Chapter 1. MorphX Security System
The security tool in Microsoft Dynamics AX Security 2012 R3 is built to help organizations create and manage secure ERP implementations. Illustrated with MorphX, X++ coding, snapshots, and figures, this chapter intends to provide you with the basics to transform the knowledge to seamlessly implement security configurations into practical steps that are needed to develop an efficient security environment. In this chapter, we will broadly look at:
- Introducing the MorphX development tool
- Developing a security artifact using AOT
- Validating and testing a security privilege
- Applying a configuration key
By going through this chapter, you will briefly know the fundamentals and security concepts in the Microsoft Dynamics AX product. The security architecture in the Microsoft Dynamics AX product consists of the infrastructure security and the application security (https://technet.microsoft.com):
The different blocks in this architecture are as follows:
- Infrastructure security: The Microsoft Dynamics AX infrastructure is based on the following features:
- Active Directory services
- Integrated windows authentication
- Computer networking
- Secured servers' machine
- Application security: Application security has the same features as those listed for infrastructure security and includes the following additional features:
- Active Directory users added to Microsoft Dynamics AX and granted access to use the application
- Domains that are groups of the company accounts in Dynamics AX
- Record-level security to restrict or permit users to access specific fields and tables
- Security keys that allow users to access specific forms, reports, or menus
By focusing on application security, we are going to break it down into the following points that should be considered when securing the Dynamics AX server:
- Application file server: The application files should be restricted to the application object server domain account
- Database server: The database server should be secured using the recommended SQL server security solution
- Application Object Server (AOS): The AOS should be restricted to the log directory for only the AOS account directory and the administrator
- Enterprise Portal: Securing the Enterprise Portal starts with Microsoft Internet Information Services (IIS) using the Secure Sockets Layer (SSL) and another built-in feature called Business Connector
This is the high-level security architecture of the Microsoft Dynamics AX product that you should gain knowledge about before proceeding to the security features that enable administrators, technical consultants, and programmers to secure the application. We are going step by step to deliver proper experience and practices through this chapter.