Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
This article explains how to set up worker access by legal entity.
Applies to these Dynamics 365 apps:
Human Resources
Employees are employed in legal entities. Here are some examples:
- Aaron Con is employed in the USSI legal entity.
- Ahmed Barnett is employed in the USMF legal entity.
- Alicia Thornber is employed in the GLSI and USMF legal entities.
Depending on a user's role in the company, they might require access to view all employees across all legal entities. Alternatively, a user might have to be restricted, so that they can view only employees in the legal entity that they have access to. To control which employees a user can view, select the Restrict access to worker information parameter on the Human Resources shared parameters page.
For example, a user has access to the Worker page and has access only to the USMF legal entity. In this case, the user can view the following information for the employees in the preceding list:
- If the feature for restricting access to worker information isn't enabled, the user can view information for Aaron, Ahmed, and Alicia.
- If the feature is enabled, the user can view information only for Alicia and Ahmed, because they're also employed in the USMF legal entity.
View worker information
If the feature for restricting access to worker information is enabled, the restricted user sees the worker's name in some lists.
For example, a user who has access only to the USMF legal entity experiences the following behavior:
- In the Active positions list, the Worker column will show Aaron's name. If the user hovers over the worker's name, only the name and title will be shown.
- If the user drills down on the worker's name, a blank Worker page will appear.
Tip
If you want restricted users to see blank values for worker names, add the Restrict access to workers security privilege to the user roles on the Security configuration page.
After you enable the feature, you must complete some extra steps to set permissions for each user whose view must be restricted.
- On the Users page, select a user.
- Select a role for the user. The Assign organizations option becomes available.
- Select Assign organizations.
- On the new page, select Grant access to specific organizations individually, and then select the organizations that the user should have access to.
- Repeat steps 2 through 4 for every other role that the user has, including the system user role.
Note
The legal entities that a user has access to must match across all the user's roles.