Hi guys,
I'm new to D365 F&O implementation, currently we are on Security access discussion which I need some advice from the expert here which is more experience than me.
So when user already give their "expected" Role with all the privileges and permission, I am wondering what is the correct approach to test this roles ? as an implementer, we created those role with the required / appropriate privileges and is it common practice that we also adopt what already exist in F&O in standard Duty and privileges if possible ? But this also mean some privilege may not necessary to user, eventually will not as exact same as what in their list.
Mean to say, I am asking what is the correct approach to test and to prove that this security has been implemented correctly ? And apart of we tested all those roles that we are created, will it be best that user it self test the role. Further more in most implementation we have UAT session, is the UAT session is the right moment that user should test the role ?
I'm asking this because there is couple of time, obviously with "difficult user", as they think they already give the list of roles with what they need (sometime can be from previous AX), so they will refuse to test and give it back to us as implementer saying we;re the one need to test those role and make sure there is no wrong or cannot access later when they went Live.
Hope some one can share how this security being implemented.
thanks in advance,
Hi VoltesDev,
Mohit provided the correct answer. A partner can help defining the roles, but the organization is responsible for the security testing and more important: the sign-off. Despite organizations did use another AX solution in the past, they still need to perform the testing as the solutions and the security are not the same. The contents of the older AX solution could be a perfect start for a partner to configure or develop the security roles. Then still, there might be new features implemented compared to older AX apps.
You might be interested in this video & solution in GitHub for Security Test Workspace tool
Its available in azure server under E drive.
It's not available in on prem server. I tried to copy that file from azure to on prem server but its throwing error on the user role assignment.
Thanks,
Girish S.
Thank you both.
Btw, would like to ask something about the blog that shared by Girish, I cannot find the DevTool as I tried to search my folders in my DevBox for "DevToolsService".
Since the blog also from 2017, could it be change for nowadays ?
Thanks,
Hi VoltesDev, Generally implementation partners test the security first to ensure that a role is able to perform the relevant activities with all required access but more importantly, Role does not have extra access in the system. After implementation partner tested the security, User should test it to ensure everything is working. At least, that's what I have observed in multiple projects.
Ultimately, its users responsibility to give you a sign-off on Security Testing.
Hi VoltesDev,
What I understood from your question is you are asking how to test the security role.
You need to have 2 users to test the security roles. One with system admin roles and other user with the list of roles to test.
Another option is using DevTool - Refer to the below blog post. I never implemented this, but you can give it a try.
Thanks,
Girish S.
André Arnaud de Cal...
291,965
Super User 2025 Season 1
Martin Dráb
230,836
Most Valuable Professional
nmaenpaa
101,156