Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Applies To: Microsoft Dynamics AX 2012 R3, Microsoft Dynamics AX 2012 R2, Microsoft Dynamics AX 2012 Feature Pack, Microsoft Dynamics AX 2012
In Microsoft Dynamics AX, roles represent a collection of permissions, which can be granted to users. The nodes that are nested underneath each role node identify various securable objects that a user can access. And the nested nodes specify the level of access.
Role Node in the AOT
Roles are used to give access to securable objects. The following list shows the hierarchy of role nodes in the AOT:
- Security - Roles - YourRole - Duties 
- Privileges 
- Permissions - Tables 
- Forms 
- Server Methods 
 
- Sub Roles 
 
 
 
Roles are typically associated with security duties, and sometimes, security privileges. Access levels to securable objects within a role are derived from the duties, privileges, or both. Roles can also override the access levels to securable objects under the Permissions node.
Role Properties
This section describes the properties for the AOT node at Security > Roles > YourRole.
| Property | Required | Description | 
|---|---|---|
| Name | Yes | The name of the role. | 
| Label | Yes | The text that appears on the user interface for the role. | 
| Description | Yes | The description of the role. | 
| Enabled | Yes | The enable value. This field can contain one of these values: 
 | 
| PastDataAccess | Yes | Specifies the past data access for the tables with date effective fields. The value can be one of the following: 
 The permission values for the PastDataAccess property represent a hierarchy. Read is the weakest permission, and Delete is the strongest. Delete permission includes every other permission. Create permission includes Update and Read. You can set the permission value to NoAccess to prevent all access to the table. | 
| CurrentDataAccess | Yes | Specifies the current data access for the tables with date effective fields. | 
| FutureDataAccess | Yes | Specifies the future data access for the tables with date effective fields. | 
| ContextString | Optional | A user-defined string that can be used by security policies. | 
Duty Properties
This section describes the properties for the AOT node at Security > Roles > Duties > YourDuty.
| Property | Required | Description | 
|---|---|---|
| Name | Yes | The name of the duty. | 
| Enabled | Yes | The enable value. The value can be one of the following: 
 | 
Privilege Properties
This section describes the properties for the AOT node at Security > Roles > Privileges > YourPrivilege.
| Property | Required | Description | 
|---|---|---|
| Name | Yes | The name of the privilege. | 
| Enabled | Yes | The enable value. The value can be one of the following: 
 | 
Table Properties
This section describes the properties for the AOT node at Security > Roles > Permissions > Tables > YourTable.
| Property | Required | Description | 
|---|---|---|
| Table | Yes | The name of the table. | 
| EffectiveAccess | Yes | The permission value. The value can be one of the following: 
 The permission values for the EffectiveAccess property represent a hierarchy. Read is the weakest permission, and Delete is the strongest. Delete permission includes every other permission. Create permission includes Update and Read. You can set the permission value to NoAccess to prevent all access to the table. | 
| ManagedBy | Optional | This property is reserved for use by automation tools. | 
Form Properties
This section describes the properties for the AOT node at Security > Roles > Permissions > Form > YourForm.
| Property | Required | Description | 
|---|---|---|
| Form | Yes | The name of the form. | 
Server Method Properties
This section describes the properties for the AOT node at Security > Roles > Permissions > Server Methods > YourServerMethod.
| Property | Required | Description | 
|---|---|---|
| Class | Yes | The name of the server class. | 
| Method | Yes | The name of the secure server method tagged with the SysEntryPointAttribute attribute. | 
| EffectiveAccess | Yes | The permission value. The value can be one of the following: 
 | 
| ManagedBy | Optional | This property is reserved for use by automation tools. | 
Sub Role Properties
This section describes the properties for the AOT node at Security > Roles > Sub Roles > YourSubRole.
| Property | Required | Description | 
|---|---|---|
| Name | Yes | The name of the subrole. | 
| Enabled | Yes | The enable value. The value can be one of the following: 
 | 
See also
Role-based Security in the AOT for Developers
Announcements: New book: "Inside Microsoft Dynamics AX 2012 R3" now available. Get your copy at the MS Press Store.