All of us know that Security frame work is completely changed in AX2012. We are used with AX2009 way of assigning permissions to user groups and linking users to user groups.
Let’s get conversant with AX2012’s way of assigning permissions and restricting the forms and activities as required by our clients.
Whoever tried assigning permissions might have already noticed that user groups are no more in AX2012. So, to have the users assigned with needed permissions, user must be assigned with a Role that he/she performs. In a case where the user performs multiple roles, one can be assigned with multiple roles.
By default a good number of “Security roles” are available in AX. These roles have been created by keeping industry requirements in mind and also to achieve the standardization across the multiple business organizations. However, it is quite usual that clients’ requirements on permissions will be varying from one client to another client.
Below is the image that helps in understanding how the permissions are structured in AX2012.
Each role will have the Set of duties that are relevant for the specific role. Duties comprises of set of privileges. Through Privileges, we give the permissions to the relevant forms, menu items and tables.
(I do not want to stress on definitions and terminology as loads of data available over Technet).
Let’s analyze and understand this completely using the role “Purchasing agent” as an example.
To see the different security roles available, Go to System Administration>setup >Security > Security roles.
Focus on “Purchasing agent” then right side list box “Role content” shows the list of duties that will be applicable for the “Purchasing agent role’.
It gives the precise information on what the activities that the user with the specific role can perform. By seeing the content obviously we can’t understand what all that will be covered under each duty. For instance, let’s consider the duty “Maintain Vendor Master”. We do not know what all that comes if it says just “Maintain vendor master”.
Let’s see what all it covers, go to System administration>setup>Security>Security roles> Security privileges
Search for the needed duty “Maintain vendor Master”, it shows the list of “Privileges” that are covered.
We can notice the privileges give little detailed information that what all comes in “Maintain vendor master”. Of course, we should know how the access is being given to forms. For which lets get into AOT, with the AOT name of duty.
In the image you can see the AOT name of “Maintain vendor master” as “VendVendorMasterMaintain”.
Now, Go to AOT (by pressing Ctrl+D)>Security>Duties, find duty “VendVendorMasterMaintain”, and see the privileges(AOT names) to proceed further.
Hope it is clear now on how the access to forms is controlled using the roles, duties and privileges. In next post, we will see how to stop access to some forms in the already defined duty and also how to add a completely new privileges in duties.
Hope you like this post, your suggestions are most welcome to get this blog better.
Keep visiting and Keep DAXing.