Security roles (form) [AX 2012]

Updated: March 29, 2011

Applies To: Microsoft Dynamics AX 2012 R3, Microsoft Dynamics AX 2012 R2, Microsoft Dynamics AX 2012 Feature Pack, Microsoft Dynamics AX 2012

Click System administration > Setup > Security > Security roles.

Use this form to create or modify security roles. All users must be assigned to at least one security role to have access to Microsoft Dynamics AX. The security roles assigned to a user determine which duties the user can perform and which parts of the user interface the user can view.

Caution noteCaution

If security is administered in multiple languages in your implementation, we recommend using the Label editor in the developer workspace to modify name and description labels. By using the Label editor, you can create labels in multiple languages.

The following tables provide descriptions for the controls in this form.



Role content

Displays the duties and privileges that are assigned to the selected role.




Delete the selected security role. The role will be permanently deleted from the system.

Open in new window

Open another instance of the Security roles form with the selected role as the focus. Opening another instance of the form allows you to drag and drop elements between the forms.

Record-level security

Open the Record level security form to limit access to data based on a query.


The record-level security feature will be removed in a future release. If you are setting up new filters, we recommend creating data security policies using the extensible data security framework. For more information, see Data security in Microsoft Dynamics AX.

Assign users

Open the Assign users to roles form to assign multiple users to multiple roles.

Override permissions

Open the Override permissions form to limit a role’s access to specific controls, fields, and server methods in Microsoft Dynamics AX. Overrides apply to all users assigned to the role, and to all privileges in the role that include the control, field, or server method.

Designate as external

Open the Designate as external role form to specify that the selected role is intended for users who are external to the business. For example, use this option for roles that include current or prospective customers and vendors. Users in external roles typically access Microsoft Dynamics AX through Enterprise Portal only.


Open the Add privileges to role form to assign additional duties or privileges to the selected role.

A role cannot contain duties that conflict according to the rules for segregation of duties. For more information, see Set up segregation of duties.

Edit duty or Edit privilege

Open the Security privileges form to modify the selected duty or privilege.



AOT name

Enter a name for the role that will appear in the Application Object Tree (AOT).

AOT names must contain only alphanumeric or underscore characters. AOT names cannot begin with a number, and they cannot contain other special characters or spaces.

Announcements: To see known issues and recent fixes, use Issue search in Microsoft Dynamics Lifecycle Services (LCS).