dynamicsaxinsight: Extensible data security policy for financial reports
The purpose of this blog post is to demonstrate how we can achieve data filtration through Extensible Data Security (XDS) policies which cannot be achieved using Role-Based Security (RBS).
Dynamics 365 for Finance and Operations
This blog post uses Microsoft’s demo company data to demonstrate the concepts and processes and hence therefore doesn’t violate any data confidentiality policies.
In D365FO, Financial reports are stored in FinancialReports table in AxDB unlike in AX 2012 where they used to get stored in the reporting database and could be filtered per user through report library permissions feature in Management Reporter. However, we still can filter financial reports per user using the XDS policies.
Consider we need to configure security for a user such that he/she could only see reports under Housing Reports folder.
1. Create a query
Create a query. Add FinancialReports table as a data source. Add range for field Folder. Set value to Housing Reports.
2. Create a security policy
Create a security policy. Set the properties as highlighted. Please note that we are using RoleProperty as ContextType. Further we are using the primary table, FinancialReports as the constrained table as well. That’s why, we are not adding any other constrained table to the policy. Lastly, set the query to the one created above.
3. Synchronize the database to let the policy take effect.
4. Create a new security role
Create a new security role or use an existing one to update the Security policy context string value to the context string value we used on the security policy. This binds the security policy with the security role and eventually to the user.
Make sure the role has relevant duties to maintain or view financial reports.
Login with the user which is assigned this security role and bingo see the magic! Only reports under Housing Reports folder are accessible to this user.
Расскажите о новых и интересных блогах по Microsoft Dynamics, напишите личное сообщение администратору.
|emeadaxsupport: SEPA affected objects||Blog bot||DAX Blogs||0||29.11.2013 13:11|
|daxserver: Best Practices, Tips and Tricks for Implementing XDS (Extensible Data Security) policies||Blog bot||DAX Blogs||0||27.06.2013 06:16|
|sjakalax: DAXCONF - Role-based security (RBS) and eXtensible Data Security (XDS)||Blog bot||DAX Blogs||8||13.04.2011 06:50|
|wiki.dynamicsbook: Changes Made in Navision Attain 3.60||Blog bot||Dynamics CRM: Blogs||0||02.09.2008 13:23|
|Inside Dynamics AX 4.0: The Security Framework||Blog bot||DAX Blogs||0||31.10.2007 11:40|
|Опции темы||Поиск в этой теме|