Site level security

Hi All,

I have a scenario where some users related one site and some other users related to the diiferent site. For example Site 1 has 3 users namely A,B and C and SIte 2 has 3 users namely D,E and F.

My requirement is to block the site 2 data when the user signed in form the site 1 user list(A,B and C) and vice versa.

How can I acheive this in ax 2012?

Thanks in Advance.

What do you mean by site data? Data in InventSite table?

Yes Kranthi…

Users (Approximately 80) from Site “A” are unable to access or see any data from Site “B”, “C”, “D”, etc.

Users (Approximately 450) from other sites are also unable to see data in Site “A”

Still not sure what do you mean by data in a Site (Not all the data is site specific). You may have to implement XDS depending on the need. (

SIte information in Site form… For example in site form SIte1 should be visible to users from site 1

Then implement XDS (extensible data security)

Hi Kranthi,

Thanks for your reply…

I have created the query with the data source InventLocation and its range is 11. Then created the security policy by using this query and set primary table as InventLocation. And the role name is WHSWarehousemanager.

Then I have removed admin role for my user and added the Warehouse manager role.

But still can able to see All the warehouses…

Please suggest…

Set the ConstrainedTable property to Yes.

See this documentation to understand the properties of security policy,…/gg731857.aspx

Thanks for your reply kranthi…

Hi Kranthi,

I want to block the site in all forms of ax… for example in sales, purchase , production , inventory…

Other functionalities should work…

How can i acheive this…?

What do you mean by blocking the site?

I mean user can see the sites except site 1…in all the forms

Is this possible to assign multiple policies to single role?


How kranthi… Please suggest?

Any suggestions…? By using context string we can use the same policeis for mulitple role

On roles, set the contextString.

On policy set the context type to RoleProperty and set the contextString property to string defined on the roles.

Thanks for your reply kranthi…

Hi Kranthi,

I have created the new policy for Production orders to show with the site 1 only. In my policy query, i have added the range for inventsiteid of InventDim.

But when creating the new Production order I got the below error…

I have added the Production supervior role along with my role…

Please suggest?

What action exactly causing the error? Is it only happening for the roles with that policy?

Can you also explain about the query used in the policy?