web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Finance forum / Upgrade testing securi...
Finance forum

Upgrade testing security role

(0) ShareShare
ReportReport
Posted on by HarryDesh 67

hi

What is the methodology that you are following for upgrade related security testing? I am planing to create following script

For each enabled user

---> Loop through all user roles.

--------> create a user - menu item lines with least effective access for read/update/create/delete (we don't use entities and our security is only on menu items so don't care about other objects)

Compare the output with previous version and investigate the difference.

Any thoughts? and has anyone already written similar script that they can share? :)

regards

Categories:
Upgrade
Other
I have the same question (0)
  • André Arnaud de Calavon Profile Picture
    André Arnaud de Cal... 301,075 Super User 2025 Season 2 on at

    Hi HarryDesh,

    I'm not able to understand what you exactly mean with your script. What is it what you want to validate? What would the script do?

    Note that sometimes, Microsoft is changing a menu item in a menu. If you have custom roles, the new menu item might not have permissions. In that case, a menu item can be missing in a certain role.

  • HarryDesh Profile Picture
    HarryDesh 67 on at

    Our auditors want to validate that security access to users has not changed due to version upgrade.

  • André Arnaud de Calavon Profile Picture
    André Arnaud de Cal... 301,075 Super User 2025 Season 2 on at

    Hi Harry,

    Every change on security is logged and can be reviewed in the system administration area. Then you can verify if there are changes which needs to be reviewed.

  • HarryDesh Profile Picture
    HarryDesh 67 on at

    I am afraid our auditors need a comprehensive picture that can show what has changed and what has not changed but I will take a look into what you have suggested. Thanks.

  • nmaenpaa Profile Picture
    nmaenpaa 101,160 Moderator on at

    As Andre mentioned, you can track all changes to user-role assignments and such.

    About tracking other changes, I understand the problem, but...

    But if Microsoft changes content of out of the box roles, duties and privileges, that's not tracked in the system.

    Do your auditors really demand you to detect Microsoft's changes in Microsoft's cloud solution? If such requirement exists, I would ask Microsoft to provide such information, instead of every customer having to solve this. If it's a general requirement (based on legislation) (which I doubt a bit), then I would assume there's a lot of pressure on Microsoft to provide such info.

    However all changes that your developers make to security elements can be tracked in the version control history.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

November Spotlight Star - Khushbu Rajvi

Congratulations to a top community star!

Forum Structure Changes Coming on 11/8!

In our never-ending quest to help the Dynamics 365 Community members get answers faster …

Dynamics 365 Community Platform update – Oct 28

Welcome to the next edition of the Community Platform Update. This is a status …

Leaderboard > Finance

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans