Security Development Tool for Dynamics AX 2012

Dynamics AX 2012 has a new role based security architecture. To those who have worked on AX 2009, this is a change from what they have worked before, in terms of developing security. This post will not go in great detail in an attempt to explain the new architecture. There is good documentation out there that can help you understand the new security framework.

Here are a couple of links to help you with that:

https://technet.microsoft.com/EN-US/library/gg731779.aspx

https://blogs.msdn.com/b/dax/archive/2011/09/26/securing-peace-of-mind-the-microsoft-dynamics-ax-2012-security-model.aspx

This particular blog post addresses the developers who are going to develop security artifacts for AX 2012 implementations. Developing security for the AX 2012 system can sometimes be challenging for developers. In order to reduce the time and complexity involved in creating security artifacts for Dynamics AX 2012 and also providing easier debugging ability to the developer, we have released a new tool called Security Development Tool for Dynamics AX 2012 on InformationSource a while ago. However, I am mentioning the tool here for greater visibility because not everyone who could benefit from it has yet heard about its existence or is aware of its powerful capabilities.

 

What is it?

The Security Development Tool has the following capabilities and features:

  • Simplify the creation and maintenance of security artifacts such as Roles, Duties and Privileges
  • Creation of new security artifacts on the basis of access through various entry points
  • Ability to test newly created or modified security Role, Duty or Privilege from a development workspace with the security permissions associated with that security artifact, without using a different test account
  • Ability to record business process flows and identify the entry points used, to speed up development of security artifacts
  • Ability to view effective named user license values at different security artifact levels

Where can I get the tool?

The tool is available on https://informationsource.dynamics.com/ under the ‘Services’ section. In order to access either InformationSource, you need either a valid PartnerSource or CustomerSource account.

The user guide for the tool can be found here: https://technet.microsoft.com/en-us/library/hh859729.aspx 

What versions of AX 2012 will this tool work on?

This tool will work on AX 2012 RTM, AX 2012 R1 and AX 2012 R2

Please try out this tool when you next get a chance to develop your security artifacts and provide us feedback on it.

Comments

  • Anonymous
    September 23, 2013
    Concerning this feature: •Ability to record business process flows and identify the entry points used, to speed up development of security artifacts Whenver I select Start Recording in the tool and Stop I get a message "no entry points recorded."  I am going thru the same steps as the video recording on Information Source - selecting Sales Clerk and then going into the app and selecting Vendor / New etc. Not sure why my entry points are not added to the grid. Thanks for your help

  • Anonymous
    February 23, 2014
    The tool isnt available for download anywhere, at least not as a customersource user. informationsource.dynamics.com/.../RFPSLHost.aspx doesnt list it. informationsource.dynamics.com/.../RFPSLHost.aspx which is linked to by the article technet.microsoft.com/.../hh859729.aspx takes a suspicious three minutes to load on an ultra fast connection (google loads in under a second), and then brings to the root of information source. I am really frustrated, what is the deal? Does anybody know? it seems like every time i need to use customersource or information source for anything related to 2012, i hit a dead end.

  • Anonymous
    February 25, 2014
    I'm also getting a "no entry points recorded" error message like Rick.  Has anyone seen this error?  There's no support anywhere for this I can find. Thanks, Tyler

  • Anonymous
    March 03, 2014
    @Steven: The tool is very much there if you were to go to InformationSource. It is listed under the tab 'Services', once you sign in to InformationSource. Can you try that and see if it works for you? AFAIK, if you have CustomerSource credentials, you should be able to log into InformationSource and have access to the tool. Regards Parth [MSFT]

  • Anonymous
    March 03, 2014
    @Rick, Tyler: For the issue where you get 'No entry points recorded', can you please clarify which version of AX are you in? In particular what Cumulative Update have you installed so far? We have a known issue that caused a problem with the behavior of this tool due to a fix in CU6 that was installed on top of AX 2012. However, I want to make sure we are talking about the same thing here. Please let me know. Regards Parth [MSFT]

  • Anonymous
    March 10, 2014
    @Parth P AX 2012 R2 CU7 Kernel Version: 6.2.1000.4051 Application Version: 6.2.1000.4051

  • Anonymous
    March 17, 2014
    Thanks Tyler. We have identified the change that has caused a regression in the behavior of the security development tool and are actively working on a fix for the same. As soon as I have some details to share, I'll share it here on the blog. Thank you for your patience.

  • Anonymous
    April 01, 2014
    @ParthP any news on this? facing the same issue "No Entry Points Recorded" AX2012 R2 CU6 Application version: 6.2.1000.1437

  • Anonymous
    April 03, 2014
    "No Entry Points Recorded" modify class SysSecurityRecorder_1CC4B7A84D53 community.dynamics.com/.../112673.aspx depending on your version the fix might vary but this should lead everybody on the right track

  • Anonymous
    April 03, 2014
    We are close to releasing a hotfix for this issue. Current ETA is before end of next week. I would hold off on patching it if you can wait that long.

  • Anonymous
    April 07, 2014
    The comment has been removed

  • Anonymous
    April 14, 2014
    A hotfix has been issued for the issue. Please take a look. blogs.msdn.com/.../security-development-tool-for-dynamics-ax-2012-issue-with-recording-entry-points.aspx

  • Anonymous
    August 20, 2014
    Is there a way to remove duties from a role using the security development tool? For Example, if I open a role and see that it has "Full Control" for "All purchase orders" in Accounts Payable, I can right click on it and reference the duties, but this only allows me to add those duties to the role, whereas I want to remove them.