web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Small and medium business | Business Central, N... / How to restrict postin...
Small and medium business | Business Central, N...
Suggested Answer

How to restrict posting, journal edit permissions without conflicts

(1) ShareShare
ReportReport
Posted on by ERPlatanos 73
When setting up security groups for an organization that wants granular permissions, conflicts often occur.
 
ex: /Security Group A should be able to edit purchase invoices, but not post/
 
/Security Group B should not be able to edit purchase invoices, but is able to post/
 
/Security Group C can only approve documents, but cannot edit nor post/
 
I think this is common for public companies to meet regulations.
 
 
When it comes to structure, recording permissions to allow for a task is simple; however, restricting access to any small feature (like editing purchase invoice) seems to have compounding effects for access to other aspects of the system, which is difficult to understand. Because of this, we have a customer that is blocked by permissions constantly performing routine tasks due to the restrictions from other sections. It's not clear to me how to go about setting up these permission sets when the naming conventions are vague and there are thousands [millions?] to deal with.
 
Are there third parties that specialize in this?
 
Categories:
Dynamics 365 Business Central
Dynamics 365 Business Central
Dynamics 365 Business Central
I have the same question (0)
  • ERPlatanos Profile Picture
    ERPlatanos 73 on at
    Additionally,
     
    For Security Group B, it seems posting and journal entry permissions are tied. So when I try to give the necessary permissions for posting, the user becomes able to edit journal entries
  • Suggested answer
    YUN ZHU Profile Picture
    YUN ZHU 100,731 Super User 2026 Season 1 on at
    Hi, Security Group A and Security Group B can set the same permissions. Then use Posting Date Range or Invoice Posting Policy to control whether the user can post.
     
    As for Security Group C, the setting that cannot be posted is the same as above. If it cannot be modified on the UI, I think it will be enough to change Modify Permission to indirect.
     
    Hope this helps.
    Thanks.
    ZHU
     

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Introducing the 2026 Season 1 community Super Users

Congratulations to our 2026 Super Stars!

Meet the Microsoft Dynamics 365 Contact Center Champions

We are thrilled to have these Champions in our Community!

Congratulations to the April Top 10 Community Leaders

These are the community rock stars!

Leaderboard > Small and medium business | Business Central, NAV, RMS

#1
OussamaSabbouh Profile Picture

OussamaSabbouh 1,909 Super User 2026 Season 1

#2
YUN ZHU Profile Picture

YUN ZHU 1,145 Super User 2026 Season 1

#3
AndrewThomas81 Profile Picture

AndrewThomas81 974

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans