I’ve been doing work with a client recently to refrsh their security in Microsoft Dynamics GP. We used the Microsoft Dynamics GP Security Matrixc from Fastpath to get the core security tasks assigned to the relevant roles. However, after security roles were created and testing was done, one user role was received errors when logging into Microsoft Dynamics GP:
You don't have security privileges to open this window. Contact your system administrator for assistance.
As this was during log in, I needed to use a dex log to find out what was happening. You do this by editing the Dex.ini file (located by default in %programfiles(x86)%\Microsoft Dynamics\GPnnnn\Data\ (where nnnn is the year) and changing the following line from FALSE to TRUE:
SQLLogSQLStmt=TRUE
The next two lines can be set to TRUE as well for additional logging, but the first was sufficient for my purpose.
Now when you og into Dynamics GP, every SQL statement is logged. As soon as the privilege warning appears, open the Dex log file go to the last row (or the last mention of User Security (SY10000)):
The parameters of the stored procedure are:
- User ID
- Company ID
- Dictionary ID
- Security ID
- Security Resource Type
I used my Security Tasks with Operations script to find out which security operation was causing the problem:
In this case, it was the Enhanced Notes Command from ISC Software’s own Enhanced Notes product.
Once this security operation was added to a task on a role assigned to users who had been receiving the error, they were able to log in without any further messages.
It is quite common for third party addons to have a requirement for at least one operation to be included in an assigned role. Like most ISV products, Enhanced Notes does add the relevant security roles and tasks, but the error was encountered as this was a very limited security role.
What should we write about next?
If there is a topic which fits the typical ones of this site, which you would like to see me write about, please use the form, below, to submit your idea.