Understanding Role Based Security in Microsoft Dynamics AX 2012

Security has a very important role to play in any ERP implementation. The security aspect of an ERP helps the administrator to control and restrict access of different users to data in the ERP. The administrator can control the rights of access to different modules and forms of different users tailoring the access, based on user groups or each individual user. Microsoft Dynamics AX controls security through a role based security system.

Security Architecture of Dynamics AX


Role-based security:-

  • In earlier versions of Microsoft Dynamics AX, the IT administrator wasted a lot of time and effort in managing the application security by creating user groups.
  • Microsoft Dynamics AX 2012 now offers managing security within the application by using some predefined roles and providing role based access based on these roles.
  • It also provides predefined business-related duties that are assigned with roles and matched with the users assigned to a specific role


  • All of the users must be assigned at least one security role to have access to Microsoft Dynamics AX. By managing the user’s access through security roles, it saves up a lot of time as the administrators only have to manage the security roles rather than each individual user.


  • The administrator in Dynamics AX assigns duties to the role and the administrator can assign many different duties to any role.


  • A privilege in Microsoft Dynamics AX specifies the access level that is required to complete an assignment, solve a problem or perform a job.


  • Permissions group all the securable objects and the different access levels that a user requires to run a function. This includes any forms, server side methods, fields or tables that can be accessed through security points.

Benefit of Having Role-based security:-

  • The new concept of role based security in AX 2012 has made it easier to manage security. Roles can be applied across all the companies and so the administrator does not have to maintain separate user groups for each and every company in the organization.

Assigning users to different roles (adding roles to users):-

  • Go to System administration | Common | Users | Users.
  • Select the required user from the user’s list.


  • From the upper left-hand corner of the user list page, click on Edit.
  • In the center of the user form, click on Assign roles.


  • Select a role from the list of predefined roles.
  • Select an option in the Role name menu to assign to the selected user.


  • Click on OK.
  • Click on Close to close the user form.

About the author

Saad Abdul Rehman is a qualified ACCA with hands on experience in information systems. His passion is to work in a challenging and dynamic environment and to strive to make an immediate impact on profitability, process and culture of the organization. His specialities financial accounting and reporting; internal control development; lease accounting; and budgeting and forecasting.



thanks for valuable blog for security feature in dynamics.

my question is if i want to give permission to certain user to access item barcode table only for the description so they can edit description , rest of all field will be read only.
like wise for some user i want to give access for barcode editing but want to block them from editing description so the description editing ppl should not complain about any changes.

hope this question is clear if not then please contact me on my skype account so i can complete this task.

thanks & regards


SKype ID- hacker_ng



This will be done by creating two new roles which have different permissions of the form for both the users. for example user 1 will have permissions to edit the descriptions on the form while everything else will only be read only and user 2 will have access to only edit the bar codes while everything else on the form will be read only. By controlling the permissions on the form we can control the access that we allow the users of the form.

Leave a Comment

Name (required)
Email (required)
Comment (required)

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>