Wednesday, May 18, 2011

AX 2012 Security Permissions

Role-based Security

In previous versions of AX, assigning security keys was the main task for a developer. With AX 2012’s role-based security, developers play a much bigger role when creating new elements. Permissions are now assigned on the AOT elements and are grouped together in Privileges. These Privileges are then gathered in Duties which define a role.
The new security framework is based on RDPP:
  • Roles: a group of duties specific to a function (accountant, mechanic, clerk, manager, …)
  •  Duties: a group of related privileges needed for a specific task (sales order entry, approve expenses, order  picking etc,
  •  Privileges: a group of entry points (mostly menu items) needed for a specific action (create sales order lines, set up HRM parameters, start a picking route, …)
  • Permissions: a group of base objects  each with the required level of access (update salesTable, update HRMParameters, …)
Developers are responsible to provide the appropriate privileges and permissions. An administrator can define roles and duties based on the privileges and permissions -and link users to roles
Standard, out-of-the box roles, duties, privileges and permissions are available to secure all functionallity in Ax2012!Previous versions had … no out-of-the-box security configured roles.

Other facts:
  • SecurityKeys are no longer used
  • Companies are replaced by legal entities
  • Domains are replaced by organisations
  •  Users groups no longer used in a security context
  • External users (without an Active Directory -account!) can log on to the Enterprise Portal
And still exploring.......

1 comment: