Skip to main content

Notifications

Microsoft Dynamics AX forum
Answered

HR & Payroll Employee security

Posted on by 395

Hi

Is there a way of restricting users to only have access to specific employees?

For instance User A can only view employees in Department A and User B can only view employees in Department B.

I know this is possible using Record Level Security (RLS) and Extensible Data Security (XDS) but would like to know if there is another way that can be done via the front-end with no customisation.

I have seen an option to create separate Address Books and then to grant someone access via Teams to the Address Book but did not have any success in getting this to work.

Any suggestions on how to achieve this?

  • Suggested answer
    Lourense Profile Picture
    Lourense 395 on at
    RE: HR & Payroll Employee security

    Thank you André, I managed to get this working using Address Books. Your last point regarding all workers without Address Books being visible is where I went wrong.

  • Lourense Profile Picture
    Lourense 395 on at
    RE: HR & Payroll Employee security

    Thank you André, I will try the address book option again. Based on your comments the reason the address book option did not work for me when I tried it could be that I only linked some employees to an address book and thus the employees not linked were visible as well. I will try it again now.

  • Lourense Profile Picture
    Lourense 395 on at
    RE: HR & Payroll Employee security

    Thank you for your prompt response Edward. Will this enable me to limit access by Department or only by Legal Entity?

  • André Arnaud de Calavon Profile Picture
    André Arnaud de Cal... 290,142 Super User 2024 Season 2 on at
    RE: HR & Payroll Employee security

    [UPDATED] remark for Edward removed as it was related to other Security policies.

  • Verified answer
    André Arnaud de Calavon Profile Picture
    André Arnaud de Cal... 290,142 Super User 2024 Season 2 on at
    RE: HR & Payroll Employee security

    Hi Lourens,

    In your question you mentioned all options. Also a specific customization is possible, but I would suggest XDS or Address books.

    The address books option is working with two conditions:

    - Enable 'Secure by address book' on the Global address book parameters. It will enable some out of the box XDS policies and a record is inserted in a certain table.

    - Don't assign the System administrator role as this role bypasses all security, also XDS policies.

    Then you can assign the address books to teams and the workers. A worker without Address book will also be visible.

  • Suggested answer
    EdwardMoll Profile Picture
    EdwardMoll 51 on at
    RE: HR & Payroll Employee security

    The basic HCM XDS Policies are already available by default, only not activated in the AOT.

    To do so you need to naviate in the AOT to the Security node, than the Policies node and than select one by one:

    HcmEmploymentLegalEntity

    HcmWorkerLegalEntity

    Put the parameter "enabled" in the properties dialog to "yes".

    Than you need to assign legal entities to the user roles where you want to have the limitations.

    Kind Regards,

    Edward Moll

    Technical Consultant

    FourVision HR Plus

    www.fourvisionhrplus.nl

Helpful resources

Quick Links

Dynamics 365 Community Update

Welcome to the inaugural Community Platform Update. As part of our commitment to…

Dynamics 365 Community Newsletter - August 2024

Catch up on the latest D365 Community news

Community Spotlight of the Month

Kudos to Mohana Yadav!

Leaderboard

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 290,142 Super User 2024 Season 2

#2
Martin Dráb Profile Picture

Martin Dráb 227,979 Super User 2024 Season 2

#3
nmaenpaa Profile Picture

nmaenpaa 101,148

Leaderboard

Featured topics

Product updates

Dynamics 365 release plans