web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Microsoft Dynamics AX (Archived) / Are there any examples...
Microsoft Dynamics AX (Archived)

Are there any examples or tutorials for eXtensible Data Security (XDS) in Dynamics 365 for Operations?

(0) ShareShare
ReportReport
Posted on by DD-19021315-0 230

We have a requirement to limit users' visibility of data based on a list of departments they have access to or a list of customers they manage. We are told that this should be possible with XDS, but, as yet, I haven't found any examples or tutorials showing how to set up new queries and security policies.

I tried adapting the process I've used with AX2012, and the steps to create a query seemed essentially similar in D365fO, but when I try to create a Security Policy, I can't edit any of the properties except Name. Right clicking on 'Constrained Tables' allows be to create a constrained table, but it has a blank name which can't be changed and the only editable field is 'Constrained' (Yes/No).

Since fine control over security was one of the main requirements in selecting D365fO, we are concerned that there doesn't seem to be much information about it. All the references to XDS I've come across relate to AX2012.

*This post is locked for comments

I have the same question (0)
  • André Arnaud de Calavon Profile Picture
    André Arnaud de Cal... 300,915 Super User 2025 Season 2 on at

    Hi Derek,

    Can you probably share some screenshots? Have you actually 'opened' the new policy in the detail window?

  • DD-19021315-0 Profile Picture
    DD-19021315-0 230 on at

    I didn't originally include any screenshots because it doesn't show that a field ins't accepting input. In the case shown. neither the Name nor Relation Table fields will accept input. I suspect I'm trying to do something in the wrong order, which is why I'd like access to some tutorial or example articles.

    3733.Capture.PNG

  • Verified answer
    Mea_ Profile Picture
    Mea_ 60,284 on at

    Hi Derek Dongray,

    You cannot select "Name" of constrained table if "Primary Table" property is empty on a policy itself.

    1307.Untitled.jpg

    There is a "Microsoft Dynamics AX 2012 White Paper: Securing Data by Dimension Value by Using Extensible Data Security (XDS)" document

     https://www.microsoft.com/en-us/download/details.aspx?id=26921 and it's applicable for D365O because there is no changes in functionality so you can use it as a guide. 

  • DD-19021315-0 Profile Picture
    DD-19021315-0 230 on at

    It seems I missed a step.

    As a 'Proof of Concept' (to demonstrate to that XDS works in D365 the same as in AX2012) I'm following this example at kaya-consulting.com/restrict-legal-entities-ax-2012 (restrict viewing of company info). This was actually something we implemented in out AX2012 installation. However, although I can get further, The step to "Add additonal Constrained Tables" refers to a table DimensionAttrValueLedgerOverride which doesn't seem to exist any more, so I can't actually complete the example.

    Hence my request for D365 specific examples, since I am not convinced that all AX2012 ones will work.

    Thanks to ievgen for indicating where I'd gone wrong.

  • DD-19021315-0 Profile Picture
    DD-19021315-0 230 on at

    Correction: It seems the table DimensionAttrValueLedgerOverride does exists (it's visible in application explorer) but is not selectable per the instructions. I need to investigate further...

  • DD-19021315-0 Profile Picture
    DD-19021315-0 230 on at

    It seems the relation between DimensionAttrValueLedgerOverride and Ledger cannot be selected, although it does exist. After manually entering it, I get...

    4505.Capture.PNG

    Opening the Ledger table shows:

    4505.Capture.PNG

    However, this doesn't work?

    4505.Capture.PNG

    What's the correct way to specify a relation when the dropdown search doesn't find it?

  • DD-19021315-0 Profile Picture
    DD-19021315-0 230 on at

    Seems I included the wrong 2nd screenshot! (Why isn't there a way to edit posted messages in this forum?)

    7245.Capture.PNG

  • Mea_ Profile Picture
    Mea_ 60,284 on at

    Sometimes there are some issues with lookup, especially in early versions. You can use any table you would like as far as you can build relations that make sense.

  • DD-19021315-0 Profile Picture
    DD-19021315-0 230 on at

    So how do I specify the Ledger relation DimensionAttrValueLedgerOverride to constrain the eponymous table? If I use the entry as shown above, which is analogous to the example in the article, I get:

    16682.Capture.PNG

    Regarding your mention of "early versions", we are running the 1611 release, although I am not sure all updates since then have been applied.

  • Mea_ Profile Picture
    Mea_ 60,284 on at

    Hi Derek Dongray,

    DimensionAttrValueLedgerOverride belongs to Ledger model, does poc3 model have a reference to ledger ?

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Neeraj Kumar – Community Spotlight

We are honored to recognize Neeraj Kumar as our Community Spotlight honoree for…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > 🔒一 Microsoft Dynamics AX (Archived)

#1
Martin Dráb Profile Picture

Martin Dráb 4 Most Valuable Professional

#1
Priya_K Profile Picture

Priya_K 4

#3
MyDynamicsNAV Profile Picture

MyDynamicsNAV 2

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans