Introduction Business Central allows various levels of security that can be used to restrict User access to different features or objects. We can use Permission Sets to prevent User access to specific objects like reports or pages. For more refined, row-level authorization we can use Security Filters to restrict access to individual record based on some filters. References Using Security Filters in Business Central – Business Central | Microsoft Docs Pre-requisites Business Central OnCloud or OnPremise Configuration Suppose, you want the User to only be able to access a specific set of Customers. You can either create your own Permission Set from scratch, in which you will describe all the objects that the User will have access to or you can copy one of the existing ones by clicking on “Copy Permission Set” and then entering a new name for the permission set. Do note that you require proper permissions to make changes to Permission Sets as well. Open the Permission Set, by clicking on the “Permissions” action and Scroll to the Right. Click on the three dots next to the Security Filter field. Select the field(s) which you want to filter by clicking on the three dots next to the Field Number and then click on OK. Set a value for the filter in the “Field Filter” field. You can add as many filters as required and any Business Central filter is valid in this field (Except for wildcard characters). Once you are done, click on Close. Click on OK and add (in case there are no other permission sets and you have created your own) or replace (in case you have copied the permission set) the new permission set onto the User in the “User Permission Sets” tab of the User card. Login to the User Account and verify that only the records that match the mentioned filters are visible to the Users. Conclusion Thus we saw how to create and configure security filters in Business Central for maintaining record level security. As a side note, I would like to highlight that in Business Central, in case a User has multiple Permission Sets containing different levels of permissions for the same object then Business Central combines these Permission Sets and uses the least restrictive group of Permissions. As such if you apply a Permission Set with a Security Filter and another Permission Set without the filter on the same object, Business Central will use the one without the Security Filter as it is least restrictive.

This Blog Series will guide you through OpenID Connect Authentication Setup in API Management

This Blog Series will guide you through OpenID Connect Authentication Setup in API Management

In some of the cases instead of providing security to whole form we need it for particular form control.So this blog will help you with providing access to form control via security roles.If you want to know more about security roles you can use my previous blog . First of all we need form control where we need to set some of the properties as follows. In our case we are using laid off button as shownNow select the button and press F4 for its properties and set needed permision to manual as follows Now in your desired security privilege you can either directly set form control permissions or Entry Points.For form control permission method right click on form control permission and select new form and after that set name property to your desired form (Hcmworker in our case) as follows Now right click on your form and select New control option as follows and set control name and permission for it as follows For Entry point method you need first need to add new entry point and set its object type and object name properties or for existing ones select desired entry point and click on drop down arrow and on controls right click and select new control.And now set its grant and name properties to desired control and its access rights After this you need to assign this privilege in desired security role and security duty as previously discussed in security role blog

In D365 Finance and Operations when you need to provide and restrict users from a certain operation you can make use of security roles. You can create security roles from Finance and operations environment itself or from its development tool i.e Visual Studio. In this blog, we are going to create a security role in Visual Studio as follows.   Create privilege    First of all we need to create privilege as follows now we need to add new entry point and set  object type in our case display menu item from properties Now add object name(display menu item  name) as follows   create role   Now we need to create role where above created privilege will be needed create new security role  as follows now we need to add new privilege in role as shown And from properties select privilege which we have created in previous step Create Duty   Now we have to create new duty and assign previously created privilege in its properties as shown Now we can see security role in FnO environment select any user from system administration>>users and click on assign role as follows and now search for priviously created role and click on Ok button now your security role is assigned to user with our role will be able to see the object like form, report etc except user with system administrator.  

Introduction: The Transport Layer Security (TLS) is a protocol that provides Secure communications. There are different versions of this protocol with the latest one being TLS 1.2. With all the crazy updates that Microsoft comes with, many of the programs, web services. etc. have enforced TLS 1.2 to be mandatory for communicating over the network. The previous versions of TLS are not supported in many of these programs and sooner or later they will deprecate for sure. Lucky for us, after the October 2018 update, Power BI Desktop now respects this need for TLS 1.2 and recognizes the Windows registry key in your System. You can enable or disable which version of TLS protocol is needed and Power BI will use that version accordingly. Steps to disable older TLS: Open your regedit by searching for ‘regedit’ in the search box of the taskbar Note: Changes in the regedit can cause serious changes in your system. Please take a backup of your regedit before proceeding and import the backup just in case your system starts to act funny. Go to [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client] and make the following changes [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client] “Enabled”=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client] “DisabledByDefault”=dword:00000001 This will disable your Power BI from using your older version of TLS 1.0 by default Steps to update your TLS to 1.2 Go to [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client] and make the following changes [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client] “Enabled”=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client] “DisabledByDefault”=dword:00000000 This will enforce your applications to use the latest TLS Power BI Desktop will respect the registry keys specified on those pages, and only create connections using the right version of TLS. For further documentation on TLS, you can refer the microsoft document below https://docs.microsoft.com/en-us/windows-server/security/tls/tls-registry-settings