The security tool in Microsoft Dynamics AX Security 2012 R3 is built to help organizations create and manage secure ERP implementations. Illustrated with MorphX, X++ coding, snapshots, and figures, this chapter intends to provide you with the basics to transform the knowledge to seamlessly implement security configurations into practical steps that are needed to develop an efficient security environment. In this chapter, we will broadly look at:
Introducing the MorphX development tool
Developing a security artifact using AOT
Validating and testing a security privilege
Applying a configuration key
By going through this chapter, you will briefly know the fundamentals and security concepts in the Microsoft Dynamics AX product. The security architecture in the Microsoft Dynamics AX product consists of the infrastructure security and the application security (https://technet.microsoft.com):
The different blocks in this architecture are as follows:
Infrastructure security: The Microsoft Dynamics AX infrastructure is based on the following features:
Active Directory services
Integrated windows authentication
Computer networking
Secured servers' machine
Application security: Application security has the same features as those listed for infrastructure security and includes the following additional features:
Active Directory users added to Microsoft Dynamics AX and granted access to use the application
Domains that are groups of the company accounts in Dynamics AX
Record-level security to restrict or permit users to access specific fields and tables
Security keys that allow users to access specific forms, reports, or menus
By focusing on application security, we are going to break it down into the following points that should be considered when securing the Dynamics AX server:
Application file server: The application files should be restricted to the application object server domain account
Database server: The database server should be secured using the recommended SQL server security solution
Application Object Server (AOS): The AOS should be restricted to the log directory for only the AOS account directory and the administrator
Enterprise Portal: Securing the Enterprise Portal starts with Microsoft Internet Information Services (IIS) using the Secure Sockets Layer (SSL) and another built-in feature called Business Connector
This is the high-level security architecture of the Microsoft Dynamics AX product that you should gain knowledge about before proceeding to the security features that enable administrators, technical consultants, and programmers to secure the application. We are going step by step to deliver proper experience and practices through this chapter.