SEC03: Dynamics AX 2012 Security A Functional How2 Approach

Transcription

1 SEC03: Dynamics AX 2012 Security A Functional How2 Approach GG Rowe, PMP and Oregon (Portland) Chapter Leader Planar Systems Inc., IT Project Manager gg.rowe@planar.com, Ph: cell:

2 Welcome!

3 Sec03 Dynamics AX 2012 Security A Functional How2 Approach Session Description: Listen as a fellow user shares their overview of Dynamics AX 2012 Security Structure and how it related to their implementation and overall strategy for security. See how security fit into their overall ERP schedule/timeline, what implementation security lessons were learned, and how security was factored into the project Implementation and post project activities. 3

4 How To Earn Your CPE Credits Attend any session noted as CPE Eligible You MUST complete a survey, ALL fields IMPORTANT: Include your Registration ID number in the survey Without that, you will not be able to receive the credit Turn in your survey Speaker AXUG Employee (Frank, Heather or Tonya) Registration DCI Booth in EXPO 4

5 Agenda Introduction Security Structure How2 s Strategy used Advice board

6 Which will you be? or??? AX Security

7 A little about me 6 yrs. IT Project Manager AX 2012 CU3 Implementation & Support Cross functional teams All business functions 15 yrs. Apps Development Mgr ERP Implementations & Support Multi-regional, multi-vendor Supply Chain Confi denti al

8 Planar Systems, Inc. From desktop and touch screen monitors to video walls. From information to inspiration. Industry leaders rely on Planar s differentiated digital display technology for a range of applications. When image experience matters. 8

9 Security Structure Processes Roles 6 processes ~ 80+ roles Duties Privileges Permissions Process Cycles (Operational end to end flows) Expenditure purchase order flow Conversion internal factory flow Cost accounting Revenue sales order flow Human capital management Information technology NOTE: 3 rd Party software has unique process flows Roles (Hierarchical) Worker, clerk, agent lowest level worker, typically can t complete a transaction Supervisor, manager functional module parameters and transaction approvals (posting journals) Company officers mostly inquiry, but some module parameter access

10 What s in a name? Processes Roles It can be very telltale Duties 800+ duties Privileges privileges Permissions AX Duty naming convention: Worker: Inquire into... and Maintain Supervisor/Manager: Review, Enable, Approve Note: Management reporter access is inherited AX Privilege naming convention: Update: Maintain, Create, Update, Delete.. Inquiry: View, Preview, and Generate

11 What can I do? Roles Processes Duties Privileges AX Permissions: Defines level of access to tables, menus, functions, etc. Within the UI as a security administrator, these permissions can be changed. BUT changes are global. If you want to only change it for a certain duty or role, you will need a developer to access the AOT to copy a privilege and then change an embedded permission. Permissions

12 User Groups Can be used as an additional layer of security General ledger journal names Inventory journal names AX validates user is a member of the user group Note: this is a deprecated feature

13 How2: View Process, Duties, Privileges CLICK RT CLICK

14 How2: View Roles CLICK RT CLICK

15 How2: Edit Permissions CLICK RT CLICK

16 How2: Maintain Role CLICK RT CLICK

17 How2: User groups CLICK RT CLICK General ledger\setup \Journals\Journal names Inventory and warehouse management\setup \Journals\Journal names, inventory

18 How2: Access single user CLICK RT CLICK

19 How2: Access multiple users CLICK RT CLICK

20 How2: Limit access CLICK RT CLICK

21 Planar s AX Security Strategy Custom functional roles One custom role per function or department Embedded standard AX roles Cloned standard AX roles and removed specific duty/privilege Lead roles Custom role for super user or manager Parameter and module settings Analyst roles Wide sweeping inquiry roles were created for the data analysts User Groups Used for GL journals and Transform PDF editing NOTE: Roles can only have 3 levels of nesting!

22 How2: Application Object Tree CLICK RT CLICK

23 How2: Security Object CLICK RT CLICK ~~~

24 Security Development Path Initiate and Design Project Key Tenets, Benefits, Leads given System Scope, Roles and Administrator to allow Responsibilities process definition Core Team Training Global Design Session Prototyping/Conference Room Pilot 1 (CRP1) Document user and system requirements Develop and Test Perform configurations and build Moved test to plans standard roles IT Development CRP2, CRP3, & Developed CRP4 custom roles & refined Refinements / Issue resolution Document Then shifted Process to custom Flows and Planar SOPs roles Implementation Planning Final Review: Production Rollout User Acceptance Testing (UAT) Sign off by Leads for golive setup Company Training Production Cutover Go-Live User access Support requests to Helpdesk, IT Apps for new/changed roles. Planar Systems

25 Advice board Create a role to contain inhouse development How2 AX Navigation CLICK RT CLICK Planar Systems

26 Which will you be? or??? AX Security

27 The Survey Says Helps AXUG improve They really do read EVERY one Improvement starts with your feedback There is a survey for EACH session Get one from your speaker/session leader Fill it out Turn it in Speaker AXUG Employee (Frank, Heather or Tonya) Registration DCI Booth in EXPO 27

28 q & A and Thank you! GG Rowe, IT Project Manager, Oregon (Portland) Chapter Leader gg.rowe@planar.com, Ph: cell: