Network of MS Dynamics D365, AX, NAV, GP, SL, CRM, RMS, POS professionals › Forums › Microsoft Dynamics AX / Axapta › AX Consulting & Configuration › Best practices for upgrading to role-based security in Microsoft Dynamics AX
July 20, 2019 at 10:11 am #20859
What are the best practices that one should consider when upgrading to role-based security in Microsoft Dynamics AX?July 20, 2019 at 5:16 pm #20861
Best Practices are
1. User groups and roles
When you convert user groups to roles, we recommend that you use the default roles as much as you can. The default roles that are included with Microsoft Dynamics AX 2012 may contain additional permissions that were not available in earlier versions of Microsoft Dynamics AX.
If a user group has more permissions than the related default role, you can create a custom role based on the user group. We recommend that you nest the default role under the custom role, so that the custom role includes the permissions from the default role. The following provides an example.
a. User group in Microsoft Dynamics AX 4.0 or Microsoft Dynamics AX 2009
b. Default role in Microsoft Dynamics AX 2012
c. Recommendation for upgrade
– BudgetBudgetClerk (nested role)
Use an abbreviation of the company name or function as a prefix in the name of a custom role, such as MS_CustomRole.
Whenever you can, customize security settings in a custom model. By using a model, you can more easily export security settings from, and import security settings to, a specific layer.
2. Security keys
The concept of security keys no longer applies in Microsoft Dynamics AX 2012. Instead, privileges and permissions are used to implement role-based security. By default, thousands of privileges are included in Microsoft Dynamics AX 2012, and each entry point is associated with one or more privileges. If you have created custom entry points, we recommend that you create new privileges that have the View and Full Control access levels. These privileges can then be included in duties or assigned to roles.
You must be logged in to reply to this topic.