Role based security in Microsoft Dynamics AX 2012
27 Jan 2015
Today, I’m going to focus on the new security framework that’s been introduced in Microsoft Dynamics AX 2012, which is role based security. As you know, in Dynamics AX 2009 security and access permissions were defined on a per user and per company basis, but in AX 2012 they introduced role based security permissions, where you defined a user role and assign all users to one particular or multiple roles.
The introduction of role based security in Microsoft Dynamics AX 2012 allows you to simply make security/access changes in one place i.e. the role, and those changes all automatically applicable to all users that are assigned to that particular role.
Dynamics AX 2012 comes with over 80 security roles, which is a great help. These can be used as a starting point to setup security and access privileges. New security roles, duties and privileges can be created based on the business’ requirements.
Access permissions can be set on User Interface elements, tables and fields, SSRS reports, service operation securable objects.
Let’s take a look at the three components that makes up role based security in Microsoft Dynamics AX 2012.
All Dynamics AX 2012 users must be assigned to at least one security role, in order for them to access Microsoft Dynamics AX. By managing user access through security roles, you can save a lot of time that’s typically consumed in security administration duties, since you only have to manage security roles here, rather than each managing security access for individual users.
In Dynamics AX 2012, roles are assigned to users based on their responsibilities or duties). As such, users are assigned application access privileges based on these criteria. The security administrator in Dynamics AX assigns these duties to the role.
Access privileges in Microsoft Dynamics AX refer to the access level that is required to complete an assignment, solve a problem or perform a job. For example User A’s job is to review and edit certain documents. So he/she requires read and write access privileges to only those particular files or folders, in order to do their job.
Permissions group all securable objects and the various access levels that a user requires in order to run a function. This can include any forms, server side methods, fields or tables that can be accessed through the system’s security points.
So for instance, using the above example, User A is granted permission to only read and edit those particular files. He/she does not have permission to view or edit any other files or folders. Nor access any other application or module in Dynamics AX 2012.
About Folio3 Dynamics Services
FDS (Folio3 Dynamics Services) is a dedicated division of Folio3 that specializes in Microsoft Dynamics AX, Dynamics CRM, Dynamics NAV and Dynamics GP based development, customization and integration services. Our main focus is on Enterprise Mobility. We firmly believe that opening up Microsoft Dynamics AX and other products to iOS Android, Windows 8 and Windows Phone users will have a huge impact on organizational agility and productivity.