GDPR tool for Microsoft Dynamics AX 2012

The European Union has introduced strict data protection rules last month, for which companies had to become legally compliant to avoid fines. We have a set of patches to apply to get a GDPR tool for Microsoft Dynamics AX 2012, which has been released to assist us:

  • KB4056903 Privacy Policy update
  • KB4074643 DAPIA Security tool
  • KB4057507 SQM Data collection

The part relevant for us is the tool, which allows capturing which interactive users have logged on to AX, who are using a security role that may access sensitive information.

GDPR tool for Microsoft Dynamics AX 2012

User log for roles with sensitive information access

GDPR tool for Microsoft Dynamics AX 2012

Setup of roles with sensitive data access

Unfortunately Microsoft only provides a high-level guideline on what shall be included and provides very little tangible assistance. Due to this I have felt we needed some way to identify what security roles could really be accessing sensitive data, so I came up with an X++ job that does exactly this. You may pass in menu items for forms, reports and also tables that may access details such as Customers, Global Address Book, Vendors, Address and Contact details. The tool is using the Security framework to determine which roles can edit such data, but you may change filter criteria to also include View access.

The XPO could be downloaded from GitHub.

https://github.com/DAXRunBase/AX-2012-R3/tree/master/GDPR%20security%20roles

DAXRunBase / 2018-06-29 / AX 2012
Tags: , , , ,

Comments

  1. Stephane Soupirot - 2018-09-17 @ 16:26

    Could you let me know if your XPO can be deployed on AX 2012 R2 ?
    In the same way do you know if we can deploy the Microsoft patches on AX 2012 R2 ?

    Reply
  2. DAXRunBase - 2018-09-27 @ 11:12

    Hi Stephane,

    AX 2012 R2 is ending its’ support lifecycle in a couple of days (2018-10-09 https://support.microsoft.com/en-us/lifecycle/search/640)

    As per the KB information on LifeCycle Services only R3 is supported for the DAPIA tool. For earlier versions you only get to turn off the SQM data collection and get an updated license for installations.
    https://fix.lcs.dynamics.com/Issue/Details?kb=0&bugId=3909273

    Since the DAPIA tool content is just a couple of extra tables and code for user logins, you could most likely backport it yourself from an R3 installation to R2, and use my job to populate settings.

    Reply
  3. Mike P - 2018-10-19 @ 10:29

    Hi Vilmos,
    Can I ask where SysUserLogRoleSettings comes from? It’s not compiling in my R3 implementation.
    Perhaps I need to install the 3 KB’s from Microsoft?
    regards
    Mike

    Reply
    • DAXRunBase - 2018-10-24 @ 21:10

      Hi,
      The job is for the DAPIA security tool framework which comes with the KB hotfix.
      Cheers,
      Vilmos

      Reply

Leave a Reply

Your email address will not be published / Required fields are marked *