Dynamics AX
  RSS Feed  LinkedIn  Twitter
Want to turn you're data into a true asset? Ready to break free from the report factory?
Ready to gain true insights that are action focused for truly data informed decisions?
Want to do all of this across mutliple companies, instances of Dynamics and your other investments?
Hillstar Business Intelligence is the answer then! (www.HillstarBI.com)

Hillstar Business Intelligence for Microsoft Dynamics AX and NAV on Mobile, Desktop, Tablet


Let us prove to you how we can take the complexity out of the schema and truly enable users to answer the needed questions to run your business! Visit Hillstar Business Solutions at: www.HillstarBI.com

Thursday, May 10, 2012

AX 2012 - Using Active Directory Groups for Security





I wanted to spend a little time in this post, to focus in on somthing that I don't think has had a lot of coverage, but is somthing worth while to note. You have seen me post, in the past about security for AX 2012, with the following.:

Well today, I wanted to spend time on this topic again, and focus back on the fact that you can make use of Active Directory Groups when creating user accounts inside Dynamics AX 2012. I'm not talking about the import process by AD Group, which is possible and speeds things up a bit. No, I'm talking about assigning a User Account Type of Active Directory Group.

We start by going to the System Administration module, Common, users, Users form. In doing this, we need to click on the new user button that you see in the image below.:



In doing this, we should see a screen similar to what you see below, which is from the Public Sector, demo image for AX 2012.



Now that we have this form openned, we are ready to add our AD group, user account type. It's important to point out, that you must start with changing the account type on the form to Active Directory group as shown below.



Now that we have this, and have selected the desired starting legal entity, we can move to setting the user id, which is the internal user id used in AX 2012 that is assiocated to every transaction done by someone within this group from Active Directory.

Filling this out, next we want to enter in the Network Domain, and finally the Alias that is used within AD to identify the group. Since we are using the Demo image, we will make use of a group from Contoso.com. I'm going to make the choice of CSHelpDesk, in this case. In doing this, and filling out the form, you should see something similar to the below.



Notice, that the user id for this AD Group is set, along with I've assgined a Security Role to this AD Group. This Security Role not is applied to all users within the Active Directory Group. Further, what needs to be understood, is that user options as well as Role Center profile assoication is now tied to the AD Group vs. specific AD users.



With this, we can see how an Active Directory Group can be assigned security rights within AX 2012. However as you can see from the above, things like internal user id for AX, user options & Role Center profiles are not actually AD user specific in this setup. Further, user relations as it relates to employee information, becomes disconnected and not possible. So you have some considerations to keep in mind when you make the choice of using Account Type of Active Directory group vs. Active Directory user.

Well that's all for now, check back soon as more to come. Till Next Time!



Top 100 Update: I did want to take this time, at this end of this post and say I'm Honored to have been listed again in the DynamicsWorld.co.uk Top 100 most influential people in the world for Microsoft Dynamics. This year I was ranked 19! Congrats to everyone on the list and it's my honor to be listed among such great people. The work that everyone does to build this community, always encourages me! A direct link to the ranking can be found here.: Top 100 - Brandon George - 19


Visit Hillstar Business Intelligence (www.HillstarBI.com) in order to truly unlock your data trapped in your Microsoft Dynamics investment. With our value driven business intelligence strategy Hillstar help you transform into a data informed company.


Follow Me @:
RSS Feed  LinkedIn  Twitter

"Visit the Dynamics AX Community Page today!"

Labels: , , , , , , , , ,

3 Comments:

Anonymous Anonymous said...

Good article to know that we can add an AD group as a user but can please share what is the application of this?

10:12 PM  
OpenID janeteblake said...

This is very nifty! I think this is what my customers are doing, but AX assigns them meaningless user ID's. Is there a way to make it pull the name from AD, or must this be done manually? Thank you!

9:52 AM  
Anonymous Anonymous said...

@janeteblake you can just click the import button and follow the step.

11:15 PM  

Post a Comment

Links to this post:

Create a Link

<< Home


Copyright 2005-2011, J. Brandon George - All rights Reserved