Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Microsoft Dynamics NAV (Archived) / Blocking Access to Pages
Microsoft Dynamics NAV (Archived)

Blocking Access to Pages

(0) ShareShare
ReportReport
Posted on by Ian Fletcher 2,445

Hi, so far we have a number of users that have too much access to parts of Nav that they should not i.e.The ability to go to the Chart of Accounts & Drill down. I know permissions will affect this, so how do i allow people to do their normal roles i.e. Raise & post Sales Orders etc but not allow them to view the Chart of Accounts?

Can you block access to a page? or remove it from their views/setup?

I did ask our partner, but they were not the most helpful & said we would have to use trial & error in the test system which I'm happy to do, but need a good starting point as this must be a common question?

The same maybe to block access to administration/IT administration etc

Thanks

Ian

*This post is locked for comments

  • Suggested answer
    4BzSoftware Profile Picture
    4BzSoftware 6,071 on at
    RE: Blocking Access to Pages

    Hi Ian,

    No problem, mistake does occur! I had the same situation and up-to-now, I don't know how to reverse it :-)

    Back to your question, Table 15 has some flowfields (Net Change, Balance at Date, ...) calculated from Table 17 so user need Read Permission on Table 17 in order to view Table 15. Your requirement is "not allow user to view CoA, Table 15" so we need to review Read Permission on Table 15. May be another role of user has "Table 15 Read Permission = Yes". Try to identify overlap permission first! What roles does user have?

  • Ian Fletcher Profile Picture
    Ian Fletcher 2,445 on at
    RE: Blocking Access to Pages

    Sorry Khoa, looks like I accidently marked/flagged your last comment as abuse, not sure how to undo that, does it cause an issue?

  • Ian Fletcher Profile Picture
    Ian Fletcher 2,445 on at
    RE: Blocking Access to Pages

    Good point, I have looked further at this & it is Table 17 - G/L Entry that seems to allow or deny access to the Chart of Accounts as we have some users that are denied as they do not have permission to Table 17. The standard role S&R-Q/O/I/R/C, POST has Table 17 Read = Yes, does this seem strange, why would this Role require the user to read the CoA? Is this the same as default for other company's, will it matter if I change this to indirect does anyone know?

  • Suggested answer
    4BzSoftware Profile Picture
    4BzSoftware 6,071 on at
    RE: Blocking Access to Pages

    Hi Ian,

    If you can use this tool www.mibuso.com/dlinfo.asp to add multiple Page Objects with Execute Permission to Permission table (2000000005). Otherwise, you should have your Software Supplier (MS Partner) help.

    But as your description "Table 15 Read Permission = Indirect", may be another role of user has "Table 15 Read Permission = Yes". Try to identify overlap permission first! What roles does user have?

  • Ian Fletcher Profile Picture
    Ian Fletcher 2,445 on at
    RE: Blocking Access to Pages

    Ok, I have in the All Role - Object Type = Page, Object ID = 0, Execute Permission = Yes

    So does this mean that everyone is able to view all pages if they have table permissions?

    Is it not possible, to just block/deny page 16/18?

    In the Role S&R-Q/O/I/R/C, POST That seems to give the permission, the users have Table 15 Read Permission = Indirect, everything else blank & Table 17 Read = Yes, insert = Indirect & the rest blank

    In your suggestion you say add all pages except page 16, do I have to manually add each line or is there a quicker way? What permissions to I have to give each page?

    Thanks for your help with this.

  • Suggested answer
    4BzSoftware Profile Picture
    4BzSoftware 6,071 on at
    RE: Blocking Access to Pages

    Hi Ian,

    You can find Page Execute Permission in ALL role (NAV Classic -> Tool -> Security -> Roles -> select "ALL" Role ID -> Role button -> Permissions).

    Even if users have ALL role (Page Execute Permission), they need Table Read Permission in order to view data.

    Indirect Permission: The permission is valid only when used with another object that you have permission for. For example, you cannot create G/L entries directly, but you can create them indirectly, using the posting function (Classic Client  Help book).

    For easy, you can try:

    - Keep tables permission as they are.

    - Duplicate ALL role to ALL-TEST role, remove Page Execute Permission in ALL-TEST role.

    - Add new PAGES-TEST role, add all pages except page 16.

    - Remove ALL role from the user.

    - Add ALL-TEST and PAGES-TEST roles to the user.

    - Synchronize Single Login for this user and test.

    Good lucks!

  • Ian Fletcher Profile Picture
    Ian Fletcher 2,445 on at
    RE: Blocking Access to Pages

    Khoa, what is Page Execute Permission, where do I find this?

    Why would you want all users (as all users have the all permission) the ability to access every part of Nav?

    Can you explain - "you can combine with Table Indirect Read Permission."

    As said if you can give an example of how I would block access to page 16 or Tables 15 & 17 whilst still letting the users the ability to Post to the G/L?

    Thanks

  • Suggested answer
    4BzSoftware Profile Picture
    4BzSoftware 6,071 on at
    RE: Blocking Access to Pages

    Hi Ian,

    Did you try Page Execute Permission? By default, users has ALL role can execute all pages. Besides, you can combine with Table Indirect Read Permission.

  • Ian Fletcher Profile Picture
    Ian Fletcher 2,445 on at
    RE: Blocking Access to Pages

    Hello Jonathan,

    permissions were not setup correctly by our previous partner, so I am not sure if predefined permission sets that we have are correct or not, when we asked them about this they said it couldn't be done which didn't sound right to me?

    So would in this example, I create a role that Deny's read access to Table 15 & Table 17 & then add that to certain users, will this rule over the permissions in S&R-Q/O/I/R/C, POST so a deny will always win? Does leaving the read permission blank act as a deny?

  • Ian Fletcher Profile Picture
    Ian Fletcher 2,445 on at
    RE: Blocking Access to Pages

    Hello Jose,

    I know you can create permissions, but permissions were a minefield to us, hence why we still have questions, what I am looking for is the best solution to stop certain users from accessing certain pages, so specific examples of what permissions to create & how to apply would be useful,

    Thanks

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Announcing Our 2025 Season 1 Super Users!

A new season of Super Users has arrived, and we are so grateful for the daily…

Vahid Ghafarpour – Community Spotlight

We are excited to recognize Vahid Ghafarpour as our February 2025 Community…

Tip: Become a User Group leader!

Join the ranks of valued community UG leaders

Leaderboard

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 292,494 Super User 2025 Season 1

#2
Martin Dráb Profile Picture

Martin Dráb 231,305 Most Valuable Professional

#3
nmaenpaa Profile Picture

nmaenpaa 101,156

Leaderboard

Featured topics

Product updates

Dynamics 365 release plans