Microsoft has added some additional new security reports that can be accessed through the web application. These can be found by going to System Administration -> Inquiries -> Security. Under this section you will find four reports:
- User Role Assignments
- Security Role Access
- Role to User Assignments
- Security Duty Assignments
User Role Assignment
Shows the user to role assignment and if the access is restricted to any legal entities.
Security Role Access
Shows the roles effective access based on the duties, privileges, and tables assigned to the role. Also shows the effective license required for the role based on its access to entry point objects. It breaks out the access into the following types:
- Menu Items (Display, Action, Output)
- Form Control
- Table Field
- Data Entity
Role to User Assignment
Shows the role to user assignment and if the access is restricted to any legal entities.
Security Duty Assignment
Shows the role to duty assignment, especially useful if using the out of the box segregation of duties functionality. This report again also shows the effective license type required for users assigned to this role as well.
All of these reports allow for a number of filtering, output options, and options for batching the report execution. They also allow exporting to Excel, PDF, and XML as well a number of other file types.
These reports have been sorely missed in previous versions of D365 Enterprise and AX 2012, I will say that the layout of these reports (especially in Excel) makes it a little hard to discern the information and filter but it definitely is a step in the right direction for baseline security reporting.