Managing User Roles and Permissions in Business Central

Microsoft Dynamics 365 Business Central is an enterprise resource planning (ERP) solution that centralizes functions needed to manage important business operations like finance, operations, and customer service. Leveraging the application effectively requires properly setting up and managing user roles and permissions. This article goes over the details of setting up Business Central permissions and ensuring users have the access needed to perform functions related to their job roles. 

What Are User Roles and Permissions?

User roles define the type of access provided to a user. Each role comes with a set of permissions that allow users to perform specific actions, like viewing customer information or editing data. Administrators can tailor user roles to meet the needs of individual users.

For example, a company with sales representatives can create a role with permission to create and update sales orders. Someone who works in the finance department can have a role created allowing them access to financial reports or invoices. However, the sales representative could not view information available to the finance employee, and vice versa. 

Why is User Role and Permissions Management Important?

With hackers constantly looking for ways to steal data, being proactive about protecting company information is more critical than ever. Business Central houses sensitive data like employee information, customer details, and financial records. Any failures to properly define user roles and permissions can increase the risk of a data breach. 

Many companies work in industries subject to strict regulatory requirements. For example, healthcare providers can face significant fines under HIPAA for not taking steps to safeguard data integrity and privacy. Business Central roles and permissions give organizations what they need to demonstrate accountability and compliance efforts during audits. 

Adding Users in Business Central

You can start adding users if you have been assigned administrator privileges. You can access the Business Central role center through the Microsoft 365 admin center. 

1. Navigate to Users -> Active users, then choose the option Add a user.
2. Go to the Set up the basics pane and fill in all basic user information as shown below: 
   1. Name: First and last name, user name, and display name.
   2. Domain: Add the domain for that user’s account.  
   3. Password settings: Select the option to use an autogenerated password or manually enter a strong password.
   4. You can require the user to change the initial password after 90 days, or select the Require this user to change their password when they first sign in prompt. 
   5. Select whether to send the password to a user once they’ve been added. 
3. Go to the Assign product licenses pane. Choose the appropriate license and location for that user.
4. Expand Apps and select or deselect the apps users have a license for, then click Next.
5. Go to the Options settings pane and expand Roles to make the user an Admin. You can also expand Profile info to add extra information about the user. 
6. Click Next to review the settings entered for the user and to make any additional updates. Once you’re done, click Finish adding and then Close. 

There’s also an option to add multiple users. 

1. Navigate to Users -> Active users and select the option for Add multiple users. 
2. When the Add list of users page appears, select the option to upload users via a spreadsheet or CSV file.
3. After selecting I’d like to upload a CSV with user information, download the sample CSV file. Make sure your spreadsheet matches the column headings. 
4. Once you’re satisfied that you’ve formatted your CSV file correctly, select Browse to choose the location of your file, then click Open.
5. Select Next to go to the License page. Choose all the licenses you want applied to all users, then click Next.
6. Review all selections before selecting Add users. 

Managing Permissions in Business Central

After adding users, you can apply the appropriate permissions for their job roles. You can create a permission set that allows you to assign permissions to multiple users at once. 

1. Go to the search icon and enter Permission Sets. Click the applicable link.
2. Select New. Once a new line appears, add all necessary fields. 
3. Select Permissions. Once the Permission set page appears, go to the Type field to include or exclude permissions for the object.
4. You can choose the level of access for each permission with the following options: 
   1. Read Permission 
   2. Insert Permission
   3. Modify Permission
   4. Delete Permission
   5. Execute Permission

On the Permissions Set page, you can expand the permissions allowed by a specific permission set by adding others. You can also view other permission sets already added and make changes as needed. 

Once you’ve created a permissions set, you can assign them to users.

1. Go to the Search icon and enter Users to pull up the applicable link. 
2. Choose the user you wish to add a permission set to.
3. Look in the Permission Sets FactBox to see any permissions already applied to the user. 
4. Click Edit to open the User Card page.
5. Go to the User Permissions Sets and enter all required fields on a new line. 

You can add permission sets to multiple users using the following steps: 

1. Select the Search icon and enter Users to pull up the applicable link. 
2. Go to the Users page and select Permission Set by User.
3. Click the username checkbox on relevant permission set lines to assign them to the user. You can select the All Users checkbox to assign a permission set to all applicable users. 

Best Practices for Managing Users and Permissions in Business Central 

Before you start working with security roles and privileges in Dynamics 365, performing a role analysis of your company’s workflows, structures, and job responsibilities is a good idea. That helps you organize what data and functions each job requires for effectiveness. Check out the predefined roles in Business Central to ensure they align with your company’s needs. 

Internet eBusiness Solutions can help businesses set up custom roles that align with their business processes. Contact one of our representatives to learn more about our services.