Remarks:
In role-based security, access is not granted to individual users,
only to security roles. Users are assigned to roles. A user who is assigned to
a security role has access to the set of privileges that are associated with
that role. A user who is not assigned to any role has no privileges.
In Microsoft Dynamics AX, role-based security is aligned with the
structure of the business. Users are assigned to security roles based on their
responsibilities in the organization and their participation in business processes.
The administrator grants access to the duties that users in a role perform, not
to the program elements that users must use.
Steps
1.
First,
to create a new privilege go to AOT -> Security -> Privileges
2.
Right
click on Privileges and select New Privilege
3.
Name it CustomerGroupView
Note: It is a best practice to name a Privilege
as MenuItemName + View/Maintain depending upon the Access level.
4.
Set
the Label of the privilege as Customer group view.
5.
Now
expand the newly created privilege and create an entry point by right-clicking
on Entry Points and selecting New Entry Point.
6.
Name
the entry point as CustGroup and set the AccessLevel to Read
There
is different types of access level.
a. Read – User can only read the form or data.
b. NoAccess – User can’t access the form or
data.
c. Update – User can update in the existing
data or read the form and data.
d. Create – User can create a new record and
read, update.
e. Delete – If delete the access level, a user
can have all type of access.
7.
Set
the ObjectType to MenuItemDisplay and ObjectName to
the menu item of the Customer group form, CustGroup
8.
Save
the privilege
9.
Now
create a duty and assign the above created privilege to the duty
10.
Go
to AOT -> Security -> Duties
11.
Right
click on Duties and select New Duty to create
a new duty.
12.
Name the duty as CustomerGroupView and
set the Label as Customer group view
13.
Expand
the above created duty and create a new privilege by right clicking on
the Privileges node and select New Privilege.
14.
Select
the CustomerGroupView privilege in the Name field
and save the duty
Note: You can also drag and drop the privilege
on the Privileges node.
15.
Next
create a new role by going to AOT -> Security -> Roles
16.
Right
click on Roles node and select New Role.
17.
Name the role as SecurityDemo and Label it
as Security demo.
18.
Expand
the above created role and right click on Duties node and
select New Duty
19.
Select
the CustomerGroupView duty in the Name field
and save the role
Note: You can also drag and drop the duty
on the Duties node.
20.
Now
assign the above role to a user Dynamics AX. Go to System
administration -> Setup -> Security -> Assign users
to roles.
21.
On
the Assign users to roles form, select the above created role
in the left tree and click on Manually assign/exclude users.
22.
In
the opened dialog, select the user to which you want to assign the role and
press Assign to the role.
23.
A green check mark will appear in case of a successful assignment. Close the form
24.
Now
login with the selected role
25.
Only
the functions assigned to the user will be visible. In this case, only the Customer
groups form is visible since the Security Role contains
only one duty. Also, note that only those Menus will be visible
that contains the menu item assigned in the Privilege
No comments:
Post a Comment