Monday, August 6, 2018

Role based security in AX

Role based security in AX 

In role-based security, access is not granted to individual users, only to security roles. Users are assigned to roles. A user who is assigned to a security role has access to the set of privileges that is associated with that role. A user who is not assigned to any role has no privileges.
In Microsoft Dynamics AX, role-based security is aligned with the structure of the business. Users are assigned to security roles based on their responsibilities in the organization and their participation in business processes. The administrator grants access to the duties that users in a role perform, not to the program elements that users must use.
Permissions represent access to individual securable objects, such as menu items and tables. 
Privileges are composed of permissions and represent access to tasks, such as canceling payments and processing deposits. 
Duties are composed of privileges and represent parts of a business process, such as maintaining bank transactions. 
Both duties and privileges can be assigned to roles to grant access to Microsoft Dynamics AX.

Security roles

All users must be assigned to at least one security role in order to have access to Microsoft Dynamics AX. The security roles that are assigned to a user determine the duties that the user can perform and the parts of the user interface that the user can view.

Process cycles

A business process is a coordinated set of activities in which one or more participants consume, produce, and use economic resources to achieve organizational goals.
Process cycles are used for organization only. The process cycles themselves cannot be assigned to roles.


Duties correspond to parts of a business process. The administrator assigns duties to security roles. A duty can be assigned to more than one role.
In the security model for Microsoft Dynamics AX, duties contain privileges. For example, the Maintain bank transactions duty contains the Generate deposit slips and Cancel payments privileges. Although both duties and privileges can be assigned to security roles, we recommend that you use duties to grant access to Microsoft Dynamics AX.


In the security model for Microsoft Dynamics AX, a privilege specifies the level of access that is required to perform a job, solve a problem, or complete an assignment. Privileges can be assigned directly to roles. However, for easier maintenance, we recommend that you assign only duties to roles.
A privilege contains permissions to individual application objects, such as user interface elements and tables. For example, the Cancel paymentsprivilege contains permissions to the menu items, fields, and tables that are required to cancel payments.


Each function in Microsoft Dynamics AX, such as a form or a service, is accessed through an entry point. Menu items, web content items, and service operations are referred to collectively as entry points.
In the security model for Microsoft Dynamics AX, permissions group the securable objects and access levels that are required to run a function. This includes any tables, fields, forms or server side methods that are accessed through the entry point.
Only developers can create or modify permissions.

1 comment:

How to enable the dimension fields based on the Item selected on the form.

[Form] public class KMTShipFromWarehouses extends FormRun {     InventDimCtrl_Frm_EditDimensions        inventDimFormSetup;     /// &l...