Segregation of Duties in D365FO
May03

Segregation of Duties in D365FO

I’ve referred to the Segregation of Duties (SOD) feature in Dynamics 365 for Finance & Operations before but haven’t really gotten into the specifics of the feature itself, what it allows you to do and the shortcomings/gaps. What is Segregation of Duties? The idea of Segregation of Duties (aka Separation of Duties) is that a single user should not be able to perform certain actions in a… Continue Reading...

Read More
Presenting at Upcoming Microsoft Dynamics Conferences
Mar01

Presenting at Upcoming Microsoft Dynamics Conferences

DynamicsCon (virtual) When: March 15 – 17th 2022 Price: Free Register Here Session Information: Common D365FO Mistakes and How to Avoid Them I am co-presenting this session with another Microsoft MVP Andre Arnaud de Calavon. In this session, we will demonstrate real-world common D365FO security mistakes that customers make, discuss why these actions can introduce risk into your organization,… Continue Reading Alex’s...

Read More
Comparing D365FO Security Between Versions
Feb22

Comparing D365FO Security Between Versions

A frequent request I get is with OneVersion updates in D365FO, how do we as end users know what security changes are occurring between D365FO versions? A fellow Microsoft MVP, Nathan Clouse, reached out to me asking about wanting to add the same information to his dynamics.fo website. He has dedicated this site to show changes that are occuring between D365FO versions. We decided to… Continue Reading Alex’s Article on...

Read More
How to Use Temp Tables as Grid Datasources for Data Analytics in D365FO
Feb01

How to Use Temp Tables as Grid Datasources for Data Analytics in D365FO

I was recently asked to find a way to perform some simple data analytics across some data within D365FO. In my case, this was audit data that could easily be millions of records so just exporting to an Excel file to do this was not really an option. Instead I wanted to build a simple form that would perform the analysis for me. Note: This could also be done very easily within a full data… Continue Reading Alex’s Article on...

Read More
Voting Now Open for DynamicsCon 2022 Sessions
Jan10

Voting Now Open for DynamicsCon 2022 Sessions

Voting has now opened for DynamicsCon 2022 sessions! I have submitted two different sessions and there are many more great sessions to check out and vote for! Be sure to get your votes in before January 19th 2022! Successfully Navigate D365FO User Licensing Do you find user licensing in D365FO confusing? Do you second guess the number and type of licenses you need? Are you worried you are… Continue Reading Alex’s Article...

Read More
Automated Solution to Find Table Relations in AX 2012 and D365FO
Jan04

Automated Solution to Find Table Relations in AX 2012 and D365FO

Problem For anyone that has dealt with creating queries in AX 2012 and D365FO, you know it can be extremely difficult to determine possible table relations between tables. To help with this Microsoft released an ERD for AX 2012 (this can still be used for D365FO), unfortunately they no longer maintain this project but do allow for others to host it themselves. This ERD helps to show the… Continue Reading Alex’s Article on...

Read More
Get Custom D365FO Objects at Runtime Using X++
Dec21

Get Custom D365FO Objects at Runtime Using X++

A while back, I asked a question on the D365FO forums about being able to generate a list of custom objects within an environment at runtime via X++. I never followed up on my answer there so I wanted to give a detailed response to how I ended up solving this. Before We Begin In the discussion on my initial question post it was brought up that you should be using a source control system (TFS,… Continue Reading Alex’s...

Read More
Restoring Deleted Security in D365FO
Dec15

Restoring Deleted Security in D365FO

Recently ran into an interesting scenario where an end user deleted a security layer from the user interface and wanted to restore it. This security layer was an out of box security layer so it existed in the AOT. Here is the process on how to perform this task. Note: The following process only works in the scenario that the security layer exists in the AOT and you remove it from the user… Continue Reading Alex’s Article...

Read More
Determine Where Form Data is Stored in D365FO
Dec08

Determine Where Form Data is Stored in D365FO

There are many scenarios in D365FO where knowing where data on a form is coming from is needed. A couple scenarios include trying to write custom reports or for tracking data changes using something like the Fastpath Audit Trail tool. There are a couple different options on how to accomplish this so I wanted to walk through them. I’ve written about a similar topic to this in the past, but… Continue Reading Alex’s...

Read More
Creating a Read Only Role for D365FO – User Interface
Nov11

Creating a Read Only Role for D365FO – User Interface

I previously wrote about how to create a read only role for D365FO via the AOT. A lot of users thought my use of the term ‘easy’ in the title was misleading, which I can’t really argue with, It does get slightly technical on how to create it. So I thought it might be a good idea to make this process a little more user friendly and make a read only role that anyone could import into their… Continue Reading...

Read More
Using TPF to Protect Sensitive Data in Grid Columns for D365FO
Oct27

Using TPF to Protect Sensitive Data in Grid Columns for D365FO

I’ve covered the topic of the Table Permission Framework previously but wanted to give an example of how it can be used for protecting columns within grids in D365FO. Scenario There is a form within D365FO that contains a grid that has a sensitive data within a particular column that you would like to hide from certain users and only allow users explicitly assigned access to see/interact with… Continue Reading Alex’s...

Read More
Presenting at Upcoming User Group Conferences
Oct05

Presenting at Upcoming User Group Conferences

I’m excited to be speaking in-person at a couple upcoming conferences. I am looking forward to seeing friends and other attendees again and sharing my knowledge and expertise! Dynamic Communities Summit North America October 12th – 15th | Houston, Texas Common Security Mistakes and How to Avoid Them In this session, we will demonstrate real-world common D365FO security mistakes that… Continue Reading Alex’s...

Read More
Creating a Zip File From Multiple MemoryStreams in D365FO
Aug30

Creating a Zip File From Multiple MemoryStreams in D365FO

I recently had a requirement to take many pieces of data from D365FO, create a CSV file out of each data piece, and then wrap these files in a zip file for easy downloading by an end user. In my case, the requirement was that all of the data should be held in memory (never written to disk). I wanted to show the process of how I achieved this. Test Scenario To show how I did this I will be… Continue Reading Alex’s Article...

Read More
How to Determine Compatible Deployable Package Versions in D365FO
Aug10

How to Determine Compatible Deployable Package Versions in D365FO

Working for an ISV, whenever we release a new deployable package I get questions surrounding its compatibility with a customer’s environment. When adding a deployable package to a shared asset library in LCS, the platform version and build information is shown: This informs the end user of the D365FO version used to build this particular deployable package. The question then is of course, is… Continue Reading Alex’s...

Read More
How to Apply Multiple XDS Policies to the Same Role in D365FO
Jul26

How to Apply Multiple XDS Policies to the Same Role in D365FO

I’ve written about XDS policies and how to apply them in the past, but what about the scenario where you want to apply multiple XDS policies to the same role in D365FO? How would you go about achieving that? Test Scenario For my test scenario, I want a role to only be able to interact with Customers and Vendors that have a group (CustGroup/VendGroup) equal to 10. Steps to Implement The first… Continue Reading Alex’s...

Read More
How to Apply D365FO Extensible Data Security Based on the Current User
Jun21

How to Apply D365FO Extensible Data Security Based on the Current User

I have written in the past about Extensible Data Security (XDS) in D365FO, it has been one of my most popular posts. I often get questions about it, but one that I get quite often is wanting to apply XDS based on the current user. The use case is something along the lines of: ‘I only want a user to see sales orders/vendors/customers they created’ ‘Users should only see records where they are… Continue Reading...

Read More
Understanding Microsoft Dynamics 365 Product Naming
Jun16

Understanding Microsoft Dynamics 365 Product Naming

< div class=”et_pb_section et_pb_section_0 et_section_regular”> <div class=”et_pb_row et_pb_row_0″> <div class=”et_pb_column et_pb_column_4_4 et_pb_column_0 et_pb_css_mix_blend_mode_passthrough et-last-child”> <div class=”et_pb_module et_pb_text et_pb_text_0 et_pb_text_align_left et_pb_bg_layout_light”> <div class=”et_pb_text_inner”>There is a lot...

Read More
How to Fix Broken Security References in D365FO
Jun03

How to Fix Broken Security References in D365FO

If you have used the Security Configuration area within D365FO to remove security layers in the past, you may have noticed that there are certain security features that still show these removed security layers. To demonstrate this we will be utilizing the Security Diagnostics feature for this blog post. For those that may not know, this feature allows you to see all roles, duties, and… Continue Reading Alex’s Article on...

Read More
The Impact of Multiplexing on User Licensing in Dynamics 365
May25

The Impact of Multiplexing on User Licensing in Dynamics 365

Blog Post Co-Writer This blog post was written in conjunction with Matthias Leplae. He reached out to me inquiring about my past D365FO licensing blog posts and asked why I hadn’t written about license multiplexing and to be honest it was a topic I knew about but had stayed away from because of the complexity of it. Luckily Matthias helped with this tough topic and helped write/edit the post… Continue Reading Alex’s...

Read More
Beta Release of D365FO Security Role Test Workspace
May19

Beta Release of D365FO Security Role Test Workspace

I recently posted a video of a new project I have been working on to help with security testing in D365FO. I am now ready to officially release the D365FO Security Test Workspace solution in a Beta state for testing and feedback so I wanted to give an overview of how it works, how to set it up, and the features it offers. Microsoft’s Answers to Security Testing In AX 2012, the Security… Continue Reading Alex’s...

Read More
How to Allow Non Admin Users to Access Security Features in D365FO
May03

How to Allow Non Admin Users to Access Security Features in D365FO

I’ve written in the past about different security features that are native to D365FO, but in most cases these features require elevated privileges or even the System Administrator role to be accessible. But is there a way to grant these security features to normal users? Page Options -> Security Diagnostics The Security Diagnostics feature on a form allows for a user to determine which roles,… Continue Reading...

Read More
D365FO User Licensing Update April 2021
Apr06

D365FO User Licensing Update April 2021

In the past, I have talked about that there are two separate licensing mechanisms in D365FO: entry point and privilege based. I have recently found that there is a third… the Dynamics 365 Licensing Guide itself. Dynamics 365 Licensing Guide This is an almost 60 page document that Microsoft releases on a semi-regular basis and gives the overview of how to license Dynamics 365, the most current… Continue Reading Alex’s...

Read More
Why You Need To Be Careful When Using The MetadataSupport Library For Enums in D365FO
Apr02

Why You Need To Be Careful When Using The MetadataSupport Library For Enums in D365FO

I have used the MetadataSupport library in X++ to help get metadata information for tables, menu items, and data entities in the past. I have also used it for enums but recently found an issue when dealing with enum extensions. I initially wrote the logic to get enum metadata information like this: Which seems to work just fine, until you find an enum that contains a base enum extension, for… Continue Reading Alex’s...

Read More
Should You Apply Company Restrictions to All User Roles?
Mar29

Should You Apply Company Restrictions to All User Roles?

One security issue I’ve seen in D365FO, especially from those that have updated from AX 2012, is the idea that company/legal entity restrictions only need to be applied to the System User role and no other roles assigned to a user. What is the rationale behind this? What issues arise if this is done? And what can be done to address this? Why Apply Company Restrictions to Only the System User… Continue Reading Alex’s...

Read More
Getting Table Field Information for Form Entry in D365FO
Mar15

Getting Table Field Information for Form Entry in D365FO

There are many instances where you need to know exactly which table field is tied to an entry on a form: Interested in applying table field level security Want to turn on some type of audit trail tracking So how do we go about doing this? Right Click -> Form Information The easiest method I have found is to right click on the form field (or in some cases the form field label) and going to… Continue Reading Alex’s...

Read More
Comparing X++ vs .NET Performance and Memory Usage on Large Collections
Mar10

Comparing X++ vs .NET Performance and Memory Usage on Large Collections

After taking a little hiatus from writing I have a backlog of things that I need to catch up on for my blog. The first is a scenario I ran into recently while helping clients and has to deal with X++ and .NET performance and memory usage differences. Some Background Information To set up this scenario, within the Fastpath application (an external SAAS-based .NET application hosted in Azure)… Continue Reading Alex’s Article...

Read More
Current State of D365FO User Licensing
Jan25

Current State of D365FO User Licensing

Since I’ve written multiple posts on this topic in the past, I thought it would be a good idea to combine the different posts and create a place that I can continually update with the latest information. So going forward, while I will still have individual posts on user licensing as well, this post will always be updated with the latest information. Last Updated: 1/25/2021 Where We Started In… Continue Reading Alex’s...

Read More
Voting is Open for DynamicsCon Sessions Until January 22nd
Jan11

Voting is Open for DynamicsCon Sessions Until January 22nd

Voting for submitted DynamicsCon sessions (the FREE virtual conference that is taking place March 16 – 18th 2021) is now open until January 22nd! There are a lot of great sessions so be sure to go get registered for the conference and vote on sessions! I have one solo session available along with one I would be co-presenting with my colleague Frank Vukovits with. Understand User Licensing to… Continue Reading Alex’s...

Read More
Upcoming Sessions at Power Community D365 FinOps Summit January 29-31 2021
Dec31

Upcoming Sessions at Power Community D365 FinOps Summit January 29-31 2021

I will be presenting two sessions at the upcoming free Power Community D365 FinOps Summit being held from January 29th – 31st 2021. Be sure to register for the conference and mark your calendars as there are a lot of great sessions available! Common Security Mistakes and How to Avoid Them Join Andre Arnaud de Calavon and myself to learn about common security mistakes that many end users run… Continue Reading Alex’s...

Read More
How to Connect Power BI to D365FO Service Operation Endpoint
Dec14

How to Connect Power BI to D365FO Service Operation Endpoint

In the past, I have written about connecting Power BI to a Custom API data source. Now I’d like to talk about connecting Power BI to a custom D365FO service operations endpoint. In this example, I am going to use the Fastpath Audit Trail service operation endpoints we use for our reporting. This endpoint accepts a POST request be made against it and returns the data for the report requested… Continue Reading Alex’s...

Read More
Current State of D365FO User Licensing December 2020
Dec03

Current State of D365FO User Licensing December 2020

With D365FO 10.0.15 now generally available, its time to look to see what has been updated for user licensing. There are definitely some updates in this release! If we navigate to System Administration -> Security -> Security Configuration -> Go to a Role/Duty/Privilege -> View Permissions we can now see that the License area in the upper left hand corner now shows the privilege license SKU… Continue Reading...

Read More
How to Fix ‘The devInstall option is not applicable to the current deployable package’ Error
Nov25

How to Fix ‘The devInstall option is not applicable to the current deployable package’ Error

If you are trying to install a deployable package via command line using the AXUpdateInstaller.exe devinstall command and get this error: Here are the steps you can take to fix this issue, run the following commands: AXUpdateInstaller.exe generate -runbookid=”OneBoxDev” -topologyfile=”DefaultTopologyData.xml” -servicemodelfile=”DefaultServiceModelData.xml”… Continue Reading Alex’s...

Read More
Announcing the Release of my Dynamics 365 for Finance & Operations Security Course
Nov02

Announcing the Release of my Dynamics 365 for Finance & Operations Security Course

If you are looking for an in-depth D365FO security course that will take you from a security novice with no prior knowledge of the subject to having a deep understanding of security, audit, and compliance topics and functionality within D365FO. This is the course for you! Dynamics 365 for Finance & Operations Security Course The course covers: Understanding the D365FO Security Model Security… Continue Reading Alex’s...

Read More
Current State of D365FO User Licensing for October 2020
Oct27

Current State of D365FO User Licensing for October 2020

Microsoft recently released the 10.0.14(PU38) version of D365FO and along with that came a couple of changes for user licensing. Resource Updates I have updated the privilege to license SKU report that is available as a free resource from Fastpath. This report will show the privilege to license SKU association and then the IsUnique value for that particular privilege license combination. This… Continue Reading Alex’s...

Read More
Upcoming Sessions at Dynamic Communities Summit North America 2020
Sep24

Upcoming Sessions at Dynamic Communities Summit North America 2020

It’s that time of year again for the Dynamic Communities Summit North America conference coming up the week of October 5th – 9th. Obviously this year will be slightly different as the entire conference will be virtual but I will again be presenting a number of sessions (with some help from a colleague of mine Frank Vukovits). Educational Sessions Security Tips, Tricks, and Hacks in D365… Continue Reading Alex’s...

Read More
The Spring 2020 Edition of the Security and Audit Field Manual: D365FO Has Been Released
Sep02

The Spring 2020 Edition of the Security and Audit Field Manual: D365FO Has Been Released

The Fastpath team has released the Spring 2020 version of our Security and Audit Field Manual series for D365FO. The technical aspects of the book include features and functionality that I have found in the last year surrounding the security, audit, and compliance features within D365FO. I would like to thank Mark Polino, Trish Boccuti, Heather Robinson, and the rest of the Fastpath team with… Continue Reading Alex’s...

Read More
Current State of D365FO User Licensing for August 2020
Aug27

Current State of D365FO User Licensing for August 2020

Updating Process for Determining User Licensing In this post I don’t have any new or changing information to share about user licensing in D365FO, but I wanted to clarify the steps for determining user licensing diagram from my last post. I’ve revamped the flow of the decision tree slightly to make it more explicit and hopefully easier to read. New Licensing Guide Released by Microsoft Also I… Continue Reading...

Read More
Issue with Revoking SysAdmin Role via OData in D365FO
Aug06

Issue with Revoking SysAdmin Role via OData in D365FO

I recently ran into an interesting issue with OData that I wanted to share. Within our Fastpath product suite we have a tool called Identity Manager that helps with the compliant provisioning, modification, and termination of user and user role assignments. Our clients use this module to help ensure that users are assigned the correct access at the correct time while also keeping SOD… Continue Reading Alex’s Article on...

Read More
Vote for DynamicsCon Sessions Before August 1st
Jul29

Vote for DynamicsCon Sessions Before August 1st

In today’s world of virtual events it is easy to not know which are worth attending. But what if I told you there was a free Dynamics 365 conference where the attendees vote on which sessions will be presented. And a majority of the presenters are either Microsoft employees, Microsoft MVPs, or subject matter experts in their area. Well that’s exactly what the DynamicsCon conference is… Continue Reading Alex’s...

Read More
Current State of D365FO User Licensing for July 2020
Jul23

Current State of D365FO User Licensing for July 2020

I wanted to give a periodic update about user licensing in D365FO for July 2020. With the GA release of 10.0.12/PU36 there has been some changes regarding user licensing to address some of the issues I went over in my previous user licensing post in May. Here are some of the changes: License types available in 10.0.12/PU36 Base licenses: Finance Supply Chain Management (SCM) Commerce… Continue Reading Alex’s Article on...

Read More
Current State of D365FO User Licensing for May 2020
May21

Current State of D365FO User Licensing for May 2020

I’ve written about user licensing in D365FO in the past but because of the numerous changes Microsoft has made to licensing in the past six months I wanted to start doing periodic updates to give a current state of licensing. There are currently two different licensing mechanisms currently in use for D365FO: Analysis being done at the entry point level – Determining User Licenses in Dynamics… Continue Reading...

Read More
Easily Create a Read Only Role in D365FO
May11

Easily Create a Read Only Role in D365FO

I have gotten the question of creating a ‘read only’ or ‘view only’ role many times in the past so I thought I would show the process of how I created one. There are many reasons that a read only role would be needed: Executive/Upper Management users who need access to view information but should not be able to transact in the system Internal/External audit users who need to validate reports… Continue...

Read More
Best Practice for Moving D365FO Security Between Environments
Mar10

Best Practice for Moving D365FO Security Between Environments

One of the questions I get quite often is now that I know that security created/modified from the AOT is stored differently than security created/modified from the user interface, what is the best way to move security between environments effectively and ensure the validity of the tested security in each environment? Treat Security as Code What I mean by this is that your security should go… Continue Reading Alex’s Article...

Read More
How to Continue to Use the Table Browser Functionality Within D365FO
Feb27

How to Continue to Use the Table Browser Functionality Within D365FO

While using D365FO it is sometimes helpful to be able to view the actual data within a particular table from a web browser. This has previously been done via the SysTableBrowser menu item display, but recently there was a message on the D365UG forum that trying to navigate to this menu item was throwing an error. If you are unfamiliar with the SysTableBrowser you can utilize it by using the… Continue Reading Alex’s Article...

Read More
Upcoming Sessions at Dynamics Communities Summit Europe 2020
Feb05

Upcoming Sessions at Dynamics Communities Summit Europe 2020

We are just over a month away from the Summit Europe 2020 conferences in Barcelona, Spain. As always there is a wide variety of amazing sessions, presentations, and networking to be had. I have a number of sessions across both the extreme365 and Summit conferences surrounding security, audit, and compliance that you shouldn’t miss! Security Landscape in Dynamics and Beyond – Customer… Continue Reading Alex’s Article...

Read More
Automatic Company Restriction Assignment in D365FO
Jan30

Automatic Company Restriction Assignment in D365FO

I recently wrote about what features allow you to restrict user role assignments to a specific company/legal entity within D365FO, and another great AX developer Nathan Clouse chided me and said ‘What if someone made an open source project to change this behavior?’. After some back and forth we decided we were the people to start this project, I recently got our first feature completely so I… Continue Reading...

Read More
Options for Configuring User Legal Entity Restrictions in D365FO
Jan07

Options for Configuring User Legal Entity Restrictions in D365FO

By default, in Dynamics AX/365FO when assigning a user to a role, this access is granted across all companies/legal entities. What options do you have to restrict this? Assign Organizations Under System Administration -> Users you are able to see the roles assigned to a user. When you select a particular role you can then select Assign Organizations to restrict which companies/legal entities… Continue Reading Alex’s...

Read More
Current State of User Licensing in D365FO PU31
Dec19

Current State of User Licensing in D365FO PU31

With D365FO PU31/10.0.7 now becoming GA, we get our first look at Microsoft’s new licensing model within D365FO. I wrote about the high level changes in this post, but let’s look to see how this new licensing model is implemented. First and foremost I wanted to try and find the association between the new license types and the menu items. I started by looking at menu item objects in the AOT… Continue Reading...

Read More
Securing the Open in Microsoft Office Button in D365FO
Dec02

Securing the Open in Microsoft Office Button in D365FO

On some pages within D365FO there will be an Office button in the upper right hand corner that allows you to either export grid data to Excel or use Excel to easily update, create, or delete data. Security for these actions are controlled slightly differently than the normal menu item method instead they are controlled by security via data entities. Integration Points There are two different… Continue Reading Alex’s...

Read More
Gaps in the Security Diagnostics for Task Recordings Feature in D365FO
Nov11

Gaps in the Security Diagnostics for Task Recordings Feature in D365FO

I have written in the past about how to use the Security Diagnostics for Task Recordings feature within D365FO to help determine the securable objects consumed during a recorded business process or task. But I found while diving deeper into using the tool that there are some gaps that you need to be aware of. The Gaps 1) The access required for the objects is not shown If we look at the… Continue Reading Alex’s Article on...

Read More