D5: GP to BC Adventure Series: Overview Users & Security in Business Central

 

User security refers to the implementation of measures and protocols within a system or application to control and manage access rights and permissions granted to individual users. It involves protecting sensitive data, resources, and functionalities by defining and enforcing user roles, permissions, and authentication mechanisms. User security aims to prevent unauthorized access, mitigate potential risks, and ensure that users have the appropriate level of access based on their roles and responsibilities within the organization. This practice helps maintain the confidentiality, integrity, and availability of information.

Here's my concise summary of user security in Dynamics GP compared to Business Central: In both systems, access is organized through access list or lists of objects, grouped into Tasks or Permissions, and further organized into Roles or Permission Sets, which are then assigned to individual users.

Dynamics GP

The default security settings in Microsoft Dynamics GP allow all users access to only the windows and forms in Microsoft Dynamics GP that are needed to log in to the application. After setting up new user records, you set access to companies and set up security for new users.

Creating a User 

You'll use the User Setup window to create user records. The User ID identifies each user in the Microsoft Dynamics GP system. You can't change the user ID once the record has been saved. To change a user ID, delete the user record and reenter the user record with a different ID.  

(Administration >> System >> User Setup)

A user record with the ID of "sa" (system administrator) that has access to the entire system is created by default. Some procedures within Microsoft Dynamics GP require having a user with this ID.

Company Access

After you enter user records,  each user should have access to. List of Users will be displayed on the left and all companies on the right. Mark the checkbox to give company access.

(Administration >> System >> User Access)

Security Roles

Security roles contain the security tasks that a user needs to access to do their job. Some default security roles have been created for you. For example, the ACCOUNTING MANAGER* role contains security tasks that allow a user who is assigned to this role to view General Ledger account information, enter journal entries, enter bank transactions, and perform other tasks that an accounting manager might need to perform. Those roles with an asterisk are default roles by Microsoft. 

(Administration >> System >> User Security)


Security tasks Security tasks are assigned to roles and grant access to windows, reports, files, and other resources within Microsoft Dynamics GP that users need to access to complete a specific task. Some default security tasks have been created for you. 

(Administration >> System >> Security Roles)


Each Task ID has item type you can select such as Windows, Reports, Modified Windows, Modified reports, Files, Alternate Microsoft Dynamics GP Reports, etc.

(Administration >> System >> Security Tasks)


In SQL Server, there is a security role called DYNGRP which grants permission to all objects. Users created within GP are assigned to this group as well. Restricting the DYNGRP role would probably cause more problems so leave it alone. :)

(SQL Management Studio >> SQL Server >> Logins >> select username >> Properties >> User Mapping)


Business Central

To add users in Business Central, your company's Microsoft 365 administrator must first create the users in the Microsoft 365 Admin Center. Once users are created in Microsoft 365, they can be imported into the Users window by using the Update Users from Microsoft 365 action. Users are assigned permission sets depending on the plan assigned to the user in Microsoft 365. You can then proceed to assign permission sets to the users to define which database objects, and thereby which UI elements, they have access to, and in which companies. You can add users to user groups. This makes it easier to assign the same permission sets to multiple users.

On your keyboard, press ALT+Q or search for Users and then choose the related link. 

Permission Sets is like Security Roles in Dynamics GP. 

(Alt+Q >> Users)

Once you click on the ellipse button, you will see all default permission set available.  
Can I create a copy an existing Permission Set?

Certainly, you have the option to create a new permission set by duplicating another. It is recommended to retain the original copy and implement your modifications on the duplicated set as a best practice.

(Alt+Q >> Permission Sets)



How to give user access to multiple companies?

In the User Setup window, select a user and then select the Permission set to assign per company.  If a user requires access to All the companies in the database you can leave the Company field blank in User Permission Sets, you do not repeat.  However, if a user requires more than one out of many companies like for example 2 out of 5 or 6 out of 10 company access, you need to repeat the permission set per user for each company.

(Alt+Q >> Users)


Can I create a User Group?

You can set up user groups to help you manage permission sets for sets of users within your company by department, by group, by class, etc.  When users or user groups are created, you must assign permission sets to each to define which objects a user can access. First, you must organize the relevant permissions in permission sets. To quickly define a new user group, you can copy the permission sets from an existing user group to your new user group. 

(Alt+Q >> Users  Groups)

 How to generate User Security Report for Auditors?

In Dynamics GP, there are two reports auditors want. (1) Security Role Assignment and (2) Security Role Setup.   This report will give them information about Users name, roles and to see what tasks are included in each role.

Reports >> System >> Security


In Business Central, it is  found in Permission Set by User.  It will list down all Permission Sets and checkboxes are marked if a user has access to specific permission sets.

(Alt+Q >> Users)

For additional resources please click these links: Microsoft Learn and Security in Business Central.




Comments

Post a Comment

Popular posts from this blog

D8: GP to BC Adventure Series: My Comprehensive Playlist of Business Central Microsoft Learn

Image
Welcome to my meticulously curated PLAYLIST of Microsoft Learn, tailored to streamline and organize your journey through Microsoft Business Central's learning process. Why is it easier to learn when sorted by module, you ask? Imagine stepping into a well-organized library where every book is precisely shelved by genre and subject matter. Similarly, this playlist serves as your digital roadmap, offering clear signposts along the path to proficiency. By sorting the content by module, you gain several advantages: 1. Logical Progression: Begin with foundational concepts before gradually delving deeper into more complex topics. This sequential approach ensures you build a robust understanding from the ground up. 2. Focused Learning: Dive deep into specific areas of interest without the distraction of unrelated topics. Whether you're honing your skills in financials or mastering inventory management, each module provides a focused learning environment. 3. Easy Reference: Need to ...
Read more

D9: Podcast: Navigating my Journey from GP to Business Central

Image
 Honored to join with the amazing hosts and Microsoft MVPs Brad Prendergast and Kristoffer Ruyeras on the Dynamics Corner Podcast. I had a privilege to share about myself as a missionary, church volunteer, counselor, Dynamics community volunteer, and of course my journey from Dynamics GP to Business Central. I was able to share many valuable insights on migrating from Dynamics GP to BC. You will also hear what I'm currently working on to be released by September this year! See you at # DYNAMICSCONLIVE ! I'm thrilled to announce that on May 16th at 9:15 am, I'll be taking the stage as a speaker to dive into the real-world scenario of GP to BC Migration. If you haven't registered yet here's the link: https://lnkd.in/ghVb5PJB Use my code: CD2024 to get 15% OFF. Link to Dynamics Corner Chair Podcast Cecile Dinh, a missionary and consultant with 25 years of experience using Dynamics GP, recently shared her transition experience from GP to Business Central (BC). ...
Read more

D10: DUG Webinar: GP to Business Central - The Ultimate Beginner's Guide

Image
  This event is produced in conjunction with Dynamics User Group (DUG) and its members. This session is designed to give you a head start in working with Business Central so you quickly feel at home in transitioning from Dynamics GP to BC without the hustle of reading through hundreds of pages of documentation. What you'll learn: Mastering the user interface of Business Central Navigating in Business Central Editing records in Business Central Creating new records in Business Central Finding records in Business Central Personalizing the user interface of Business Central Being prepared to work with Business Central on a daily basis Previous Blogs: D1: Understanding Database & Environments D2:   How to Create Environments D3: How to Create Companies D4: Overview License & Pricing D5: Overview Users & Security D6: My Home Page D7: Navigate in GP like BC? D8: My Playlist of Business Central  Microsoft Learn D9: Podcast - Navigating my Journey ...
Read more