19
It would be helpful to have a base permission set with out the Page (0) and Report (0) permission that has only the most basic required permissions for a user to get into BC. All the stock basic permission sets have the access to all pages and reports enabled. For any customer actually using permissions, the first thing we have to do is create a copy of the base permission set and then remove the Page 0 and report 0 permissions and then manually add the smaller set of pages and reports all users need.
This new base permission set would then allow more flexibility in adding permission set to add specific pages and reports based on the users roles and save time of not having to create the new base permission set.
Keep the existing permission sets but add a new one for the more restrictive base set.
Category: General
STATUS DETAILS
Needs Votes
Ideas Administrator

Thank you for your feedback. Currently this is not in our roadmap; however, we are tracking it and if we get more feedback and votes, we may consider it in the future.

Sincerely, 

Tomás Navarro
PM, Microsoft

Comments

K

Agree. It is a common ask of our clients that certain roles should NOT see many of the financial pages that expose the company's financials.

Category: General

K

I agree a hundred percent. We have been offering our customers customized basic rights based on manual authorizations at object level for a long time.
There is already an entry in this blog from my colleagues: https://experience.dynamics.com/ideas/idea/?ideaid=0a1a522c-e685-e911-80e7-0003ff68897c

Category: General

K

100 % agree.

After base-app and system-app had been made, I think it would make very good sense to create a permission that only grants the user the basic permission in order to log in.

I've just had a case with Microsoft with a tenant here, where a custom permissionset for team-member licensed users lacked one specific 20000x table which caused tenant to be extra loaded and led to instability for the entire tenant.

This would have been avoided, if Microsoft made a basic system-permission set that all users got when created. A base permission to to be able to login. All other permissions set would add additional areas.

Category: General

K

I agree with the above limitations of the system, not all users should be able to see certain confidential data within general ledger, bank accounts etc.

Category: General