An Update to ‘Creating a Read Only Role for D365FO – User Interface’

by | Jun 20, 2022 | Dynamics 365 for Finance and Operations | 2 comments

I had a comment on one of my blog posts that Microsoft had updated the functionality that existed to help create a read only role from the D365FO user interface so I wanted to show how much easier it is to perform this process now.

In my previous post, I showed how you had to manually manipulate an XML file and use regular expressions find/replace to achieve the desired security file to be imported. This is no longer required as Microsoft has included a an option to ‘select all’ objects within a security dialog.

To utilize this option:

1) Go to System Administration -> Security Configuration

2) Go to privileges and create a new privilege

3) Click on Display Menu Items then click on ‘Add References’

4) In the dialog that pops up, click on the check mark in the menu bar next to ‘Name’ (this selects all options in the dialog)

5) In the bottom of the dialog, select which permission you would like to apply across all selected items (in our case we would select the Grant option on Read)

6) Click OK

Once we publish this privilege, we can validate that this process was successful by selecting our privilege we just created and clicking on ‘View Permissions’:

While the process I wrote about in my initial post is still valid, I think we can all agree the process above is much easier.

2 Comments

  1. Ananda Subramanian S
    Ananda Subramanian S on June 22, 2022 at 3:56 am

    Just a thought – Will it be worth to add Action Menu Items as well with the same Grant Read permissions. Most of the Forms have buttons that is also controlled through Action Menu items also.

    Reply
    • Alex
      Alex on June 22, 2022 at 8:39 am

      Ananda,

      The problem with adding menu item actions to a ‘read only role’ is that menu items actions are either that you have access to the item or not. Granting Read access to the object is the same as granting Delete access, and some menu item actions allow you to perform transactions within the system (posting journals, printing checks, etc).

      The argument could be made to add menu item outputs to this role as these are just reports generated by the system. But in most cases a users looking for this type of role just want read access to all forms in the system which correspond to menu item displays.

      Reply

Submit a Comment

Your email address will not be published.