Thursday, February 7, 2013

AX 2009 security profiler tool

I know this post is outdated but then again there are still people out there running AX 3.0. I still think its worth throwing out there so here it is.

Security is always a pain point in ERP applications. Its one area that greys the line between functional and technical. AX security in versions 2009 and before pretty much required the configuring users to be somewhat technical and know their way around the AOT fairly well. In AX 2012, security has changed to role-based and is significantly different. I'd say it still helps quite a bit to be technical in this new security model but its not as necessary as the previous versions

Anyways, for AX versions 2009 and before, the hardest part was finding out the name of the AX objects and tying them to a security key for access permissions. This could be very time consuming. There is a person over at Microsoft AX Support who wrote an AX utility (Security Profiler Project 2009) to help speed this process along and make it easier for functional people to configure security. She's always been awesome to work with and it's a very useful tool. I've used it before and liked it a lot but find that I can do it on my own faster (but I've also logged over 1200 hours of security configuration and support work). For most people, this tool will be a fantastic and all previous clients I've had use it love it.

Some things to note is that this utility only records menu items that are not calling classes or menu items within classes. These issues shouldn't be too crazy for someone using this application as a starting point or not getting too granular with restricting access.

Note for this tool: The existing AX class we hook into gets used every time a form or report is opened in AX so the tool will slow performance down – so don’t load this in a production environment.

As a reminder for AX security, always start with full privileges and then take away. There are some issues if starting with nothing in a group and adding to it.

http://blogs.msdn.com/b/emeadaxsupport/archive/2010/05/25/ax-2009-securityprofiler-tool.aspx

No comments:

Post a Comment