Engineer / Solution Architect / Dynamics 365-AX Technical Consultant / Instructor (MCT)

In this article, I will try to explain how to create authorization objects from Visual Studio through the Dynamics 365 Finance and Operations development environment. In my article named How to Define Authorization from Dynamics 365 Finance and Operations Interface? I explained how the authorization objects are created from the interface. As I said in that article, my preference is to create the authorization from the development environment. There are several reasons. Most importantly, objects created from the development environment can be included in version control. In this way, they will be directly in your package and the transfer to the desired environment will be made with your development. I think it’s easier to manage.

I will now do the same example that I did in my previous article through Visual Studio. My test user only has the System user role.

Image-1

My test user can only see two modules in these roles.

Image-2

I want to authorize the All customers form.

Image-3

I find the relevant MenuItem on VS. This will be my entry point (EntryPoint) and all authorization assignments will be done through this entry point.

Image-4

I go to my project and add a new object.

Image-5

First, we will create a Privilege. I select and name it, and click add.

Image-6

Drag and drop the CustTableListPage MenuItem to the Entry Points tab of the Privilege created. Entry point is created. From its properties, select delete as the Access Level. Delete means full authorization. You can choose the level you want from here. Update and Correct might be confusing for you. Update is the data update authorization. Correct is used in tables with Valid Time State property.  Valid Time State is a mechanism that allows you to perform automatic date checks. I will prepare an article about this later.

Image-7

Now create a Duty.

Image-8

Drag and drop the Privilege to the Duty you created.

Image-9

Next step is creating a role.

Image-10

If you want, you can grant Privilege directly to the role you created, but it’s best to follow the steps. That’s why we used Duty. You can drag and drop it. The new role is created.

Image-11

In some cases, it may be necessary to clear the Caches. You can call the SysFlusData class as shown in Image-12.

Image-12

Objects you create via VS will not appear directly in the application. I’m not so sure why but they are visible after DB sync. This is actually data. I don’t know why it needs that.

Image-13

After these operations, you will see the objects you have created when you open the application.

Image-14

You assign roles to our test user.

Image-15

When you log in to the application, you can see the All Customers form.

Image-16

In this article, I tried to explain how to create security objects via VS. You must take the security and authorization very seriously. If not set up correctly, it can get messy. Try to manage it from the highest level possible. If you go deep into details, it becomes very difficult to manage. Do it if the new role is really required. Use Duty to get things done as much as possible. Do not assign more than 3-5 roles to a user. Too many roles can lead to performance issues.

Regards.

www.fatihdemirci.net

TAGs: Microsoft Life Cycle Services, LCS, Azure, Azure DevOps, Security , Microsoft Dynamics 365, MsDyn365FO, MsDyn365CE, MsDyn365, Dynamics 365 Insights Power BI, Power Automate, Power Apss, Power Virtual Agents, what is Dynamics 365, Dynamics 365 ERP, Dynamics 365 CRM

Microsoft iş çözümlerini tanıyalım. ERP, CRM, BI, AI, Bulut ve ötesi.

Bu yazıda size Microsoft iş çözümlerini tanıtacağım. Microsoft iş çözümlerine çok fazla yatırım yapıyor. Bunun sonucu olarak sürekli yeni bir ürün çıkıyor veya olan bir üründe isim ve içerik değişikliği olabiliyor. Bu bazen bizim için bile kafa karıştırıcı oluyor. Çok ayrıntıya girmeden aşağıdaki resimde bulunan her kutucuğu size izah etmeye çalışacağım.

Resim-1

Read more

In this article, I will try to explain the Dynamics 365 Finance and Operations security architecture. There is a docs article that I like very much, I will try to recap the topics by referencing it. It is very important to understand the security infrastructure. In today’s projects, managing security and authorization can be a very demanding process. In order to manage the needs correctly, it is necessary to know the infrastructure and the features, capabilities and constraints of security tools. In this article I will address the following topics. I did not translate them into Turkish. Sometimes there is a semantic shift, so I think explaning them is better.

•             Security architecture

•             Role-based security

•             Duties

•             Privileges

•             Permissions

•             Authentication

•             Authorization

•             Auditing

Finance and Operations application uses role-based security structure. Authorizations are given to roles, users are not directly authorized. Users are assigned roles. A user without any role has no authority in the system. The user assigned the admin role has full authorization. More precisely, they are not subject to any restrictions. Role-based security is a hierarchical structure as seen in Image-1.

Image-1

Role-based security

Role-based security has actually been created parallel to the work of business units. Role is the structure in which the necessary authorizations are gathered for a position with certain duties to fulfill those duties. The role is actually parallel to the employee’s actual job in the company. It does not mean that every employee has a role. In some cases, a single person may be managing different business processes. So they must have multiple roles. It is essential to organize roles according to the job, not the person. At least one role is required to log into the system. Generally, everyone is given the role of System User.  You can use the System administration > Users > Assign users to roles form to assign the role.

Role assignment is made by admin accounts. Basically, roles consist of Duties and Privileges.

Image-2

Duties

Duties are where the necessary authorizations are gathered to carry out a certain work process. A task can be assigned to multiple roles. Therefore, a change you make to the duty automatically affects the assigned roles. The role can be assigned directly in Privilege, but for a more manageable infrastructure, it is necessary to create and use the duties.

Image-3

Privileges

It is the structure where the authorizations required to do a certain job are gathered. For example, the payment cancellation privilege only has the authorization required to do this job. You can give this privilege directly to the role, but as I said above, it would be a better approach to collect them in duties and assign them to roles. Security and authorization objects are defined for all objects in the system. You can find and replace the ones you need and add new ones. Especially in new developments, it is absolutely necessary to create Privilege. Duty may not be required for every development. It may be enough to grant this authorization with a specific duty, but not without Privilege.

Image-4

Permissions

Permissions refers to the level of authorization to access a specific object. This can be a MenuItem or any object. Generally, authorization is given through the entry point. And these are usually MenuItems. In some cases we also use it to directly define authorization for an object of the form.

Authentication

This is my favorite feature in the new version. I can use all tools with a single email. One of them, of course, is the Finance and Operations application. To enter the application, your user login must be created. I explained it in my previous article. Usually users are expected to be in Microsoft Azure Active Directory (AAD), but you can also add external users. You can set up 2-step verification.

Authorization

Authorization controls access to the Finance and Operations application. Security permissions are used for this. Security permissions determine how certain objects of the application are accessed. These objects are: menus, menu items, action and command buttons, reports, service operations, web URL menu items, web controls and fields.

Finance and Operations application uses a context-based security, so we define the level of access to a certain object. When you associate a privilege with an entry point, you also define an access level. Such as Read, Delete, update.

Auditing

User login and logout times are recorded. You can access these records from the admin account. (System administration > Inquiries > User log).

In this article, I tried to introduce you to the security infrastructure. It is a very extensive and detailed topic. Generally, projects have a person or team responsible only for these processes. When not designed correctly, maintenance costs and problems can be annoying. It is imperative to place the due importance and test well during the project phase. Generally, since consultants have admin privileges, they can skip tests with the required roles. Here it is recommended that key users do tests with the relevant role, not as an admin. I will continue to address security-related issues.

Regards.

www.fatihdemirci.net

TAGs: Microsoft Life Cycle Services, LCS, Azure, Azure DevOps, security architecture, Microsoft Dynamics 365, MsDyn365FO, MsDyn365CE, MsDyn365, Dynamics 365 Insights Power BI, Power Automate, Power Apss, Power Virtual Agents, what is Dynamics 365, Dynamics 365 ERP, Dynamics 365 CRM

Dynamics 365 Finance and Operations Data Management 1. How to Import Data? Dynamics 365 Finance and Operations Data Management 1. How to Import Data? Now I will try to explain how we can transfer data over and over again using the project we created in that article.

We had created a transfer project for VendGroup. Currently, the data is as in Image-1.

Image-1

This is the CSV file I just created. I will use this for import.

Image-2

Open Data managament. In the All projects section, we click on our project and open it.

Image-3

Click Re-import from the Import Options tab.

Image-4

Click Upload file on the page that opens.

Image-5

Select the import file and click Upload. Then click OK.

Image-6

You have uploaded your file. Now you can click Import.

Image-7

The information screen will appear. Close it and wait for a while.

Image-8

If there is no problem, you will see a screen like the one below. If there is an error, you can see its details on this screen as well.

Image-9

I renew my form to see if it really worked and see the data is there.

Image-10

In this article, I tried to show how you can transfer data over and over again through a project that we have created and established before. These very useful features are generally used by consultants, but it is necessary to provide good training to the users and ensure that they benefit from these features.

Regards.

www.fatihdemirci.net

TAGs: Microsoft Life Cycle Services, LCS, Azure, Azure DevOps, Import, DMF, Microsoft Dynamics 365, MsDyn365FO, MsDyn365CE, MsDyn365, Dynamics 365 Insights Power BI, Power Automate, Power Apss, Power Virtual Agents, what is Dynamics 365, Dynamics 365 ERP, Dynamics 365 CRM

In this article, I will explain how to import data from Dynamics 365 Finance and Operations forms into Excel and change them in Excel. Yes, you can change the data through Excel and enter new data. Of course, it may not work the way you want in all situations, but it is quite successful in general. One of the biggest advantages of Microsoft is that all of these systems are integrated.

Let’s have a look at our example. I open the VendGroup form, from which I transferred data in my previous articles.

Image-1

From the form that opens, I click the Office icon and click Vend Group (usmf). If your form has multiple data sources and different structures, you can see several different options here.

Image-2

I click Download to download it to the local machine.

Image-3

There may be warnings due to security settings, you can accept them and continue.

Image-4

I click Trust this add-in, which will appear when you open it for the first time.

Image-5

The home page is opened. Here you must log in as an authorized user.

Image-6

If there is no problem, the form will fill automatically and the menu will appear on the right.

Image-7

I did not correctly provide the Description information in data transfer, so I correct it and send it to the system by clicking Publish.

Image-8

When I refresh the VendGroup form, I see that the updates I made through Excel are applied.

In this article, I explained how you can transfer data to Excel via any form and upload your updates via Excel to the system. Of course, this does not work efficiently for very large data, you need to be careful. It is a feature that will facilitate the daily lives of the users at many points. It would not be wrong to say that the product is used very effectively with the Office applications. It was not that easy before.

Regards.

www.fatihdemirci.net

TAGs: Microsoft Life Cycle Services, LCS, Azure, Azure DevOps, Excel Export Import, Microsoft Dynamics 365, MsDyn365FO, MsDyn365CE, MsDyn365, Dynamics 365 Insights Power BI, Power Automate, Power Apss, Power Virtual Agents, what is Dynamics 365, Dynamics 365 ERP, Dynamics 365 CRM