Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Dynamics 365 Community / Forums / Microsoft Dynamics GP (Archived) / What are and how do Do...
Microsoft Dynamics GP (Archived)

What are and how do Document Access and Series Posting Permissions security operations work?

(0) ShareShare
ReportReport
Posted on by Devin 1,797

We are using Project Accounting and have run into multiple situations where a user did not have adequate security to perform an action such as print a PO, post an Inventory Transfer batch, or post an Employee Expense batch.  We found through experimentation with the default GP tasks that certains tasks would allow the user to perform the action, but that the task would also give them access to other undesired functions like entering PO's or posting to the GL.  Through the process of elimination we found that adding the Document Access "Standard" operation (Purchasing) resolved the PO printing issue and adding the Series Posting Permission "General Entry" (Financial) resolved the batch posting issues.    What exactly are Document Access and Series Posting Permissions and why would they be needed in these circumstances?  Is this the best/only way to get the user the needed security?  Thanks!

*This post is locked for comments

  • Devin Profile Picture
    Devin 1,797 on at
    Re: Re: What are and how do Document Access and Series Posting Permissions security operations work?

    So to summarize my previous post, the Project Accounting security tasks for entry and posting are not adequate to post in Project Accounting.  Either security task TRX_FIN_003* or Document Access operation(s) must also be added.

  • Devin Profile Picture
    Devin 1,797 on at
    Re: Re: What are and how do Document Access and Series Posting Permissions security operations work?

    I'm not sure if I fully understand what you mean by "control posting through limiting access to the functions that would be posted."

    We are currently set up with "Post to General Ledger" and only batch posting.  I'm only granting tasks that the user needs and am creating custom tasks when the default tasks are too broad.

    For example, we have a role that receives the error "You do not have authorization to post transfer transactions." when the user attempts to post a PA Inventory Transfer batch.  The role has the following tasks (amongst others) assigned to it:

    TRX_PA_005* - Project Accounting inventory transfer entry

    TRX_PA_008* - Project Accounting purchasing entry

    TRX_PA_010* - Project Accounting series posting

    One would think that tasks TRX_PA_005 and TRX_PA_010 would be adequate to create PA inventory transfers and post them, but that appears to not be the case.  I found this post which says that Project Accounting wants the user to have TRX_FIN_003 permission to post inventory transfers.  I tested it and sure enough the batch posted without any errors.  However, only two individuals in our organization will have the TRX_FIN_003 task (the ability to enter GL transactions), so I started looking for what operation in this task allowed the inventory transfers to post.  Through a process of elimination I found that only the (Financial) Series Posting Permission "General Entry" operation is needed for the inventory transfer posting.  I have since added this operation to a custom task to allow PA users to post their batches, without being able to manually enter GL transactions.

    So, I believe I've attempted to "control posting through limiting access to the functions that would be posted" but that is not enough as the Financial Series Posting Permission General Entry operation appears to be required as well to post from PA.  I was hoping that a better understanding of Series Posting Permissions and Document Access operations would help me understand this odd behavior.  Thanks for the assistance!

  • Richard Whaley Profile Picture
    Richard Whaley 25,195 on at
    Re: What are and how do Document Access and Series Posting Permissions security operations work?

    Usually people leave series and posting permissions alone and control posting through limiting access to the functions that would be posted.  That is our recommendation.  The reason for this is the mis-understanding of posting permissions and the things they stop.  For example, you might want to restrict certain groups of people from GL postings.  However, if you have your system set to post through.....well this would also be blocked!

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Congratulations 2024 Spotlight Honorees

Kudos to all of our 2024 community stars! 🎉

Meet the Top 10 leaders for December

Congratulations to our December super stars! 🥳

Start Your Super User Journey

Join the ranks of our community heros! 🦹

Leaderboard

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 291,711 Super User 2024 Season 2

#2
Martin Dráb Profile Picture

Martin Dráb 230,458 Most Valuable Professional

#3
nmaenpaa Profile Picture

nmaenpaa 101,156

Leaderboard

Featured topics

Product updates

Dynamics 365 release plans