Skip to main content

Notifications

Finance | Project Operations, Human Resources, ...
Suggested answer

Requirement of Duplicating OOB Privilege , Role and Duty

(0) ShareShare
ReportReport
Posted on by 35
Do we required to Duplicate all 3 things i.e. /Privilege , Role and Duty/ to give same Role to multiple person with different permission?
E.g. Mr A, B and C all are required to have Project manager Role, A required View rights, B required View + Update, C required All.
  • Suggested answer
    Umesh Pandit Profile Picture
    Umesh Pandit 9,298 User Group Leader on at
    Requirement of Duplicating OOB Privilege , Role and Duty
    Note: Modifying security roles and privileges can have significant implications for your organization's security model. It's important to thoroughly test any changes in a non-production environment before applying them to a live system.
    Access the Security Configuration Workspace:
     
    In D365FO, go to the "System administration" module.
    Navigate to "Setup" > "Security" > "Security configuration".
     
    Duplicate Privileges:
    Find the privilege you want to duplicate in the list.
    Right-click on the privilege and select "Duplicate privilege."
    Modify the name, label, and any other settings as needed.
     
    Duplicate Duties:
    In the "Security configuration" workspace, navigate to the "Duties" tab.
    Find the duty you want to duplicate.
    Right-click on the duty and select "Duplicate duty."
    Adjust the name, label, and other properties as required.
     
    Duplicate Roles:
    In the "Security configuration" workspace, navigate to the "Roles" tab.
    Locate the role you want to duplicate.
    Right-click on the role and select "Duplicate role."
    Modify the name, label, and other attributes as necessary.
     
    Assign Privileges to Duties and Duties to Roles:
    Open the duplicated duty.
    Add the duplicated privileges to the duty.
    Open the duplicated role.
    Add the duplicated duties to the role.
     
    Modify the Role Hierarchy (if needed):
    If the duplicated role has a parent role in the hierarchy, you might need to adjust the parent-child relationship.
     
    Test and Validate:
    After duplicating and configuring the new role, privilege, and duty, test the setup thoroughly in a non-production environment.
    Make sure the security model behaves as expected and that users have the appropriate access.
     
    Deploy to Production:
    If the testing is successful, deploy the duplicated security elements to your production environment.
    Ensure that proper change management and communication processes are followed to inform stakeholders of the changes.
     
    Ongoing Maintenance:
    As your organization evolves and requirements change, regularly review and update the duplicated security elements to match your needs.
     
  • Suggested answer
    Martin Dráb Profile Picture
    Martin Dráb 230,934 Most Valuable Professional on at
    Requirement of Duplicating OOB Privilege , Role and Duty
    You'll need to talk to the person who came with this requirement and explain him or her why it doesn't make sense.
     
    A role defines what permissions a user gets. You can't have a single role meaning three different things at once. In your case, you need three roles or a combination of roles.
     
    The requirement is wrong from logical perspective too. For example, a user that doesn't have permissions to edit a project clearly isn't a project manager. You must ignore the requirement to give the use the project manager role and you'll need to analyze what job the person actually performs. Maybe there already is a suitable role, or maybe you'll have to create a new one.
  • Bryantquintero Profile Picture
    Bryantquintero 2 on at
    Requirement of Duplicating OOB Privilege , Role and Duty
    Hello,    Mayo Clinic Portal
     
    In the context of assigning roles with varying permissions to different individuals, it's not always necessary to duplicate all three elements - Privilege, Role, and Duty - for each unique combination. To efficiently manage permissions for individuals like Mr. A, B, and C, role-based access control can be utilized.
    Role: Create a single "Project Manager" role that encompasses the general responsibilities of a project manager.
    Privileges: Define distinct privilege sets for "View," "Update," and "All" access levels.
    Duties: Create duties associated with each privilege, specifying the tasks and actions permitted.
    Rather than duplicating roles, privileges, and duties for each person, assign the relevant privileges and duties to the role according to individual needs. Mr. A can be assigned the "View" privilege duty, Mr. B can be assigned both "View" and "Update" duties, while Mr. C receives all duties under the "All" privilege.
     
    This approach streamlines administration and ensures consistency. Modifying the role's privilege assignments automatically reflects across all users with that role. By avoiding redundant duplications, it simplifies management and enhances security by adhering to the principle of least privilege.
     
    I hope the information may helps you. 
     
     
     
     
     
  • Kevin Xia Profile Picture
    Kevin Xia Microsoft Employee on at
    Requirement of Duplicating OOB Privilege , Role and Duty
    Hi,
    Maybe you can create multiple roles and assign them different duties or privileges to meet your needs.
    Best regards,
    Kevin

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Announcing Our 2025 Season 1 Super Users!

A new season of Super Users has arrived, and we are so grateful for the daily…

Vahid Ghafarpour – Community Spotlight

We are excited to recognize Vahid Ghafarpour as our February 2025 Community…

Congratulations to the January Top 10 leaders!

Check out the January community rock stars...

Leaderboard

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 292,111 Super User 2025 Season 1

#2
Martin Dráb Profile Picture

Martin Dráb 230,934 Most Valuable Professional

#3
nmaenpaa Profile Picture

nmaenpaa 101,156

Leaderboard

Product updates

Dynamics 365 release plans