We are setting up AX now, and trying to integrate payroll, hr and financing. However, it seems the UT administrative staff can therefore see our payroll if they really want to. Any advice?
*This post is locked for comments
It depends on the definition of "system administrator". It's possible that the reseller means "System Administrator" role in Dynamics AX while I was referring to people working as system administrators.
"System Administrator" role in Dynamics AX indeed grants a plenty of permissions in Dynamics AX. But a system administrator backing up AX database, for example, doesn't have to be assigned to "System Administrator" role in AX.
From the reseller
For considering the confidentiality of the payroll module, unless you don’t assign a role for system administration. Otherwise it is almost impossible that the system administrator cannot see data stored in the database. However, you can still choose to use the HR module but not payroll.
Can you translate this? i get what you are saying martin, but he is saying the administrator will be able to see everything...
Thanks for the help
If you require somebody to have access to everything, then this person obviously can access the payroll data (because that's a subset of "everything").
But:
Ok, I understand. They dont in fact have to have passwords to be administrators. WEll then, who does hold the keys to the overall system?
sorry for the silly questions.
my reseller told me that could be an issue, and i wanted clarification here.
Yeah, administrators, but administrators of what? Do they really need to have the passwords (regardless of which passwords you mean)?
If you accept that will have access to everything, then you just gave it up and the discussion is over.
They are the administrators. My AX partner said if they have the passwords, they can then access key data.
You didn't tell us what your "IT stuff" do. They don't need any access to data to maintain servers and perform database backups, for example.
Dear isaacrose,
You need create separate role with the help of SDT (Security development toll). Which will allow you to make no access to payroll module to them. Otherwise if they have system admin rights they can see anything available in the system.So hide those forms or module completely. From those users.
For your reference :
IT adminisrative staff can therefore see our payroll if they really want to. Any advice?
#1
André Arnaud de Cal...
292,516
Super User 2025 Season 1
#2
Martin Dráb
231,409
Most Valuable Professional
#3
nmaenpaa
101,156
Share
Report
All responses (
Answers (
