Chapter 3. Security management

You can perform security and permission management tasks from the Security management page. To access the Security management page, select the Admin icon in the top-right corner of the screen and click Roles, Groups, or Users on the Business Central Settings page. Depending on which icon you click, the Security management page opens for the respective tab. Use roles and groups to manage privileges and settings for users. Any changes apply to all users with the affected role or group.

3.1. Creating users

User privileges and settings are controlled by the roles assigned to a user and the groups that a user belongs to. You can create any number of users in Business Central.

Note

Do not create a user called unknown in process engine or Decision Server. The unknown user account is a reserved system name with superuser access. The unknown user account performs tasks related to the SLA violation listener when there are no users logged in.

Procedure

  1. In Business Central, select the Admin icon in the top-right corner of the screen and select Users.
  2. Click New user, enter a user name, and then click Next.
  3. To assign roles to the user, click the Roles tab, click Add Roles, select the desired roles, and click Add to selected roles.
  4. Optionally, to assign groups to the user, click the Groups tab, click Add to groups, select the desired groups, and click Add to selected groups.
  5. Click Create.
  6. Click Yes to set a password for the user, enter a desired password, and click Change.
Note

The user must have at least one role to access Business Central.

3.2. Creating groups

Groups enable you to control privileges and settings for a collection of users. You can create as many groups as you require.

Procedure

  1. In Business Central, select the Admin icon in the top-right corner of the screen and select Groups.
  2. Click New group, enter a group name, and then click Next.
  3. Select the users that you want to add to this group, and then click Add selected users.

    The newly created group is listed under All groups.

3.3. Changing permissions for groups and roles

You cannot change permissions for an individual user. However, you can change permissions for groups and roles. The changed permissions apply to users that have the role or belong to the group that you changed.

Procedure

  1. In Business Central, select the Admin icon in the top-right corner of the screen.
  2. Click Roles or Groups to open the corresponding list.
  3. From the list, click the role or group you want to edit. All details are displayed in the right pane.
  4. Set the Home Page or Priority under the Settings section.
  5. Set the Business Central, page, editor, space, and project permissions under the Permissions section.

    You can expand the resource type whose permissions you want to change.

  6. Optional: To add an item not listed, click Add Exception and then set the permissions as required.

    Note

    You cannot add an exception to the Business Central resource type.

  7. Click Save.
Note

Any changes you make to roles or groups affect all of the users associated with that role or group.

3.4. Changing the home page

The home page is the page that appears after you log on to Business Central. By default, the home page is set to Home. You can change the home page for roles and groups.

Procedure

  1. In Business Central, select the Admin icon in the top-right corner of the screen and select Roles or Groups.
  2. Select a role or group.
  3. Select a page from the Home Page list.
  4. Click Save.

    Note

    The role or group must have read access to a page before you can make it the home page.

3.5. Setting priorities

A user can have multiple roles and belong to multiple groups. The Priority setting determines the order of precedence of a role or group.

Procedure

  1. In Business Central, select the Admin icon in the top-right corner of the screen and select Roles or Groups.
  2. Select a role or group.
  3. Select a priority from the Priority menu, and then click Save.
Note

If a user has a role or belongs to a group that has conflicting settings, the settings of the role or group with the highest priority applies.