How to: Design Permissions for Fields in a Table

Applies To: Microsoft Dynamics AX 2012 R3, Microsoft Dynamics AX 2012 R2, Microsoft Dynamics AX 2012 Feature Pack, Microsoft Dynamics AX 2012

You can use the AOT to design permissions for the fields in a table. By changing the EffectiveAccess property in permissions for each of the fields you can control the application user access to those fields. For example, you can control whether the application user can view or edit some of the fields on a form based on the security role assigned to the application user.


To understand this walkthrough topic, you first need to understand the following areas:

Preliminary Environment

This topic assumes that several AOT items already exist, or that you can imagine them. The items are as follows:

  • Table – Person table, with fields City, Name, and Zip.

  • Form – FieldsForm form.

  • Data source – Person table as the data source for FieldsForm form.

  • Menu – Home > Common menu, which might already exist.

  • Menu Item – FieldsMenuItem menu item, with its ObjectType property set to Form, and its Object property set to FieldsForm.

  • Security > Privilege – TestFieldPrivilege privilege.

  • Privilege > TestFieldPrivilege > Entry Point – FieldsMenuItem, with its ObjectType property set to MenuItemDisplay.
    You can test with different values for the AccessLevel property, but start with Update.

The following image displays a project that contains almost everything in the preceding list. In the next section you create the node AOT > Security > Privileges > Permissions > Tables > Person, and the field nodes under it.


The project that you create

Create Field Permissions

You can create field permissions for TestFieldPrivilege by following these steps:

1. Add the Person table to the TestFieldPrivilege privilege. Do this by dragging the node
 AOT > Data Dictionary > Tables > Person 
onto the node at
 AOT > Security > Privileges > TestFormPrivilege > Permissions > Tables.


Drag operations are easier when you have two AOT windows open. You can drag from one AOT to the other.

  1. On the new Person node, set the EffectiveAccess property to Update.

  2. At Data Dictionary > Tables > Person > Fields, highlight all fields and drag them onto the TestFieldPrivilege > Permissions > Tables > Person node.

  3. Set the EffectiveAccess property for each new field node as follows:

    • City – Update

    • Name – Read

    • Zip – NoAccess

Next Steps

You can test your security settings by starting the Microsoft Dynamics AX client as a user other than the system administrator. For more information, see How to: Test the Role-based Security Configurations under AOT Security.

See also

Security Permissions Properties for a Form

How to: Test the Role-based Security Configurations under AOT Security

How to: Create a MorphX Development Project

Walkthrough: Creating a Form by Using the AOT

Walkthrough: Using Roles and Privileges to Control Access to Forms

How to: Create Tables

Assign users to security roles

Announcements: New book: "Inside Microsoft Dynamics AX 2012 R3" now available. Get your copy at the MS Press Store.