Posts tagged with: Microsoft Dynamics AX 2012

Understanding Role Based Security in Microsoft Dynamics AX 2012

Security has a very important role to play in any ERP implementation. The security aspect of an ERP helps the administrator to control and restrict access of different users to data in the ERP. The administrator can control the rights of access to different modules and forms of different users tailoring the access, based on user groups or each individual user. Microsoft Dynamics AX controls security through a role based security system.

Security Architecture of Dynamics AX


Role-based security:-

  • In earlier versions of Microsoft Dynamics AX, the IT administrator wasted a lot of time and effort in managing the application security by creating user groups.
  • Microsoft Dynamics AX 2012 now offers managing security within the application by using some predefined roles and providing role based access based on these roles.
  • It also provides predefined business-related duties that are assigned with roles and matched with the users assigned to a specific role


  • All of the users must be assigned at least one security role to have access to Microsoft Dynamics AX. By managing the user’s access through security roles, it saves up a lot of time as the administrators only have to manage the security roles rather than each individual user.


  • The administrator in Dynamics AX assigns duties to the role and the administrator can assign many different duties to any role.


  • A privilege in Microsoft Dynamics AX specifies the access level that is required to complete an assignment, solve a problem or perform a job.


  • Permissions group all the securable objects and the different access levels that a user requires to run a function. This includes any forms, server side methods, fields or tables that can be accessed through security points.

Benefit of Having Role-based security:-

  • The new concept of role based security in AX 2012 has made it easier to manage security. Roles can be applied across all the companies and so the administrator does not have to maintain separate user groups for each and every company in the organization.

Assigning users to different roles (adding roles to users):-

  • Go to System administration | Common | Users | Users.
  • Select the required user from the user’s list.


  • From the upper left-hand corner of the user list page, click on Edit.
  • In the center of the user form, click on Assign roles.


  • Select a role from the list of predefined roles.
  • Select an option in the Role name menu to assign to the selected user.


  • Click on OK.
  • Click on Close to close the user form.