The latest platform release notes for D365FO 10.0.31 has recently been made public, there were a couple security and audit related features I wanted to highlight.

‘Can Be Deleted From UI’ Security Role Property

There is a new property on security roles called ‘Can Be Deleted from UI’. This setting controls where a particular security layer can be deleted via the D365FO user interface.

The default setting for this feature is Yes. If set to No, when a security layer deletion is attempted, the following error occurs:

‘DisableDatabaseLogging’ Table Property

There is a new table metadata property called ‘DisableDatabaseLogging’ which will control whether a particular table can be setup to be tracked via the native Database Log within D365FO.

The default value for this setting is No. If set to Yes, then the table will not be able to added when configuring what to track via the database log.

Unfortunately, I was not able to get this functionality to work as even when enabled this the table showed up to track in the database log setup and audit data showed up in the database log:

This was after a full solution build, database sync, and even restarting the local server to ensure I wasn’t missing anything. I will have to look into this functionality more to see if there is something I am missing.

Allow Row Version Change Tracking For Tables and Data Entities (Preview)

A new metadata option for tables has been added to track changes via a row version column within D365FO. This feature is a product of the D365FO and Dataverse unification I mentioned in this blog post about a Charles Lamanna interview on the topic recently.

Before enabling this feature for a data entity there are a couple of prerequisites:

  • All tables used as a data source within a data entity must have this feature enabled
    • By doing this a SysRowVersionNumber column is created on the table and is updated whenever an insert or update event occurs, changes to the table row can then be identified by comparing the current value of this column to the previous value
  • The data entity must not use a custom query
  • The data entity cannot have any filters applied to any data source
  • The data entity cannot have any ‘group by’ condition applied
  • The data entity cannot have a non-table data source (such as another view)
  • The data entity must only contain ‘outerjoin’s (no inner joins or exists joins)
  • The relationship of the data sources must be ‘many to one’
  • The total count of datasources for the data entity must be less than 10

This type of tracking is required for a number of Dataverse features including: data archival, Synapse integration, mobile office, and relevance search.

Track Changes for Virtual Tables in Dataverse (Preview)

This feature is also part of the D365FO and Dataverse unification and requires that the previous ‘Allow Row Version Change Tracking’ feature is enabled for it to work. It also requires that the D365FO data entities must be visible in Dataverse.

If the above criteria are met, then you can follow these steps within Power Apps to enable change tracking to D365FO data entities.