Following is just my draft article to summarize my idea/ experience about how to setup security for AX.
One of the pain point of deploying solution to client is to setup security. The reason is that there is no template in security for different companies.
In order to setup security for Axapta, consultant has to know:
• Company Departments/subsidiaries and who to do what: for ex: manager and his assistant have a right to setup a new discount amount for a item, other member in that department has right to create new sales order (1)
• Company business workflow: The business workflow determines how documents are moving/ transferring between departments. For ex: a sales order can be created/confirmed by Commercial team but the packing slip is done by warehousing team, and the sales invoice is posted by accounting team (2)
As its difficulties, a consultant who setup AX security should to know: (3)
o All information above (1),(2)
o Technical design underneath application: (license code, configuration key, security key, company domain in AX, record level security, field security, tables, menu items,….). In addition, when new modules/ functions are added into AX, the security should take into consideration. It includes (4):
Require new configuration key? If yes, the license purchase from Microsoft should take into consideration, add new configuration key is required
Require new security key? If yes, the license purchase from Microsoft should take into consideration, add new security key is required. If no, which security key will be the parent key for new modules/functions
Security in added code.
So security should take into consider at the first phase as much as possible.
In my opinion technical consultant (that understand buz workflow + has training manual from functional consultant) is a suitable person to setup AX security
So before start to setup AX security, consultant has to:
• Has enough information about (1), (2): requisition
• Has knowledge about (3)
• Good design/documents about (4)
Best practice for AX security setup:
• Define domain.
• Turn configuration key on/off
• Setup access level for parent key
• Disable unnecessary features/forms by using security keys
• Turn on features that are going to be used
How to test security?
One of the first idea comes out is that we add a test user account in to AX system and login a workstation to test.There are not such tools to test it automatically at this moment. To save time we can reate a new user account, assign user to a member group and test manually. By using runas command we can setup and test in the same PC.