

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

🚀 Season of Sharing Community Challenge Launch!
Ask A Community Pro
Introducing our New Video Series: Community Spotlight

Quick Links

Season of Sharing Community Challenge Launch!

Jump in, show your community spirit, and win prizes!

Women in Power Builds Momentum

Expanding mentorship, skilling, and AI innovation

Congratulations to the May Top 10 Community Leaders

These are the community rock stars!

Leaderboard > Microsoft Dynamics 365 | Integration, Dataverse, and general topics

#1
Subra Profile Picture

Subra 146

#2
BillurSamdancioglu Profile Picture

BillurSamdancioglu 85 Most Valuable Professional

#3
Abhilash Warrier Profile Picture

Abhilash Warrier 84 Super User 2026 Season 1

Last 30 days Overall leaderboard

Featured topics

Welcome to the Microsoft Dynamics 365 forum!
Identifying an Org as CDS or Dynamics
Get batch job history log from D365 FO to Power Automate
Gross and Net Weight of Shipments feeding back into Sales Order (from External Source)

Product updates

Dynamics 365 release plans