You’re offline. This is a read only version of the page.
I'm working on Security permissions for our users and I'm trying to define a new Custom Role based on standard AX Privileges and I appear to have run into an Impasse. We are running Dynamics AX 2012 R3, CU8.
Business problem I'm trying to solve: Within our organization we have a fairly large number of users that are able to create and maintain sales orders in AX. We are using the Sales Order Hold function in standard AX but have built some automation around the setting and releasing of SO Holds. For example, if a customer's terms of payment are UFM (upfront-money), then a UFM hold is placed on the order, when a payment journal is posted and settled against the sales order, then the UFM hold is released and the order is available to continue through it's pick/pack/ship/invoice lifecycle. The users that maintain these sales orders need to be able to see, but not manually remove any of the holds on the order (it must go to our credit department in this case to be removed manually).
I have been working on creating 2 custom security roles, one that allows the maintenance of the holds and one that is a view only. The Maintenance role was easy to build, but I cannot seem to find the correct combination of the existing privileges that allow a user to view but not change the holds:
| Standard AX Role | DGI Custom Role | Standard AX Duty | Standard AX Privilege |
| DGI_SO_Holds_Enable | Enable Sales Order Hold Process | Maintain Order Hold Codes | |
| DGI_SO_Holds_Enable | Enable Sales Order Hold Process | Maintain order hold codes in Accounts Receivable | |
| DGI_SO_Holds_Maintain | Maintain Sales Order Holds | Generate reports for order holds | |
| DGI_SO_Holds_Maintain | Maintain Sales Order Holds | Maintain hold codes from sales order creation | |
| DGI_SO_Holds_Maintain | Maintain Sales Order Holds | Maintain hold codes from sales orders | |
| DGI_SO_Holds_Maintain | Maintain Sales Order Holds | Maintain holds for sales orders | |
| DGI_SO_Holds_Maintain | Maintain Sales Order Holds | Maintain inventory hold codes | |
| DGI_SO_Holds_Maintain | Maintain Sales Order Holds | Override checked out user | |
| DGI_SO_Holds_Maintain | Maintain Sales Order Holds | Preview sales order | |
| DGI_SO_Holds_View | --NONE-- | Preview sales order | |
| DGI_SO_Holds_View | --NONE-- | Generate reports for order holds |
There error that a user gets when all they have is the DGI_SO_HOLDS_VIEW role is: You are not authorized to access table ‘Fraud details setup’ (MCRFraudDetail). Contact your system administrator. I tried to grant access using the field level security for this particular table but that didn't work either.
Does anyone have any ideas outside of going into the code and customizing this?
Thanks -
Tom.
*This post is locked for comments
I have the same question (0)
It appears that I have found the approach. With the setup of each hold code, you can associate the role that is allowed to adjust the hold. So, you give everyone the ability to maintain, but set each hold code with the specific role that can adjust that hold.
Share
Report
All responses (
Answers (
4
