2-controlware:04authorizationmonitoring:4link_authorizations

  

How to link Authorizations

This chapter describes how permission sets can be linked

Every standard competence represents a certain task or certain dataset where to one or more users have the authorizations. To evaluate the quality of the authorizations for these competences, allowed permissions have to be linked to the standard competence. In the sub window of the window %1 allowed permissions can be linked to a standard competence.

Follow the steps below to link the allowed permissions:

  1. Open the window Standard Competence.
  2. Determine the standard competences for a permission set (formerly user role).
  3. Select in the field Object Type the object type of the allowed permission you want to link. In many cases this is the object type ‘Table Data’.
  4. Select in the field Object ID by using the arrow down button the object ID of the allowed permission you want to link. The field Object Name is filled automatically.
  5. Select in the fields Read, Insert, Modify, Delete and Execute the permissions that apply to the allowed permission. Select the minimum required permissions of the standard competence. The permissions Read, Insert, Modify and Delete only apply to the object type Table Data, the permission to Execute is applicable to the other object types.
  6. Repeat these steps until all your allowed permissions you want to monitor are linked to the standard competence.

Attention! It is important to set unique objects to a permission set, in other words, which objects to which permissions are minimum requirement for a permission set? Usually you need the permissions toInsert, Modify andDelete.

Example:

The role Item maintenance includes read, insert and modify permissions on table 27 (Item). Normative terms, the only user who can create and modify items is the Item Manager. Other users have read permission for items. The standard competence Item Maintenance provides the permission to insert and modify on table 27 (Item).

Before checking the actual authorizations, the system needs to know the users that are allowed to have the standard competences. The assignment is not down on user level, but is possible by assigning organizational roles (formerly User Profiles).

Follow the steps below to link organizational roles:

  1. Open the window Organizational Role per Competence.
  2. Link the organizational role to a standard competence by selecting Related Information, Organizational Roles per Competence.

Afbeelding

  1. Add or delete a organizational role with the standard method of Dynamics NAV (Ctrl+N or Ctrl+Del).
  • 2-controlware/04authorizationmonitoring/4link_authorizations.txt
  • Last modified: 2020/10/23 12:38
  • by luukvm