Role-based security
We can create
Role-based security by setting security permissions for each individual.
Permissions are not directly granted to users, but to security roles, and the
link between users and their permissions is established by assigning users to
security roles. Role-based security for Dynamics AX contains the following
elements:
Role: An individual’s role in Microsoft Dynamics AX is defined as a
group of duties required to complete a specific job function.
Duty: In Microsoft Dynamics AX, duty is the group of privileges needed
to perform a task.
Privilege: Privilege is defined as the permissions required for individual
objects. For example, access to the post price journal is a privilege.
Permission: Permission in AX is the basic access restriction to units of data,
such as tables and fields, and functionality
Microsoft Dynamics AX - Security Architecture
Steps to create custom Roles in Dynamics AX 2012
Scenario
Planning to create a new
role “Invoice_Maker” and will assign the users to this role.
This role users can have the full control of
making Invoice Journals under Accounts Payable module effectively.
Elucidation
1. Open the Security Roles screen under <LEGAL
ENTITY>/System administration/Area page to create the new Role - “Invoice_Maker”
2. Open the Security Privileges screen under <LEGAL ENTITY>/System administration/Area page to create the new Process Cycle - “Invoice_Maker”
3. Right click on the newly created Process Cycle - “Invoice_Maker” and select the "New Duty" option to create the new
Duty - “AP_Invoice”
4. Right click on the newly created Duty - “AP_Invoice” and select the "New Privilege" option to specify the appropriate permission towards Duty - “AP_Invoice”
5. As planned provide the “Full Control” Permission for all the Invoice Journal screens
6. Assigned the
”AP_Invoice” Privileges to the
appropriate role “Invoice_Maker”