web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Microsoft Dynamics AX (Archived) / Field level security i...
Microsoft Dynamics AX (Archived)

Field level security in Ax 2012

(0) ShareShare
ReportReport
Posted on by Guillaume Cantin 689

Hi,

I wish to put security on a field in a table, so that field can only be edited by users in a certain security role. Is it possible to manage security for a single field using the security objects (Roles, Duties, Permissions, etc.) or do I have to work this through code? Basically, all users will see the field, but I need it to be editable for only a few users. I'm using AX 2012 R2 CU6

Thanks

*This post is locked for comments

I have the same question (0)
  • Martin Dráb Profile Picture
    Martin Dráb 237,880 Most Valuable Professional on at

    You can use the AOT to design permissions for the fields in a table. By changing the EffectiveAccess property in permissions for each of the fields you can control the application user access to those fields. For example, you can control whether the application user can view or edit some of the fields on a form based on the security role assigned to the application user.

    It's a actually quote of the first paragraph of How to: Design Permissions for Fields in a Table [AX 2012] on MSDN.

  • Guillaume Cantin Profile Picture
    Guillaume Cantin 689 on at

    I used this exact article to test my case this morning and it did not work. I have a user, from which I removed every role except system user and employee. I added the table and relevant menu items to the permission, and set all of their EffectiveAccess to delete, except for the field I wish to have as a read only field to read, and it's still not working out.

    Edit: I did not set security for any field other than the field I need to have read-only access on. I went under the assumption that it would take the security access level from the table to which it belongs.

  • Martin Dráb Profile Picture
    Martin Dráb 237,880 Most Valuable Professional on at

    You should have describe your problem from the beginning instead of asking whether it's possible if you already knew that Microsoft supports that. Never mind, let's start again.

    How did you link the privilege to the user?

  • Guillaume Cantin Profile Picture
    Guillaume Cantin 689 on at

    I went through the user's form, and assigned the role to the user. The role contains a duty, which in turn contains a privilege. That privilege contained the entry points of that table, as well as the table, with the field for which I wanted to change the security.

    I don't believe I need to restart the AOS or clear any caches for this, I started from system user and then setup that permission, and the appropriate menu items became visible, it's only field access that seems to be the issue.

  • André Arnaud de Calavon Profile Picture
    André Arnaud de Cal... 301,035 Super User 2025 Season 2 on at

    Hi Guilaume,

    You are saying you have added the Table to the permissions node and then added all fields and set all to Delete except for a few fields?

    First of all: If you have added the table, you can specify the Default access level on the table node. In your case it will be Delete.

    Then you only have to specify the fields with the exceptions. So you don't have to repeat the fields with the same access level as the table itself. But this might not be related to your issue.

    In your case you have to see if other privileges also contains the same table which might override this setting. Also have a look for this table in the other roles like the System user and Employee.

  • Guillaume Cantin Profile Picture
    Guillaume Cantin 689 on at

    Hi André,

    I did not set every field explicitely to delete, I was assuming the table being set to delete would cause the fields that aren't overriden to take that same setting. Also, when I only had Employee and System User roles, I did not have access to the table at that time, I only gained access to it once I added my new role.

    Do you think I might have to change the AOS Authorization methods? Since this is TPF, is there something I must do beforehand I might not have done?

    Thanks!

  • André Arnaud de Calavon Profile Picture
    André Arnaud de Cal... 301,035 Super User 2025 Season 2 on at

    Hi Guillaume,

    I misunderstood your posts about adding the fields. You can check the active table rights for the particular role from the form Security roles. Select the role and click the button Override permissions. You can then in the new opened form browse for the table and see the actual rights for the fields.

    If it is read only but still not working as supposed, you can try to:

    - delete the AUC files (user cache files on the client)

    - export the role as xpo and import it again.

    I had a similar issue where the role was defined correctly, but was not working as it should. Some people were trying to solve it at the same time with the options described above.

  • Martin Dráb Profile Picture
    Martin Dráb 237,880 Most Valuable Professional on at

    It works for me exactly as expected.

    New objects: table, form, menu item (added to menu), privilege, role, user. The user has only System User role in addition to the new role.

    Access level for menu item in the privilege is update.

    EffectiveLevel for the table is Update.

    Three fields, EffectiveAccess Read, Update and NoAccess.

    Starting AX client through run as.

    Only two fields are visible, one is editable, the other it's not.

    I can't review your setup but maybe you can spot what you did differently.

  • Guillaume Cantin Profile Picture
    Guillaume Cantin 689 on at

    I ran both scenarios, and my field still is enabled. Since it's only one field, we'll probably go and work with the allowEdit property on the field since it'll achieve the same thing, but I wish I could've made this work.

    Last question on this, Is it possible that Menu Items could affect the field's enability? If I have effective access set to delete on the menu items added in entry points, is that what might affect the fields and table? I know we can't have fields with higher access than the tables, but I'm not sure about entry points and how they affect the rest of the process.

    Thanks to both of you for helping out on this

  • André Arnaud de Calavon Profile Picture
    André Arnaud de Cal... 301,035 Super User 2025 Season 2 on at

    Hi Guillaime,

    Have you also looked at this page on MSDN? msdn.microsoft.com/.../gg841928.aspx

    It might give you some additional insights.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Neeraj Kumar – Community Spotlight

We are honored to recognize Neeraj Kumar as our Community Spotlight honoree for…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > 🔒一 Microsoft Dynamics AX (Archived)

#1
Martin Dráb Profile Picture

Martin Dráb 4 Most Valuable Professional

#1
Priya_K Profile Picture

Priya_K 4

#3
MyDynamicsNAV Profile Picture

MyDynamicsNAV 2

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans