SlideShare ist ein Scribd-Unternehmen logo

Automate security role assignments

A
André Arnaud de Calavon

The presentation discusses how to automate security role assignments in Microsoft Dynamics 365 for Finance and Operations using Azure Active Directory groups. It covers importing Azure AD groups, defining rules for automatic role assignment based on group membership, and using advanced queries to customize the rules. Custom queries can extend the role assignments to additional data sources beyond the default user information. The automated assignments help ensure users have the correct permissions and organizations assigned based on their attributes in Azure AD and other systems.

Präsentationen & Vorträge
1 von 32
Downloaden Sie, um offline zu lesen
Slide 1 of 3224/11/2019 How to automate security role assignments Microsoft Dynamics 365 for Finance and Operations (Microsoft Dynamics AX 2012)
Slide 2 of 3224/11/2019 Meet your presenter ▪ André Arnaud de Calavon ▪ Microsoft MVP Business applications ▪ Product Manager at To-Increase ▪ 1996-2001 Navision Financials Microsoft Dynamics 365 Business Central ▪ 2001-2019 Damgaard Axapta Microsoft Dynamics 365 for Finance and Operations  https://dynamicspedia.com
Slide 3 of 3224/11/2019 Session agenda ▪ Introduction ▪ Azure Active Directory groups ▪ Automatic role assignment ▪ How the basics works ▪ Advanced rules ▪ Extend with custom queries ▪ Simulate user groups concept from previous AX versions
Slide 4 of 3224/11/2019 Introduction ▪ Easy maintenance of user permissions ▪ Prevent incorrect role/organization assignments ▪ Azure Active Directory groups ▪ Automatic role assignment
Slide 5 of 3224/11/2019 Azure AD administration ▪ 3 administration portals ▪ AAD user authentication ▪ License assignment ▪ User group assignment
Slide 6 of 3224/11/2019 Dynamics 365 administration ▪ Automatic or manual creating user ▪ Configuration key Active Directory security group ▪ Groups setup ▪ Import from Azure AD ▪ Assign security roles
Slide 7 of 3224/11/2019 How AD groups works (1/2) ▪ Import groups ▪ User preferences ▪ Startup company ▪ Enabled
Slide 8 of 3224/11/2019 How AD groups works (2/2) ▪ Assign roles ▪ Assign organizations ▪ User preferences ▪ Language ▪ Time zone ▪ Calendar
Slide 9 of 3224/11/2019 Azure AD groups
Slide 10 of 3224/11/2019 Azure AD challenges in MSDyn365 ▪ Naming convention user ID ▪ Segregation of Duties ▪ Workflow assignment ▪ Security reports
Slide 11 of 3224/11/2019 What is automatic role assignment? ▪ Define rules ▪ Role assignment automatically updated ▪ Frequency ▪ Periodically using batch framework ▪ Manually for incidental execution ▪ Batch framework ▪ Batch job created part of your installation ▪ Set to ‘Withhold’ in demo environment > Change to ‘Waiting’
Slide 12 of 3224/11/2019 How the basics works (1/4) ▪ Create rule
Slide 13 of 3224/11/2019 How the basics works (2/4) ▪ Define query
Slide 14 of 3224/11/2019 How the basics works (3/4) ▪ Assign organizations
Slide 15 of 3224/11/2019 Basic rule
Slide 16 of 3224/11/2019 How the basics works (4/4) ▪ Automatic ▪ Manual ▪ Exclude
Slide 17 of 3224/11/2019 Advanced rules ▪ Advanced query editor ▪ Example: person setup as timesheet user Project periods
Slide 18 of 3224/11/2019 Advanced queries - initial concept Permission ObjectPermission Privilege SecurityRole User Operation «Privilege» Duty Hierarchy Hierarchy «Privilege» Privilege Hierarchy «Party» Person Job Job Function Duty Responsibility Position «Query» SecurityRoleAssignmentRule «Party» Department HR and Organization ModelsSecurity ModelSecurity Framework «Privilege» Process Task Service Party Activity SecurableObject «Permission» Permission «SecurityRole» Role
Slide 19 of 3224/11/2019 Advanced queries
Slide 20 of 3224/11/2019 Extend with custom queries ▪ Base table ▪ UserInfo ▪ Other data sources ▪ No restrictions ▪ Relations ▪ Choose ▪ Define own
Slide 21 of 3224/11/2019 Extend with custom queries ▪ Example
Slide 22 of 3224/11/2019 Extend with custom queries ▪ How to do it? UserInfo idPK DirPersonUser RecIdPK User PersonParty ValidFrom HcmWorker RecIdPK Person PersonnelNumber ValidTo HcmPositionWorkerAssign ment RecIdPK Position Worker HcmPositionHierarchy RecIdPK ParentPosition Position HcmPosition RecIdPK PositionId ValidFrom ValidTo PositionHierarchyType ValidFrom ValidFrom HcmPositionHierarchyType RecIdPK HierarchyType
Slide 23 of 3224/11/2019 Custom queries
Slide 24 of 3224/11/2019 Previous architecture and current ▪ Previous versions ▪ Current versions
Slide 25 of 3224/11/2019 Group assignments needed? ▪ Pains ▪ Many users with same profile time consuming ▪ Assigning organizations can be forgotten ▪ Options for grouping users
Slide 26 of 3224/11/2019 Team assignment option ▪ Advantages ▪ Date effective assignment ▪ Address book security
Slide 27 of 3224/11/2019 Team assignments
Slide 28 of 3224/11/2019 Enhancements/customizations ▪ User group assignment on user ▪ Team assignment on user ▪ Run role assignment manually for user
Slide 29 of 3224/11/2019 Demo
Slide 30 of 3224/11/2019
Slide 31 of 3224/11/2019 Related blog posts ▪ Standard batch jobs ▪ https://dynamicspedia.com/2014/01/standard-batch-jobs-ax2012/ ▪ Automatic role assignment ▪ https://dynamicspedia.com/2014/01/automatic-role-assignment-in- ax2012-part-1/ ▪ https://dynamicspedia.com/2014/01/automatic-role-assignment-in- ax2012-part-2/ ▪ Active directory ▪ https://dynamicspedia.com/2019/09/how-to-use-azure-active- directory-for-managing-users-and-security-in-dynamics-365-for- finance-and-operations/
Slide 32 of 3224/11/2019

Empfohlen

Azure conditional access
Azure conditional accessAzure conditional access
Azure conditional accessTad Yoke
 
Taking conditional access to the next level
Taking conditional access to the next levelTaking conditional access to the next level
Taking conditional access to the next levelRonny de Jong
 
S14 azure site recovery を利用したオンプレミスから azure のサイト回復
S14 azure site recovery を利用したオンプレミスから azure のサイト回復S14 azure site recovery を利用したオンプレミスから azure のサイト回復
S14 azure site recovery を利用したオンプレミスから azure のサイト回復Microsoft Azure Japan
 
Introduction to Identity and Access Management (IAM)
Introduction to Identity and Access Management (IAM)Introduction to Identity and Access Management (IAM)
Introduction to Identity and Access Management (IAM)Amazon Web Services
 
Azure - Identity as a service
Azure - Identity as a serviceAzure - Identity as a service
Azure - Identity as a serviceBizTalk360
 
AWS Security Best Practices
AWS Security Best PracticesAWS Security Best Practices
AWS Security Best PracticesAmazon Web Services
 
Securityhub
SecurityhubSecurityhub
SecurityhubRichard Harvey
 
AWS Enterprise Day | Journey to the AWS Cloud
AWS Enterprise Day | Journey to the AWS CloudAWS Enterprise Day | Journey to the AWS Cloud
AWS Enterprise Day | Journey to the AWS CloudAmazon Web Services
 

Empfohlen

Azure conditional access
Azure conditional accessAzure conditional access
Azure conditional accessTad Yoke
 
Taking conditional access to the next level
Taking conditional access to the next levelTaking conditional access to the next level
Taking conditional access to the next levelRonny de Jong
 
S14 azure site recovery を利用したオンプレミスから azure のサイト回復
S14 azure site recovery を利用したオンプレミスから azure のサイト回復S14 azure site recovery を利用したオンプレミスから azure のサイト回復
S14 azure site recovery を利用したオンプレミスから azure のサイト回復Microsoft Azure Japan
 
Introduction to Identity and Access Management (IAM)
Introduction to Identity and Access Management (IAM)Introduction to Identity and Access Management (IAM)
Introduction to Identity and Access Management (IAM)Amazon Web Services
 
Azure - Identity as a service
Azure - Identity as a serviceAzure - Identity as a service
Azure - Identity as a serviceBizTalk360
 
AWS Security Best Practices
AWS Security Best PracticesAWS Security Best Practices
AWS Security Best PracticesAmazon Web Services
 
Securityhub
SecurityhubSecurityhub
SecurityhubRichard Harvey
 
AWS Enterprise Day | Journey to the AWS Cloud
AWS Enterprise Day | Journey to the AWS CloudAWS Enterprise Day | Journey to the AWS Cloud
AWS Enterprise Day | Journey to the AWS CloudAmazon Web Services
 
Azure Penetration Testing
Azure Penetration TestingAzure Penetration Testing
Azure Penetration TestingCheah Eng Soon
 
Microsoft Cloud Adoption Framework for Azure: Thru Partner Governance Workshop
Microsoft Cloud Adoption Framework for Azure: Thru Partner Governance WorkshopMicrosoft Cloud Adoption Framework for Azure: Thru Partner Governance Workshop
Microsoft Cloud Adoption Framework for Azure: Thru Partner Governance WorkshopNicholas Vossburg
 
Microsoft Graphことはじめ クエリパラメータ編
Microsoft Graphことはじめ クエリパラメータ編Microsoft Graphことはじめ クエリパラメータ編
Microsoft Graphことはじめ クエリパラメータ編DevTakas
 
MTLS - Securing Microservice Architecture with Mutual TLS Authentication
MTLS - Securing Microservice Architecture with Mutual TLS AuthenticationMTLS - Securing Microservice Architecture with Mutual TLS Authentication
MTLS - Securing Microservice Architecture with Mutual TLS AuthenticationLaurentiu Meirosu
 
AWS Cloud Essentials - An Overview
AWS Cloud Essentials - An OverviewAWS Cloud Essentials - An Overview
AWS Cloud Essentials - An OverviewEdureka!
 
TechnicalTerraformLandingZones121120229238.pdf
TechnicalTerraformLandingZones121120229238.pdfTechnicalTerraformLandingZones121120229238.pdf
TechnicalTerraformLandingZones121120229238.pdfMIlton788007
 
モダンアクセスコントロール実現に向けた戦略策定方法
モダンアクセスコントロール実現に向けた戦略策定方法モダンアクセスコントロール実現に向けた戦略策定方法
モダンアクセスコントロール実現に向けた戦略策定方法Yusuke Kodama
 
CIRCUIT 2015 - Akamai: Caching and Beyond
CIRCUIT 2015 - Akamai: Caching and BeyondCIRCUIT 2015 - Akamai: Caching and Beyond
CIRCUIT 2015 - Akamai: Caching and BeyondICF CIRCUIT
 
Running Active Directory in the AWS Cloud
Running Active Directory in the AWS Cloud Running Active Directory in the AWS Cloud
Running Active Directory in the AWS Cloud Amazon Web Services
 
Azure governance
Azure governanceAzure governance
Azure governanceUdaiappa Ramachandran
 
Best practices for running Windows workloads on AWS
Best practices for running Windows workloads on AWSBest practices for running Windows workloads on AWS
Best practices for running Windows workloads on AWSAmazon Web Services
 
Cloud Governance and Provisioning Management using AWS Management Tools and S...
Cloud Governance and Provisioning Management using AWS Management Tools and S...Cloud Governance and Provisioning Management using AWS Management Tools and S...
Cloud Governance and Provisioning Management using AWS Management Tools and S...Amazon Web Services
 
Office365のIdentity管理
Office365のIdentity管理Office365のIdentity管理
Office365のIdentity管理Naohiro Fujie
 
AWS Security Hub
AWS Security HubAWS Security Hub
AWS Security HubCrishantha Nanayakkara
 
Amazon Virtual Private Cloud VPC Architecture AWS Web Services
Amazon Virtual Private Cloud VPC Architecture AWS Web ServicesAmazon Virtual Private Cloud VPC Architecture AWS Web Services
Amazon Virtual Private Cloud VPC Architecture AWS Web ServicesRobert Wilson
 
AWS Security Hub
AWS Security HubAWS Security Hub
AWS Security HubAmazon Web Services
 
PPT Azure Firewall vs 3rd Party NVA Comparison v1.0.pptx
PPT Azure Firewall vs 3rd Party NVA Comparison v1.0.pptxPPT Azure Firewall vs 3rd Party NVA Comparison v1.0.pptx
PPT Azure Firewall vs 3rd Party NVA Comparison v1.0.pptxFadhilMuhammad80
 
End to End Guide Windows AutoPilot Process via Intune
End to End Guide Windows AutoPilot Process via IntuneEnd to End Guide Windows AutoPilot Process via Intune
End to End Guide Windows AutoPilot Process via IntuneAnoop Nair
 
AWS DevOps와 ECR을 통한 Elastic Beanstalk 배포 환경 구축 및 타 환경과의 비교
AWS DevOps와 ECR을 통한 Elastic Beanstalk 배포 환경 구축 및 타 환경과의 비교AWS DevOps와 ECR을 통한 Elastic Beanstalk 배포 환경 구축 및 타 환경과의 비교
AWS DevOps와 ECR을 통한 Elastic Beanstalk 배포 환경 구축 및 타 환경과의 비교ssuserd4f9ff
 
Salesforce API Series: Fast Parallel Data Loading with the Bulk API Webinar
Salesforce API Series: Fast Parallel Data Loading with the Bulk API WebinarSalesforce API Series: Fast Parallel Data Loading with the Bulk API Webinar
Salesforce API Series: Fast Parallel Data Loading with the Bulk API WebinarSalesforce Developers
 
Best Practices for Implementing Data Loss Prevention (DLP)
Best Practices for Implementing Data Loss Prevention (DLP)Best Practices for Implementing Data Loss Prevention (DLP)
Best Practices for Implementing Data Loss Prevention (DLP)Sarfaraz Chougule
 
Understanding Data Loss Prevention
Understanding Data Loss PreventionUnderstanding Data Loss Prevention
Understanding Data Loss PreventionRaid Data Recovery
 

Weitere ähnliche Inhalte

Was ist angesagt?

Azure Penetration Testing
Azure Penetration TestingAzure Penetration Testing
Azure Penetration TestingCheah Eng Soon
 
Microsoft Cloud Adoption Framework for Azure: Thru Partner Governance Workshop
Microsoft Cloud Adoption Framework for Azure: Thru Partner Governance WorkshopMicrosoft Cloud Adoption Framework for Azure: Thru Partner Governance Workshop
Microsoft Cloud Adoption Framework for Azure: Thru Partner Governance WorkshopNicholas Vossburg
 
Microsoft Graphことはじめ クエリパラメータ編
Microsoft Graphことはじめ クエリパラメータ編Microsoft Graphことはじめ クエリパラメータ編
Microsoft Graphことはじめ クエリパラメータ編DevTakas
 
MTLS - Securing Microservice Architecture with Mutual TLS Authentication
MTLS - Securing Microservice Architecture with Mutual TLS AuthenticationMTLS - Securing Microservice Architecture with Mutual TLS Authentication
MTLS - Securing Microservice Architecture with Mutual TLS AuthenticationLaurentiu Meirosu
 
AWS Cloud Essentials - An Overview
AWS Cloud Essentials - An OverviewAWS Cloud Essentials - An Overview
AWS Cloud Essentials - An OverviewEdureka!
 
TechnicalTerraformLandingZones121120229238.pdf
TechnicalTerraformLandingZones121120229238.pdfTechnicalTerraformLandingZones121120229238.pdf
TechnicalTerraformLandingZones121120229238.pdfMIlton788007
 
モダンアクセスコントロール実現に向けた戦略策定方法
モダンアクセスコントロール実現に向けた戦略策定方法モダンアクセスコントロール実現に向けた戦略策定方法
モダンアクセスコントロール実現に向けた戦略策定方法Yusuke Kodama
 
CIRCUIT 2015 - Akamai: Caching and Beyond
CIRCUIT 2015 - Akamai: Caching and BeyondCIRCUIT 2015 - Akamai: Caching and Beyond
CIRCUIT 2015 - Akamai: Caching and BeyondICF CIRCUIT
 
Running Active Directory in the AWS Cloud
Running Active Directory in the AWS Cloud Running Active Directory in the AWS Cloud
Running Active Directory in the AWS Cloud Amazon Web Services
 
Best practices for running Windows workloads on AWS
Best practices for running Windows workloads on AWSBest practices for running Windows workloads on AWS
Best practices for running Windows workloads on AWSAmazon Web Services
 
Cloud Governance and Provisioning Management using AWS Management Tools and S...
Cloud Governance and Provisioning Management using AWS Management Tools and S...Cloud Governance and Provisioning Management using AWS Management Tools and S...
Cloud Governance and Provisioning Management using AWS Management Tools and S...Amazon Web Services
 
Office365のIdentity管理
Office365のIdentity管理Office365のIdentity管理
Office365のIdentity管理Naohiro Fujie
 
Amazon Virtual Private Cloud VPC Architecture AWS Web Services
Amazon Virtual Private Cloud VPC Architecture AWS Web ServicesAmazon Virtual Private Cloud VPC Architecture AWS Web Services
Amazon Virtual Private Cloud VPC Architecture AWS Web ServicesRobert Wilson
 
PPT Azure Firewall vs 3rd Party NVA Comparison v1.0.pptx
PPT Azure Firewall vs 3rd Party NVA Comparison v1.0.pptxPPT Azure Firewall vs 3rd Party NVA Comparison v1.0.pptx
PPT Azure Firewall vs 3rd Party NVA Comparison v1.0.pptxFadhilMuhammad80
 
End to End Guide Windows AutoPilot Process via Intune
End to End Guide Windows AutoPilot Process via IntuneEnd to End Guide Windows AutoPilot Process via Intune
End to End Guide Windows AutoPilot Process via IntuneAnoop Nair
 
AWS DevOps와 ECR을 통한 Elastic Beanstalk 배포 환경 구축 및 타 환경과의 비교
AWS DevOps와 ECR을 통한 Elastic Beanstalk 배포 환경 구축 및 타 환경과의 비교AWS DevOps와 ECR을 통한 Elastic Beanstalk 배포 환경 구축 및 타 환경과의 비교
AWS DevOps와 ECR을 통한 Elastic Beanstalk 배포 환경 구축 및 타 환경과의 비교ssuserd4f9ff
 
Salesforce API Series: Fast Parallel Data Loading with the Bulk API Webinar
Salesforce API Series: Fast Parallel Data Loading with the Bulk API WebinarSalesforce API Series: Fast Parallel Data Loading with the Bulk API Webinar
Salesforce API Series: Fast Parallel Data Loading with the Bulk API WebinarSalesforce Developers
 

Was ist angesagt? (20)

Azure Penetration Testing
Azure Penetration TestingAzure Penetration Testing
Azure Penetration Testing
 
Microsoft Cloud Adoption Framework for Azure: Thru Partner Governance Workshop
Microsoft Cloud Adoption Framework for Azure: Thru Partner Governance WorkshopMicrosoft Cloud Adoption Framework for Azure: Thru Partner Governance Workshop
Microsoft Cloud Adoption Framework for Azure: Thru Partner Governance Workshop
 
Microsoft Graphことはじめ クエリパラメータ編
Microsoft Graphことはじめ クエリパラメータ編Microsoft Graphことはじめ クエリパラメータ編
Microsoft Graphことはじめ クエリパラメータ編
 
MTLS - Securing Microservice Architecture with Mutual TLS Authentication
MTLS - Securing Microservice Architecture with Mutual TLS AuthenticationMTLS - Securing Microservice Architecture with Mutual TLS Authentication
MTLS - Securing Microservice Architecture with Mutual TLS Authentication
 
AWS Cloud Essentials - An Overview
AWS Cloud Essentials - An OverviewAWS Cloud Essentials - An Overview
AWS Cloud Essentials - An Overview
 
TechnicalTerraformLandingZones121120229238.pdf
TechnicalTerraformLandingZones121120229238.pdfTechnicalTerraformLandingZones121120229238.pdf
TechnicalTerraformLandingZones121120229238.pdf
 
モダンアクセスコントロール実現に向けた戦略策定方法
モダンアクセスコントロール実現に向けた戦略策定方法モダンアクセスコントロール実現に向けた戦略策定方法
モダンアクセスコントロール実現に向けた戦略策定方法
 
CIRCUIT 2015 - Akamai: Caching and Beyond
CIRCUIT 2015 - Akamai: Caching and BeyondCIRCUIT 2015 - Akamai: Caching and Beyond
CIRCUIT 2015 - Akamai: Caching and Beyond
 
Running Active Directory in the AWS Cloud
Running Active Directory in the AWS Cloud Running Active Directory in the AWS Cloud
Running Active Directory in the AWS Cloud
 
Azure governance
Azure governanceAzure governance
Azure governance
 
Best practices for running Windows workloads on AWS
Best practices for running Windows workloads on AWSBest practices for running Windows workloads on AWS
Best practices for running Windows workloads on AWS
 
Cloud Governance and Provisioning Management using AWS Management Tools and S...
Cloud Governance and Provisioning Management using AWS Management Tools and S...Cloud Governance and Provisioning Management using AWS Management Tools and S...
Cloud Governance and Provisioning Management using AWS Management Tools and S...
 
Office365のIdentity管理
Office365のIdentity管理Office365のIdentity管理
Office365のIdentity管理
 
AWS Security Hub
AWS Security HubAWS Security Hub
AWS Security Hub
 
Amazon Virtual Private Cloud VPC Architecture AWS Web Services
Amazon Virtual Private Cloud VPC Architecture AWS Web ServicesAmazon Virtual Private Cloud VPC Architecture AWS Web Services
Amazon Virtual Private Cloud VPC Architecture AWS Web Services
 
AWS Security Hub
AWS Security HubAWS Security Hub
AWS Security Hub
 
PPT Azure Firewall vs 3rd Party NVA Comparison v1.0.pptx
PPT Azure Firewall vs 3rd Party NVA Comparison v1.0.pptxPPT Azure Firewall vs 3rd Party NVA Comparison v1.0.pptx
PPT Azure Firewall vs 3rd Party NVA Comparison v1.0.pptx
 
End to End Guide Windows AutoPilot Process via Intune
End to End Guide Windows AutoPilot Process via IntuneEnd to End Guide Windows AutoPilot Process via Intune
End to End Guide Windows AutoPilot Process via Intune
 
AWS DevOps와 ECR을 통한 Elastic Beanstalk 배포 환경 구축 및 타 환경과의 비교
AWS DevOps와 ECR을 통한 Elastic Beanstalk 배포 환경 구축 및 타 환경과의 비교AWS DevOps와 ECR을 통한 Elastic Beanstalk 배포 환경 구축 및 타 환경과의 비교
AWS DevOps와 ECR을 통한 Elastic Beanstalk 배포 환경 구축 및 타 환경과의 비교
 
Salesforce API Series: Fast Parallel Data Loading with the Bulk API Webinar
Salesforce API Series: Fast Parallel Data Loading with the Bulk API WebinarSalesforce API Series: Fast Parallel Data Loading with the Bulk API Webinar
Salesforce API Series: Fast Parallel Data Loading with the Bulk API Webinar
 

Ähnlich wie Automate security role assignments

Best Practices for Implementing Data Loss Prevention (DLP)
Best Practices for Implementing Data Loss Prevention (DLP)Best Practices for Implementing Data Loss Prevention (DLP)
Best Practices for Implementing Data Loss Prevention (DLP)Sarfaraz Chougule
 
Understanding Data Loss Prevention
Understanding Data Loss PreventionUnderstanding Data Loss Prevention
Understanding Data Loss PreventionRaid Data Recovery
 
Rencore Webinar: Myth-busting GDPR in Office 365 & Azure
Rencore Webinar: Myth-busting GDPR in Office 365 & AzureRencore Webinar: Myth-busting GDPR in Office 365 & Azure
Rencore Webinar: Myth-busting GDPR in Office 365 & AzureRencore
 
Twin Cities Oracle Marketing Cloud User Group - November 2014
Twin Cities Oracle Marketing Cloud User Group - November 2014Twin Cities Oracle Marketing Cloud User Group - November 2014
Twin Cities Oracle Marketing Cloud User Group - November 2014Ron Corbisier
 
SnowProCore StudyGuide
SnowProCore StudyGuideSnowProCore StudyGuide
SnowProCore StudyGuidessuser538b022
 
Managing Cloud Business Solutions for Salisbury/Modbury Digital Enterprise Pr...
Managing Cloud Business Solutions for Salisbury/Modbury Digital Enterprise Pr...Managing Cloud Business Solutions for Salisbury/Modbury Digital Enterprise Pr...
Managing Cloud Business Solutions for Salisbury/Modbury Digital Enterprise Pr...Vanguard Visions
 
Data Systems Integration & Business Value Pt. 2: Cloud
Data Systems Integration & Business Value Pt. 2: CloudData Systems Integration & Business Value Pt. 2: Cloud
Data Systems Integration & Business Value Pt. 2: CloudData Blueprint
 
Data Systems Integration & Business Value Pt. 2: Cloud
Data Systems Integration & Business Value Pt. 2: CloudData Systems Integration & Business Value Pt. 2: Cloud
Data Systems Integration & Business Value Pt. 2: CloudDATAVERSITY
 
Introducing Data Loss Prevention 14
Introducing Data Loss Prevention 14Introducing Data Loss Prevention 14
Introducing Data Loss Prevention 14Symantec
 
Oracle BPM Adaptive Case Management 2014
Oracle BPM Adaptive Case Management 2014Oracle BPM Adaptive Case Management 2014
Oracle BPM Adaptive Case Management 2014Bizagi Inc
 
SANS Institute Product Review of Oracle Identity Manager
SANS Institute Product Review of Oracle Identity ManagerSANS Institute Product Review of Oracle Identity Manager
SANS Institute Product Review of Oracle Identity ManagerOracleIDM
 
How to Enable Remote Work with Apricot 360 or Apricot Core
How to Enable Remote Work with Apricot 360 or Apricot CoreHow to Enable Remote Work with Apricot 360 or Apricot Core
How to Enable Remote Work with Apricot 360 or Apricot CoreJeffrey Haguewood
 
Development frameworks and methods
Development frameworks and methodsDevelopment frameworks and methods
Development frameworks and methodsMin Phone Nyunt Win
 
What’s Next For Your Azure Certification Journey
What’s Next For Your Azure Certification JourneyWhat’s Next For Your Azure Certification Journey
What’s Next For Your Azure Certification JourneyGlobal Knowledge Training
 
Department webpage design sean hwang
Department webpage design sean hwangDepartment webpage design sean hwang
Department webpage design sean hwangdelmount
 
CRM 101: Session 6: Evaluating, Selecting, and Deploying the Right CRM Soluti...
CRM 101: Session 6: Evaluating, Selecting, and Deploying the Right CRM Soluti...CRM 101: Session 6: Evaluating, Selecting, and Deploying the Right CRM Soluti...
CRM 101: Session 6: Evaluating, Selecting, and Deploying the Right CRM Soluti...SugarCRM
 
0 MS_Learning_Transcript.PDF
0 MS_Learning_Transcript.PDF0 MS_Learning_Transcript.PDF
0 MS_Learning_Transcript.PDFGnana Prakasam N
 
Information Retrieval AICTE FDP at GCT Coimbatore
Information Retrieval AICTE FDP at GCT CoimbatoreInformation Retrieval AICTE FDP at GCT Coimbatore
Information Retrieval AICTE FDP at GCT Coimbatoreveningstonk
 

Ähnlich wie Automate security role assignments (20)

Best Practices for Implementing Data Loss Prevention (DLP)
Best Practices for Implementing Data Loss Prevention (DLP)Best Practices for Implementing Data Loss Prevention (DLP)
Best Practices for Implementing Data Loss Prevention (DLP)
 
Understanding Data Loss Prevention
Understanding Data Loss PreventionUnderstanding Data Loss Prevention
Understanding Data Loss Prevention
 
Rencore Webinar: Myth-busting GDPR in Office 365 & Azure
Rencore Webinar: Myth-busting GDPR in Office 365 & AzureRencore Webinar: Myth-busting GDPR in Office 365 & Azure
Rencore Webinar: Myth-busting GDPR in Office 365 & Azure
 
Twin Cities Oracle Marketing Cloud User Group - November 2014
Twin Cities Oracle Marketing Cloud User Group - November 2014Twin Cities Oracle Marketing Cloud User Group - November 2014
Twin Cities Oracle Marketing Cloud User Group - November 2014
 
SnowProCore StudyGuide
SnowProCore StudyGuideSnowProCore StudyGuide
SnowProCore StudyGuide
 
Managing Cloud Business Solutions for Salisbury/Modbury Digital Enterprise Pr...
Managing Cloud Business Solutions for Salisbury/Modbury Digital Enterprise Pr...Managing Cloud Business Solutions for Salisbury/Modbury Digital Enterprise Pr...
Managing Cloud Business Solutions for Salisbury/Modbury Digital Enterprise Pr...
 
Data Systems Integration & Business Value Pt. 2: Cloud
Data Systems Integration & Business Value Pt. 2: CloudData Systems Integration & Business Value Pt. 2: Cloud
Data Systems Integration & Business Value Pt. 2: Cloud
 
Data Systems Integration & Business Value Pt. 2: Cloud
Data Systems Integration & Business Value Pt. 2: CloudData Systems Integration & Business Value Pt. 2: Cloud
Data Systems Integration & Business Value Pt. 2: Cloud
 
Introducing Data Loss Prevention 14
Introducing Data Loss Prevention 14Introducing Data Loss Prevention 14
Introducing Data Loss Prevention 14
 
Oracle BPM Adaptive Case Management 2014
Oracle BPM Adaptive Case Management 2014Oracle BPM Adaptive Case Management 2014
Oracle BPM Adaptive Case Management 2014
 
SANS Institute Product Review of Oracle Identity Manager
SANS Institute Product Review of Oracle Identity ManagerSANS Institute Product Review of Oracle Identity Manager
SANS Institute Product Review of Oracle Identity Manager
 
How to Enable Remote Work with Apricot 360 or Apricot Core
How to Enable Remote Work with Apricot 360 or Apricot CoreHow to Enable Remote Work with Apricot 360 or Apricot Core
How to Enable Remote Work with Apricot 360 or Apricot Core
 
MS_Learning_Transcript.PDF
MS_Learning_Transcript.PDFMS_Learning_Transcript.PDF
MS_Learning_Transcript.PDF
 
Development frameworks and methods
Development frameworks and methodsDevelopment frameworks and methods
Development frameworks and methods
 
What’s Next For Your Azure Certification Journey
What’s Next For Your Azure Certification JourneyWhat’s Next For Your Azure Certification Journey
What’s Next For Your Azure Certification Journey
 
Department webpage design sean hwang
Department webpage design sean hwangDepartment webpage design sean hwang
Department webpage design sean hwang
 
CRM 101: Session 6: Evaluating, Selecting, and Deploying the Right CRM Soluti...
CRM 101: Session 6: Evaluating, Selecting, and Deploying the Right CRM Soluti...CRM 101: Session 6: Evaluating, Selecting, and Deploying the Right CRM Soluti...
CRM 101: Session 6: Evaluating, Selecting, and Deploying the Right CRM Soluti...
 
0 MS_Learning_Transcript.PDF
0 MS_Learning_Transcript.PDF0 MS_Learning_Transcript.PDF
0 MS_Learning_Transcript.PDF
 
Information Retrieval AICTE FDP at GCT Coimbatore
Information Retrieval AICTE FDP at GCT CoimbatoreInformation Retrieval AICTE FDP at GCT Coimbatore
Information Retrieval AICTE FDP at GCT Coimbatore
 
Developing software and/or App requirements specification
Developing software and/or App requirements specificationDeveloping software and/or App requirements specification
Developing software and/or App requirements specification
 

Kürzlich hochgeladen

proposal kumeneger edited.docx A kumeeger
proposal kumeneger edited.docx A kumeegerproposal kumeneger edited.docx A kumeeger
proposal kumeneger edited.docx A kumeegerkumenegertelayegrama
 
Internship Presentation | PPT | CSE | SE
Internship Presentation | PPT | CSE | SEInternship Presentation | PPT | CSE | SE
Internship Presentation | PPT | CSE | SESaleh Ibne Omar
 
Application of GIS in Landslide Disaster Response.pptx
Application of GIS in Landslide Disaster Response.pptxApplication of GIS in Landslide Disaster Response.pptx
Application of GIS in Landslide Disaster Response.pptxRoquia Salam
 
SaaStr Workshop Wednesday w/ Kyle Norton, Owner.com
SaaStr Workshop Wednesday w/ Kyle Norton, Owner.comSaaStr Workshop Wednesday w/ Kyle Norton, Owner.com
SaaStr Workshop Wednesday w/ Kyle Norton, Owner.comsaastr
 
Early Modern Spain. All about this period
Early Modern Spain. All about this periodEarly Modern Spain. All about this period
Early Modern Spain. All about this periodSaraIsabelJimenez
 
Call Girls In Aerocity 🤳 Call Us +919599264170
Call Girls In Aerocity 🤳 Call Us +919599264170Call Girls In Aerocity 🤳 Call Us +919599264170
Call Girls In Aerocity 🤳 Call Us +919599264170Escort Service
 
THE COUNTRY WHO SOLVED THE WORLD_HOW CHINA LAUNCHED THE CIVILIZATION REVOLUTI...
THE COUNTRY WHO SOLVED THE WORLD_HOW CHINA LAUNCHED THE CIVILIZATION REVOLUTI...THE COUNTRY WHO SOLVED THE WORLD_HOW CHINA LAUNCHED THE CIVILIZATION REVOLUTI...
THE COUNTRY WHO SOLVED THE WORLD_HOW CHINA LAUNCHED THE CIVILIZATION REVOLUTI...漢銘 謝
 
Chizaram's Women Tech Makers Deck. .pptx
Chizaram's Women Tech Makers Deck. .pptxChizaram's Women Tech Makers Deck. .pptx
Chizaram's Women Tech Makers Deck. .pptxogubuikealex
 
DGT @ CTAC 2024 Valencia: Most crucial invest to digitalisation_Sven Zoelle_v...
DGT @ CTAC 2024 Valencia: Most crucial invest to digitalisation_Sven Zoelle_v...DGT @ CTAC 2024 Valencia: Most crucial invest to digitalisation_Sven Zoelle_v...
DGT @ CTAC 2024 Valencia: Most crucial invest to digitalisation_Sven Zoelle_v...Henrik Hanke
 
Event 4 Introduction to Open Source.pptx
Event 4 Introduction to Open Source.pptxEvent 4 Introduction to Open Source.pptx
Event 4 Introduction to Open Source.pptxaryanv1753
 
The Ten Facts About People With Autism Presentation
The Ten Facts About People With Autism PresentationThe Ten Facts About People With Autism Presentation
The Ten Facts About People With Autism PresentationNathan Young
 
Mathan flower ppt.pptx slide orchids ✨🌸
Mathan flower ppt.pptx slide orchids ✨🌸Mathan flower ppt.pptx slide orchids ✨🌸
Mathan flower ppt.pptx slide orchids ✨🌸mathanramanathan2005
 
RACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATION
RACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATIONRACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATION
RACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATIONRachelAnnTenibroAmaz
 
CHROMATOGRAPHY and its types with procedure,diagrams,flow charts,advantages a...
CHROMATOGRAPHY and its types with procedure,diagrams,flow charts,advantages a...CHROMATOGRAPHY and its types with procedure,diagrams,flow charts,advantages a...
CHROMATOGRAPHY and its types with procedure,diagrams,flow charts,advantages a...university
 
Engaging Eid Ul Fitr Presentation for Kindergartners.pptx
Engaging Eid Ul Fitr Presentation for Kindergartners.pptxEngaging Eid Ul Fitr Presentation for Kindergartners.pptx
Engaging Eid Ul Fitr Presentation for Kindergartners.pptxAsifArshad8
 
Dutch Power - 26 maart 2024 - Henk Kras - Circular Plastics
Dutch Power - 26 maart 2024 - Henk Kras - Circular PlasticsDutch Power - 26 maart 2024 - Henk Kras - Circular Plastics
Dutch Power - 26 maart 2024 - Henk Kras - Circular PlasticsDutch Power
 
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRR
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRRINDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRR
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRRsarwankumar4524
 
PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.
PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.
PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.KathleenAnnCordero2
 
Quality by design.. ppt for RA (1ST SEM
Quality by design.. ppt for RA (1ST SEMQuality by design.. ppt for RA (1ST SEM
Quality by design.. ppt for RA (1ST SEMCharmi13
 

Kürzlich hochgeladen (19)

proposal kumeneger edited.docx A kumeeger
proposal kumeneger edited.docx A kumeegerproposal kumeneger edited.docx A kumeeger
proposal kumeneger edited.docx A kumeeger
 
Internship Presentation | PPT | CSE | SE
Internship Presentation | PPT | CSE | SEInternship Presentation | PPT | CSE | SE
Internship Presentation | PPT | CSE | SE
 
Application of GIS in Landslide Disaster Response.pptx
Application of GIS in Landslide Disaster Response.pptxApplication of GIS in Landslide Disaster Response.pptx
Application of GIS in Landslide Disaster Response.pptx
 
SaaStr Workshop Wednesday w/ Kyle Norton, Owner.com
SaaStr Workshop Wednesday w/ Kyle Norton, Owner.comSaaStr Workshop Wednesday w/ Kyle Norton, Owner.com
SaaStr Workshop Wednesday w/ Kyle Norton, Owner.com
 
Early Modern Spain. All about this period
Early Modern Spain. All about this periodEarly Modern Spain. All about this period
Early Modern Spain. All about this period
 
Call Girls In Aerocity 🤳 Call Us +919599264170
Call Girls In Aerocity 🤳 Call Us +919599264170Call Girls In Aerocity 🤳 Call Us +919599264170
Call Girls In Aerocity 🤳 Call Us +919599264170
 
THE COUNTRY WHO SOLVED THE WORLD_HOW CHINA LAUNCHED THE CIVILIZATION REVOLUTI...
THE COUNTRY WHO SOLVED THE WORLD_HOW CHINA LAUNCHED THE CIVILIZATION REVOLUTI...THE COUNTRY WHO SOLVED THE WORLD_HOW CHINA LAUNCHED THE CIVILIZATION REVOLUTI...
THE COUNTRY WHO SOLVED THE WORLD_HOW CHINA LAUNCHED THE CIVILIZATION REVOLUTI...
 
Chizaram's Women Tech Makers Deck. .pptx
Chizaram's Women Tech Makers Deck. .pptxChizaram's Women Tech Makers Deck. .pptx
Chizaram's Women Tech Makers Deck. .pptx
 
DGT @ CTAC 2024 Valencia: Most crucial invest to digitalisation_Sven Zoelle_v...
DGT @ CTAC 2024 Valencia: Most crucial invest to digitalisation_Sven Zoelle_v...DGT @ CTAC 2024 Valencia: Most crucial invest to digitalisation_Sven Zoelle_v...
DGT @ CTAC 2024 Valencia: Most crucial invest to digitalisation_Sven Zoelle_v...
 
Event 4 Introduction to Open Source.pptx
Event 4 Introduction to Open Source.pptxEvent 4 Introduction to Open Source.pptx
Event 4 Introduction to Open Source.pptx
 
The Ten Facts About People With Autism Presentation
The Ten Facts About People With Autism PresentationThe Ten Facts About People With Autism Presentation
The Ten Facts About People With Autism Presentation
 
Mathan flower ppt.pptx slide orchids ✨🌸
Mathan flower ppt.pptx slide orchids ✨🌸Mathan flower ppt.pptx slide orchids ✨🌸
Mathan flower ppt.pptx slide orchids ✨🌸
 
RACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATION
RACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATIONRACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATION
RACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATION
 
CHROMATOGRAPHY and its types with procedure,diagrams,flow charts,advantages a...
CHROMATOGRAPHY and its types with procedure,diagrams,flow charts,advantages a...CHROMATOGRAPHY and its types with procedure,diagrams,flow charts,advantages a...
CHROMATOGRAPHY and its types with procedure,diagrams,flow charts,advantages a...
 
Engaging Eid Ul Fitr Presentation for Kindergartners.pptx
Engaging Eid Ul Fitr Presentation for Kindergartners.pptxEngaging Eid Ul Fitr Presentation for Kindergartners.pptx
Engaging Eid Ul Fitr Presentation for Kindergartners.pptx
 
Dutch Power - 26 maart 2024 - Henk Kras - Circular Plastics
Dutch Power - 26 maart 2024 - Henk Kras - Circular PlasticsDutch Power - 26 maart 2024 - Henk Kras - Circular Plastics
Dutch Power - 26 maart 2024 - Henk Kras - Circular Plastics
 
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRR
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRRINDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRR
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRR
 
PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.
PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.
PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.
 
Quality by design.. ppt for RA (1ST SEM
Quality by design.. ppt for RA (1ST SEMQuality by design.. ppt for RA (1ST SEM
Quality by design.. ppt for RA (1ST SEM
 

Automate security role assignments

  • 1. Slide 1 of 3224/11/2019 How to automate security role assignments Microsoft Dynamics 365 for Finance and Operations (Microsoft Dynamics AX 2012)
  • 2. Slide 2 of 3224/11/2019 Meet your presenter ▪ André Arnaud de Calavon ▪ Microsoft MVP Business applications ▪ Product Manager at To-Increase ▪ 1996-2001 Navision Financials Microsoft Dynamics 365 Business Central ▪ 2001-2019 Damgaard Axapta Microsoft Dynamics 365 for Finance and Operations  https://dynamicspedia.com
  • 3. Slide 3 of 3224/11/2019 Session agenda ▪ Introduction ▪ Azure Active Directory groups ▪ Automatic role assignment ▪ How the basics works ▪ Advanced rules ▪ Extend with custom queries ▪ Simulate user groups concept from previous AX versions
  • 4. Slide 4 of 3224/11/2019 Introduction ▪ Easy maintenance of user permissions ▪ Prevent incorrect role/organization assignments ▪ Azure Active Directory groups ▪ Automatic role assignment
  • 5. Slide 5 of 3224/11/2019 Azure AD administration ▪ 3 administration portals ▪ AAD user authentication ▪ License assignment ▪ User group assignment
  • 6. Slide 6 of 3224/11/2019 Dynamics 365 administration ▪ Automatic or manual creating user ▪ Configuration key Active Directory security group ▪ Groups setup ▪ Import from Azure AD ▪ Assign security roles
  • 7. Slide 7 of 3224/11/2019 How AD groups works (1/2) ▪ Import groups ▪ User preferences ▪ Startup company ▪ Enabled
  • 8. Slide 8 of 3224/11/2019 How AD groups works (2/2) ▪ Assign roles ▪ Assign organizations ▪ User preferences ▪ Language ▪ Time zone ▪ Calendar
  • 9. Slide 9 of 3224/11/2019 Azure AD groups
  • 10. Slide 10 of 3224/11/2019 Azure AD challenges in MSDyn365 ▪ Naming convention user ID ▪ Segregation of Duties ▪ Workflow assignment ▪ Security reports
  • 11. Slide 11 of 3224/11/2019 What is automatic role assignment? ▪ Define rules ▪ Role assignment automatically updated ▪ Frequency ▪ Periodically using batch framework ▪ Manually for incidental execution ▪ Batch framework ▪ Batch job created part of your installation ▪ Set to ‘Withhold’ in demo environment > Change to ‘Waiting’
  • 12. Slide 12 of 3224/11/2019 How the basics works (1/4) ▪ Create rule
  • 13. Slide 13 of 3224/11/2019 How the basics works (2/4) ▪ Define query
  • 14. Slide 14 of 3224/11/2019 How the basics works (3/4) ▪ Assign organizations
  • 15. Slide 15 of 3224/11/2019 Basic rule
  • 16. Slide 16 of 3224/11/2019 How the basics works (4/4) ▪ Automatic ▪ Manual ▪ Exclude
  • 17. Slide 17 of 3224/11/2019 Advanced rules ▪ Advanced query editor ▪ Example: person setup as timesheet user Project periods
  • 18. Slide 18 of 3224/11/2019 Advanced queries - initial concept Permission ObjectPermission Privilege SecurityRole User Operation «Privilege» Duty Hierarchy Hierarchy «Privilege» Privilege Hierarchy «Party» Person Job Job Function Duty Responsibility Position «Query» SecurityRoleAssignmentRule «Party» Department HR and Organization ModelsSecurity ModelSecurity Framework «Privilege» Process Task Service Party Activity SecurableObject «Permission» Permission «SecurityRole» Role
  • 19. Slide 19 of 3224/11/2019 Advanced queries
  • 20. Slide 20 of 3224/11/2019 Extend with custom queries ▪ Base table ▪ UserInfo ▪ Other data sources ▪ No restrictions ▪ Relations ▪ Choose ▪ Define own
  • 21. Slide 21 of 3224/11/2019 Extend with custom queries ▪ Example
  • 22. Slide 22 of 3224/11/2019 Extend with custom queries ▪ How to do it? UserInfo idPK DirPersonUser RecIdPK User PersonParty ValidFrom HcmWorker RecIdPK Person PersonnelNumber ValidTo HcmPositionWorkerAssign ment RecIdPK Position Worker HcmPositionHierarchy RecIdPK ParentPosition Position HcmPosition RecIdPK PositionId ValidFrom ValidTo PositionHierarchyType ValidFrom ValidFrom HcmPositionHierarchyType RecIdPK HierarchyType
  • 23. Slide 23 of 3224/11/2019 Custom queries
  • 24. Slide 24 of 3224/11/2019 Previous architecture and current ▪ Previous versions ▪ Current versions
  • 25. Slide 25 of 3224/11/2019 Group assignments needed? ▪ Pains ▪ Many users with same profile time consuming ▪ Assigning organizations can be forgotten ▪ Options for grouping users
  • 26. Slide 26 of 3224/11/2019 Team assignment option ▪ Advantages ▪ Date effective assignment ▪ Address book security
  • 27. Slide 27 of 3224/11/2019 Team assignments
  • 28. Slide 28 of 3224/11/2019 Enhancements/customizations ▪ User group assignment on user ▪ Team assignment on user ▪ Run role assignment manually for user
  • 29. Slide 29 of 3224/11/2019 Demo
  • 30. Slide 30 of 3224/11/2019
  • 31. Slide 31 of 3224/11/2019 Related blog posts ▪ Standard batch jobs ▪ https://dynamicspedia.com/2014/01/standard-batch-jobs-ax2012/ ▪ Automatic role assignment ▪ https://dynamicspedia.com/2014/01/automatic-role-assignment-in- ax2012-part-1/ ▪ https://dynamicspedia.com/2014/01/automatic-role-assignment-in- ax2012-part-2/ ▪ Active directory ▪ https://dynamicspedia.com/2019/09/how-to-use-azure-active- directory-for-managing-users-and-security-in-dynamics-365-for- finance-and-operations/
  • 32. Slide 32 of 3224/11/2019