Microsoft Dynamics AX 2012 R3 Development-2 Locus IT Services

Microsoft Dynamics AX 2012 R3 Development-2

Locus IT ServicesMicrosoft Dynamics AX 2012 R3 Development-2

Lesson 2 – Security Policies

Security Policies

Security policies use Extensible Data Security (XDS).


The following definitions are used in conjunction with XDS.

Constrained table: This table or tables hold the data filtered based on the policy.

Primary table: This table is used to determine how data is filtered. For example, for a filter based on an employee, the primary table would be the HcmWorker table.

Policy query: This query is used to return data from the primary table that is then used to filter the data in the constrained table.

Context: This controls the circumstances under which the policy is applied.

There are two types of context:

  • Role contexts means the policy is applied if the user is assigned to the role.
  • Application contexts means the policy is applied based on information set by the application.

A security policy reduces the range of table records that users in roles are allowed to access. In the AOT, you create a security policy by first creating a query that has a range. Next you create the policy and set its Query property to the new query. Roles and users that are associated to the policy can see only the subset of table records that are included by the range.


To complete the final steps in this topic, you must understand how to test security. Robust testing requires you to be a user in the following different user roles at different stages:

  • Developer
  • System administrator
  • Application user

For more information, see How to: Test the Role-based Security Configurations under AOT Security.

Locus IT Project Management Office
What’s it?