Security for Microsoft Dynamics AX 2012

Security for Microsoft Dynamics AX 2012

Security Concepts

Security Hierarchy

 

Privilege

 

Privileges are used to give access to securable objects.

A privilege contains permissions, plus one or more entry points.

How to make a privilege?

Step 1 : Make a new Privilege.

              Privileges-> New -> Privilege

Step 2 : Make an Entry Point

 

 

 

Permission to the application object.

Entry point can have

1.Menu item -> Forms

2.Service Operation -> Fro AIF Related tasks

3.Web content -> action items, managed content, URL -> For Enterprise Portal

Permission

 

A permission is the simplest security artifact. Sets of permissions are usually grouped into a privilege.

 

Hierarchy of permissions

›Read - Lets the user see data but not change it

›Update - Lets the user change data but neither create it nor delete it

›Create - Lets the user insert new data records; plus, it gives the user Update and Read permissions

›Correct - The Correct permission applies only when a time state table is involved. This permission authorizes you to issue update records in a time state table.

›Delete - Delete permission includes every other permission

›NoAccess

›If instead the object type is ServiceOperation, the value can be one of the following:

•Invoke. The server method can be called.

•NoAccess. The server method cannot be called.

 

 

Duty

A duty defines the functionality for a business process – for example, View customer accounts.

A duty can only contain privileges, but it can belong to more than one role.

 

 

 

 

Step 3: Make Enabled property  Yes in the properties of the added privilege.

 

 

Role

All users must be assigned to at least one security role in order to have access to Microsoft Dynamics AX.

The security roles that are assigned to a user determine the duties that the user can perform and the parts of the user interface that the user can view.