DM503 – Securing Data Management Projects in D365FO: Best Practices for Legal Entity and Role-Based Access Control (Part-3)
Series Introduction
This article is Part 3 of 4 in the Automatic Inbound ASN Series, where we explore key Data Management operations in Dynamics 365 Finance & Operations (D365FO). You can find the complete series below:
π DM501 β Using the Composite Inbound ASN V3 Entity in D365FO
π DM502 β Converting Excel Data to XML for Inbound ASN V3
π DM503 β Securing Data Management Projects in D365FO (Current Article)
π DM504 β Automating Inbound Load Creation in D365FO
π New to the series? Start from Part 1.
Introduction
In this article, we discuss how to secure Data Management projects by configuring access control based on legal entities and user roles in D365FO. Weβll explore methods to streamline the process, increase efficiency, and make it easier for end users to create and manage inbound loads.
Data management Operations user role is standard role and it only need Team member licnese. Role gives
Data Management operations user role
The Data management operations user role in Dynamics 365 Finance and Operations (D365FO) provides key security access to users specifically for managing data import, export, and data-related tasks through the Data Management Framework. Itβs a role tailored for users who need to handle bulk data processing but donβt require full administrative or broader system access. Below are the key permissions provided by this role:
Key Access Rights Provided by the Data Management Operations User Role:
| Sr. No. | Access Rights / Limitations | Description |
|---|---|---|
| 1 | Data Import and Export | Users can import/export data using the Data Management Framework, create data projects, add entities (e.g., Inbound ASN V3), and run import/export tasks. |
| 2 | Data Project Management | Users can create, view, modify, and manage data projects, schedule recurring data operations, and review project statuses. |
| 3 | Execution of Data Jobs | Users can execute manual/scheduled data jobs, view execution logs, and troubleshoot errors in the import/export process. |
| 4 | Access to Data Templates | Users can export/import data templates (Excel, XML) for bulk operations like ASNs and sales orders. |
| 5 | Data Entity Access | Users can manage data entities, modify mappings to system tables, and ensure correct data placement. |
| 6 | Basic Data Validation & Transformation | Users can handle data transformation, validation rules, and field mappings to ensure correct data import formats. |
| 7 | View Data Management Execution History | Users can review logs of data imports/exports, track execution statuses, and troubleshoot errors. |
| 8 | Limited Administrative Permissions | Users can configure data projects but do not have full admin privileges or access to broader system configurations. |
| – | What the Role Does Not Provide | – No access to functional areas like sales, finance, or inventory beyond data operations. – Cannot edit security roles, perform system administration tasks, or access sensitive data unless explicitly permitted. |
Provide User a role
Restrict Role to Data management Project and Legal Entity
- Grant access to dedicated user
- Assign Legal Entity
Verify security access by login into user account and by going on Data management workspace
- User can only see data project and related history for which they have given access
Conclusion
Assigning the Data Management Operations User Role to users is an efficient and cost-effective approach to meeting business requirements in D365FO. It is advisable to duplicate the standard role to customize it according to your organizationβs specific needs, and I recommend following this best practice. Additionally, there are several advanced techniques for controlling visibility and securing access within this role, which as a system administrator, you are likely familiar with. Feel free to reach out in the comments if you would like to explore these techniques further.
Expand Your Knowledge: See More Data Management Blogs
Share this content:
1 comment