You can use security scenarios to record and define all securable objects and related access levels that are required for a user to perform one or more tasks.
You can create a security role in several ways. In the Security and compliance studio, you can record the working tasks for a target user. The recording results are stored in a security scenario. You can use this security scenario to fine-tune all securable objects and related access levels that are required for the target user to perform the working tasks.
If the security scenario is complete, you can search for a role that matches the security scenario. If no perfect match is found, you can create a security role for the security scenario in several ways. You can link the matched or new security role to the applicable users.
| Name | Responsible | Description |
|---|---|---|
|
Compose security scenarios |
Security administrator |
You can use a security scenario to indicate all securable objects and related access levels that are required for a user to perform one or more tasks. |
|
Match roles |
Security administrator |
You can search for a role that matches the security scenario. If no perfect match is found, you can create a role for the security scenario in several ways. The match roles function gets the security configuration data from the latest snapshot. |
|
Assign role to user |
Security administrator |
The match roles process often results in new security roles. To access Microsoft Dynamics 365 for Finance and Operations, Enterprise edition, users must be assigned to security roles. This procedure guides you to the pages where you can:
The role assignment is validated automatically to verify if it complies with the segregation of duties rules. If enhanced segregation of duties rules are enabled, the role assignment is validated against the enhanced segregation of duties rules.
If dynamic snapshots are enabled, the role assignments are automatically updated in the latest snapshot.
|
