Políticas de segurança

Finance and Operations/AX Technical Forum
1

Ola. Tenho 3 empresas Matriz no d365 FeO,cada uma tem 10 filiais independentes cada um com seu CNPJ,centro de custos vinculados a empresa matriz. Como faço para que os usuários das filiais vejam apenas as informações das suas filiais. Compras,vendas, projetos,método de pagamento tudo somente de sua filial?

2

This is an English-speaking forum, therefore please translate your questions to English, otherwise people won’t understand them.

This is an automatic translation:

Hello. I have 3 parent companies in D365 FeO, each with 10 independent subsidiaries, each with its own CNPJ (Brazilian tax ID), and cost centers linked to the parent company. How can I make it so that users in the subsidiaries only see information from their own subsidiaries? Purchases, sales, projects, payment methods – everything should only be from their respective subsidiary?

To me, it sounds like work for Extensible data security policies.

3

:hammer_and_wrench: Step-by-Step Guide: Organization-Based Security in D365 F&O

1. Define Legal Entities and Operating Units

  • Each branch should be set up as a legal entity or operating unit (depending on your structure).

  • Assign a unique CNPJ and cost center to each.

2. Create or Customize Security Roles

  • Navigate to:
    System Administration > Security > Security Configuration

  • Either:

    • Create a new role, or

    • Duplicate an existing role and modify it.

3. Assign Duties and Privileges

  • Duties = groups of tasks (e.g., “Maintain Purchase Orders”)

  • Privileges = specific actions (e.g., “Edit Vendor Record”)

  • Assign only the duties/privileges relevant to the branch-level operations.

4. Apply Data Security Policies (XDS)

  • Use Extensible Data Security (XDS) to restrict access to data by:

    • Legal entity

    • Cost center

    • Project ID

  • Example: Restrict a user to only see records where DataAreaId = 'BR01'.

5. Create Security Policies

  • Go to:
    System Administration > Security > Security Policies

  • Define a policy that links a query (e.g., filter by branch) to a role.

  • Apply the policy to relevant tables (e.g., PurchTable, ProjTable).

6. Assign Users to Roles

  • Navigate to:
    System Administration > Users

  • Select a user and assign them to the appropriate branch-specific role.

7. Test the Configuration

  • Use test accounts to verify:

    • Users can only access their branch’s data.

    • No cross-branch visibility exists.

With the help of M365 Copilot