Also Recommended: Best Practices for Setting Up Security in NAV
The release of NAV 2017 includes many new things and improvements. If you want to read about what’s new you can check out this blog: New in NAV 2017.
The improvement we are most excited about can be found in the permissions recorder that makes setting up permissions even easier. In Dynamics NAV 2017 the permissions recorder now will capture the related access that is needed. For example, if we use it to make a new role for creating, editing and deleting a vendor; it will also include any execute permissions on tables, codeunits, queries and reports. In NAV 2016 it did not include the additional access. Setting up permissions properly is an important part of the controls needed to manage segregation of duties. It’s important to know what people have access to and what they are doing with the access in the system.
When setting up permission it is very important to really evaluate the permission sets that come out of the box with NAV. Most of the permission sets include way more permissions than people need and make it very hard to break down to what you are granting access. It is critical to sit down and design the roles that make sense for your organization before you start trying to build them. It’s a lot like saying I want to build a house, but I want to design and build it at the same time. If you are trying to design at the same time you’re building you might end up with 10 bed rooms and no bathrooms because the architect and the contractors are working at the same time. For more tips on designing security you can checkout this blog:
It is really easy to use the permissions recorder in NAV 2017. Watch our YouTuBe Video, or follow the steps below.
Search for permissions sets in the window or navigate to them via Departments – Administration – IT Administration – General – Permissions Sets.
The permission set window will open.
Click on “New” to create a new permission set and then type a name and description for the permission set.
Click on “Permissions”
The Edit permissions window will open.
Click on “Add Read Permission to related tables” if you would like to include all access to the tables when you enter a Vendor. For example, if you want the role to be able to do a look up for the Country/Region table to see the codes.
Click on the start record permission button.
A window will open and ask if you want to begin the recording. Click on “Yes.”
Go to the Vendors list and then click on “New” to create a new vendor record.
Enter the information required to enter a vendor. If you want to capture the permissions for modifying and deleting a vendor, make sure you modify a field and then delete the vendor when you are done.
Go back to the Edit Permissions screen and click on stop recording.
Click “Yes” when the following window appears.
All of the permissions will be added in the screen.
The permissions will include the tables, reports and queries that are needed to access while setting up a new vendor.