mibuso.com
Home NAV Three Tier

A security filter has been applied to table General Ledger S

engsiong75engsiong75 Member Posts: 143
edited 2014-10-30 in NAV Three Tier
Hi

I am working on a NAV 2013 R2. I was setting up the security when users started complaining that they could not login. I found that when they login, there was this error message. “A security filter has been applied to table General Ledger Setup. You cannot access records that are outside of this filter.”

I assumed that the error implied that a user had a security filter on the Table General Ledger Setup. It turned out that that was not the case. It was because there was a Permission for the TableData for ObjectID 0. There was Indirect for the Read Permission, Insert Permission and Modify Permission. Once I have deleted this permission, the program worked as normal.

Naturally, I think that the product needs a more accurate permission error.

Comments

  • einsTeIn.NETeinsTeIn.NET Member Posts: 1,050
    Permission setups on Object ID 0 will be applied to all Objects of that Type. Since General Ledger Setup might be the first Table that leads to a problem if it's affected by that setup, you will get exactly that error message. I mean, why should any system in the world check if an error is related to a more general issue if it is able to give you a more specific error message? If you setup a field to contain a maximum value than you expect to get an error message like "Max value is 10" instead of "This value is not allowed".
    "Money is likewise the greatest chance and the greatest scourge of mankind."
  • engsiong75engsiong75 Member Posts: 143
    The point is that the permission to login is already sufficient for the users to login. Adding additional permission to Table 0 should not change anything. The logic of the permission is that if the permission does not allow the user to access any data, it will look for other permission which will grant it access. Only when it fails will there be an error message. Apparently for Table 0, we have to rethink the understanding of the permission of the table.

    This issue has an interesting side effects. One day when I was at the customer's office, the users suddenly encountered this issue. I checked with the administrator and I found out that she was in the middle of adding a new permission in the Permission Set BASIC but she had not found the correct table. The Object ID was zero and the permission to Read, Modify, Insert and Delete was all blank.

    The administrator was in the middle of setting up a permission caused all the users immediately to have login issue. Now when she is creating new permission in the Permission Set, she changes the Object ID from 0 to 3 first before looking for the table.
  • einsTeIn.NETeinsTeIn.NET Member Posts: 1,050
    First of all just to make sure (but I'm sure you already know), there's difference between Object Type "Table" and Object Type "Table Data".

    And of course, you can login to the database if you only have an account. But you can't open any Company since some initial settings are necessary, that's nothing uncommon from my point of view.
    "Money is likewise the greatest chance and the greatest scourge of mankind."
Sign In or Register to comment.