Business PlatformsMicrosoft

Microsoft Dynamics Security – AX 2012 vs. D365 Finance (Part 2)

Kristin JenisonChris Katz
March 17, 2020
4 min read

Welcome back to this two-part blog series about the high-level differences in security features between AX 2012 and D365 Finance. Last week, in Part 1, we discussed the Dynamics security model and a couple of notable changes in the way security is managed. In this post, we will explore changes to the user interface that are helpful for understanding and troubleshooting security.

 Understanding and troubleshooting security

Task recordings

While the task recorder is not a brand-new concept, its functionality has been greatly enhanced in D365 Finance. The task recorder can capture a user performing a process (such as creating an invoice or making a payment), and then generate an output that outlines all of the individual actions taken throughout that process. This is a valuable feature that can be leveraged by trainers and end users while trying to teach and understand step-by-step navigation.

How does this help with security? The Security diagnostics for task recordings feature has the ability to interpret a task recording and produce the list of securable objects required to complete the recorded process.* This gives an advantage during role creation or troubleshooting, as the access required for specific tasks can be quickly identified. Within the interface, it is also possible to search for an existing user, and the tool will display whether the user currently has access to each of the required permissions.

*One known drawback of the Security diagnostics for task recordings feature is that it only captures menu item display objects. Be wary that menu item action and menu item output objects will not show up in this feature.

URL vs. navigation bar

An obvious difference between AX 2012 and D365 Finance is that activities are performed in a web browser instead of a desktop application. With this, it is possible to view the URL of each screen within the application. Often, the name of the menu item associated with the current page is contained within the URL. This can help provide additional clues when creating or troubleshooting security access.

The ability to view the URL will be increasingly helpful as another feature of AX 2012 goes away. In AX 2012, the navigation bar proved useful for troubleshooting because a security administrator could immediately identify the screen a user was on and how he or she navigated there. In D365 Finance, this feature often comes disabled by default. Presently, it can be re-enabled (System administration > Setup > Client performance options > Enable legacy navigation bar); however, this feature will be completely removed by April 2020 (more information here).

Form Information

In AX 2012, one of the most common ways administrators can determine a missing menu item is by navigating to the appropriate menu/button in the user interface, right clicking it, selecting personalize, and then reviewing the detail behind the button. Security teams will rejoice in hearing that this troubleshooting option remains alive and well in D365 Finance. In D365 Finance, system administrators can right click the desired menu/button, hover over form information, and then click on the form name. This will bring up a window with details about the menu/button. Additional information regarding which security objects are required to make the menu/button function can be found in the administration section.

Security diagnostics

The last new D365 Finance feature we will cover is the security diagnostics menu item. This feature lives in the options tab and will show all security roles, duties and privileges which contain access to the current form. This allows security administrators to quickly identify which role a user might need to perform a specific activity, or whether the access a user is currently assigned aligns with what they need. Due to the simplicity and quick results of this tool, it’s become a favorite quick shortcut for many security teams.

 

As far as maintaining application security, D365 Finance features both new functionality and old favorites from AX 2012. Leveraging helpful new tools such as the task recorder and security diagnostics should help increase the ease of understanding and troubleshooting Dynamics security both during and after the upgrade from AX 2012 to D365 Finance.

To learn more about Protiviti’s Microsoft capabilities, please visit our Microsoft Solutions site or contact us.

Join our Microsoft Dynamics 365 for Finance and Operations Webinar, Thursday, March 26 at 1:30 p.m., eastern. Register now!

Kristin Jenison

Senior Manager
Enterprise Application Solutions

View all posts

Chris Katz

Associate Director
Business Application Solutions

View all posts

You may also like

Subscribe to Topics

Protiviti Technology Follow

Protiviti leverages emerging technologies to innovate, while helping organizations transform and succeed by focusing on business value.

ProtivitiTech
protivititech Protiviti Technology @protivititech ·
25 Jul

Protiviti’s @KonstantHacker chats with guest @RichardBlech of @XsocCorp about a high-performance symmetric encryption solution that will provide in-depth defense against the threat of fault-tolerant #QuantumComputing. Listen now: https://ow.ly/9oVU50SJklj #ProtivitiTech

Reply on Twitter 1816504643360358712 Retweet on Twitter 1816504643360358712 1 Like on Twitter 1816504643360358712 1 Twitter 1816504643360358712
protivititech Protiviti Technology @protivititech ·
25 Jul

Protiviti’s Joe Corrado will join a #Nintex panel for a July 30 webinar to discuss how document automation boosts #RevOps efficiency and sales. Register today to get access to expert tips and real-world success stories. https://ow.ly/LSsf50SJnaY #ProtivitiTech

Reply on Twitter 1816443898970898615 Retweet on Twitter 1816443898970898615 Like on Twitter 1816443898970898615 Twitter 1816443898970898615
protivititech Protiviti Technology @protivititech ·
24 Jul

The world was dealt a massive wakeup call after a #CrowdStrike software update caused global IT outages. In the aftermath, business leaders should take the opportunity to reboot tech resiliency. Learn more from the latest #VISIONbyProtiviti: In Focus: https://ow.ly/R2vU50SJrAT

Reply on Twitter 1816169832544432319 Retweet on Twitter 1816169832544432319 Like on Twitter 1816169832544432319 Twitter 1816169832544432319
protivititech Protiviti Technology @protivititech ·
24 Jul

#VISIONbyProtiviti: In Focus discusses a U.S. judge’s recent ruling that rejected #SEC oversight of #cybersecurity controls in the case against SolarWinds, the impact of the decision, and why it matters. https://ow.ly/Ph7j50SIbLH #ProtivitiTech

Reply on Twitter 1816111993767547294 Retweet on Twitter 1816111993767547294 Like on Twitter 1816111993767547294 Twitter 1816111993767547294
protivititech Protiviti Technology @protivititech ·
17 Jul

How can organizations tackle internal tech tickets when a team is remote? Protiviti’s Kim Bozzella recommends fully leveraging the features of their #IT service management software. Learn more: https://ow.ly/Yf3J50SEy7u #ProtivitiTech #Forbes

Reply on Twitter 1813635582964183412 Retweet on Twitter 1813635582964183412 Like on Twitter 1813635582964183412 Twitter 1813635582964183412
Load More