Unlike AX2012, one of the major Dynamics 365 FinOps architecture differents, is the D365 application and development environment separation, which means that we will have a different approach to manipulate the created objects during runtime which resides on the environment but will not exist in the AOT. Security data are concerned as well.
Security is combined into privileges, and privileges are combined into duties. but where they are stored and how managed in the system?
Security data stored in the following system tables:
- Roles: Securityrole Table
- The system SecurityRole table reflects the list of roles defined by the security AOT role node
- Listing of all security roles in the system, represented by their AOT name, Name and description
- Duties: Securityduty Table
- The system SecurityDuty table reflects the list of duties defined by the security AOT duty node
- Listing of security duties, represented by their unique Identifier, Name and Description
- Privileges: SecurityPrivilege Table
- The system SecurityPrivilege table reflects the list of privileges defined by the security AOT privilege node.
- Listing of security privileges, represented by their unique Identifier, Name and Description.
Run-time vs Development Workspace
When a new security object created, and depending where it has been added (AOT/UI), the Identifier field value will take different value . if :
- User Interface: the « Identifier » takes an automatic value auto-generated by the system.
- this value will value will exist in the global XML file when you export the security data.
- this auto generated value can be changed manually
- Visual Studio: a new record will be added in this table, the « Identifier » field takes automatically the « AOT » field value of the created and published securable object in the User interface/AOT.