Microsoft Dynamics Security – AX 2012 vs. D365 Finance (Part 2)

Welcome back to this two-part blog series about the high-level differences in security features between AX 2012 and D365 Finance. Last week, in Part 1, we discussed the Dynamics security model and a couple of notable changes in the way security is managed. In this post, we will explore changes to the user interface that are helpful for understanding and troubleshooting security.

 Understanding and troubleshooting security

Task recordings

While the task recorder is not a brand-new concept, its functionality has been greatly enhanced in D365 Finance. The task recorder can capture a user performing a process (such as creating an invoice or making a payment), and then generate an output that outlines all of the individual actions taken throughout that process. This is a valuable feature that can be leveraged by trainers and end users while trying to teach and understand step-by-step navigation.

How does this help with security? The Security diagnostics for task recordings feature has the ability to interpret a task recording and produce the list of securable objects required to complete the recorded process.* This gives an advantage during role creation or troubleshooting, as the access required for specific tasks can be quickly identified. Within the interface, it is also possible to search for an existing user, and the tool will display whether the user currently has access to each of the required permissions.

*One known drawback of the Security diagnostics for task recordings feature is that it only captures menu item display objects. Be wary that menu item action and menu item output objects will not show up in this feature.

URL vs. navigation bar

An obvious difference between AX 2012 and D365 Finance is that activities are performed in a web browser instead of a desktop application. With this, it is possible to view the URL of each screen within the application. Often, the name of the menu item associated with the current page is contained within the URL. This can help provide additional clues when creating or troubleshooting security access.

The ability to view the URL will be increasingly helpful as another feature of AX 2012 goes away. In AX 2012, the navigation bar proved useful for troubleshooting because a security administrator could immediately identify the screen a user was on and how he or she navigated there. In D365 Finance, this feature often comes disabled by default. Presently, it can be re-enabled (System administration > Setup > Client performance options > Enable legacy navigation bar); however, this feature will be completely removed by April 2020 (more information here).

Form Information

In AX 2012, one of the most common ways administrators can determine a missing menu item is by navigating to the appropriate menu/button in the user interface, right clicking it, selecting personalize, and then reviewing the detail behind the button. Security teams will rejoice in hearing that this troubleshooting option remains alive and well in D365 Finance. In D365 Finance, system administrators can right click the desired menu/button, hover over form information, and then click on the form name. This will bring up a window with details about the menu/button. Additional information regarding which security objects are required to make the menu/button function can be found in the administration section.

Security diagnostics

The last new D365 Finance feature we will cover is the security diagnostics menu item. This feature lives in the options tab and will show all security roles, duties and privileges which contain access to the current form. This allows security administrators to quickly identify which role a user might need to perform a specific activity, or whether the access a user is currently assigned aligns with what they need. Due to the simplicity and quick results of this tool, it’s become a favorite quick shortcut for many security teams.


As far as maintaining application security, D365 Finance features both new functionality and old favorites from AX 2012. Leveraging helpful new tools such as the task recorder and security diagnostics should help increase the ease of understanding and troubleshooting Dynamics security both during and after the upgrade from AX 2012 to D365 Finance.

To learn more about Protiviti’s Microsoft capabilities, please visit our Microsoft Solutions site or contact us.

Join our Microsoft Dynamics 365 for Finance and Operations Webinar, Thursday, March 26 at 1:30 p.m., eastern. Register now!

Kristin Jenison

Senior Manager
Enterprise Application Solutions

Chris Katz

Technology Consulting - Enterprise Application Solutions