After you initialize the Microsoft Dynamics AX system, you set up security. Microsoft Dynamics AX organizes functionality using licensing, configuration key, and security key subsystems. For information about how these subsystems are related, see Security architecture.

Set up the security system

The following table shows the hierarchy of security configuration, and provides links to the relevant documentation that describes how to set up and configure that part of security.

Set up company accounts in Microsoft Dynamics AX to represent the organizational structure of your company.

See Manage company accounts

Create user groups and permissions, and add users to these user groups to grant the users all the permissions assigned to that user group. Users that are not assigned to groups cannot access Microsoft Dynamics AX. A user can be a part of more than one group; that user inherits the highest permission level of the two groups.

See Manage user groups

Maintain user group security by using domains, if several companies use the same Microsoft Dynamics AX system and have unique security needs. Domains enable you to restrict permissions to user groups to a single company, or to set up user groups with permissions to data across companies. The domains feature requires a separate license.

See Manage domains

Add users from Active Directory to the Microsoft Dynamics AX system. Users that are not in Active Directory cannot be added. Users cannot be granted permissions directly.

See Manage users

Set security keys for user group/domain combinations. Security keys are disabled by default. Only administrator users have all security keys enabled by default.

See Manage security permissions for user groups and domain combinations

Set up security for table and field access for a more granular security system. Users and user groups can be constrained from seeing certain data. This restricts them from seeing specific fields and data.

See Manage table and field access

Add record level security to enable you to restrict the information shown in reports and on forms. This builds on the restrictions enforced by user group permissions.

See Manage record level security