Howdy, Stranger!
Categories
- All Categories
- 73 General
- 73 Announcements
- 66.6K Microsoft Dynamics NAV
- 18.6K NAV Three Tier
- 38.4K NAV/Navision Classic Client
- 3.6K Navision Attain
- 2.4K Navision Financials
- 115 Navision DOS
- 854 Navision e-Commerce
- 1K NAV Tips & Tricks
- 772 NAV Dutch speaking only
- 615 NAV Courses, Exams & Certification
- 2K Microsoft Dynamics-Other
- 1.5K Dynamics AX
- 298 Dynamics CRM
- 109 Dynamics GP
- 10 Dynamics SL
- 1.5K Other
- 993 SQL General
- 384 SQL Performance
- 34 SQL Tips & Tricks
- 34 Design Patterns (General & Best Practices)
- Architectural Patterns
- 10 Design Patterns
- 5 Implementation Patterns
- 53 3rd Party Products, Services & Events
- 1.7K General
- 1.1K General Chat
- 1.6K Website
- 79 Testing
- 1.2K Download section
- 23 How Tos section
- 259 Feedback
- 12 NAV TechDays 2013 Sessions
- 13 NAV TechDays 2012 Sessions
Security in multicompany environment
Denis_Petrov
Member Posts: 107
A bit advanced question on the database security:
How to easily set up an access for a person to process let's say payroll in (only) certain companies? The issue of using field Company with proper value is understood, the problem is that we have over 170 companies and need to limit 1. So, if there are 30 roles an average user has (with ALL being first one) does it mean that each user must be set up 30*170=5100 entries? We do have few dozens users by the way.
I have been using ALL with appropriate companies setup only (other roles did not have any Company values/restrictions ), it was working fine in 3.01 native Navision. Now in 4.01 it seems to be a security breach since users without ALL CompanyX role still are able to access and view certain records in CompanyX.
All other roles do not have any forms in them, only tables. The ideal solution seems not to have CompanyX appear in the list companies...
Any ideas?
Thanks to all![/b]
How to easily set up an access for a person to process let's say payroll in (only) certain companies? The issue of using field Company with proper value is understood, the problem is that we have over 170 companies and need to limit 1. So, if there are 30 roles an average user has (with ALL being first one) does it mean that each user must be set up 30*170=5100 entries? We do have few dozens users by the way.
I have been using ALL with appropriate companies setup only (other roles did not have any Company values/restrictions ), it was working fine in 3.01 native Navision. Now in 4.01 it seems to be a security breach since users without ALL CompanyX role still are able to access and view certain records in CompanyX.
All other roles do not have any forms in them, only tables. The ideal solution seems not to have CompanyX appear in the list companies...
Any ideas?
Thanks to all![/b]
Best regards,
Denis Petrov.
Denis Petrov.
0
Comments
Depending upon how you have your company setup you can now use the navigation Pane as part of your security access.
This essentially assigns users to be able to acces or deny access to certain modules or forms within a company based on either a user group or individual login.
If you wish to deny access to a company completely i would use the company field, if you want to stop them having access to certain part of the company (assuming they are not super users) then restrict them via the navagation panel.
if they still have access despite the removal of all is it possible you are using windows secuirty and they are inheriting rights from another group the user belongs to ?