The following roles have special definitions that you should note as you implement security for the RoleTailored client.
| Role | Definition |
|---|---|
|
SUPER |
Can read, use, change, and delete all data and all application objects within the scope of your license. Microsoft Dynamics NAV 2009 requires that at least one user is assigned this role in each database. When a user creates a Microsoft Dynamics NAV database by installing the CRONUS International Ltd. demonstration database with Microsoft Dynamics NAV 2009 Setup or by restoring a previously backed-up database, that user is automatically given the SUPER user role in the Microsoft Dynamics NAV security system. For more information, see First User Automatically Has SUPER Role. You cannot alter permissions that are granted to the SUPER role. |
|
SUPER (DATA) |
Can read, use, change, and delete all data. You typically assign this role to an accounting manager or another role that needs to work with all data but does not need to make changes to Microsoft Dynamics NAV. |
|
SECURITY |
Can access tables and functions that are related to security information, which include users and permissions. Users with this role can grant permissions to others but can only grant permissions that they have. Therefore, if you want to create an "area superuser," then you should give the person the SECURITY role and permissions for the areas, such as Purchases & Payables, for which they can grant and revoke permissions for other users. |
|
ALL |
Can use fundamental but not high-security tables and functions. You must assign this role to all users except SUPER because this is a prerequisite for all other roles. |
|
BASIC |
Is a prerequisite for all other RoleTailored roles and grants access to required system tables and other fundamental tables. The BASIC role is a special role created specifically for the RoleTailored client. The BASIC role is a supplemental role that you must import manually. For details, see How to: Import RoleTailored Roles. You must also import permissions for the BASIC role. For details, see How to: Import Permissions for the BASIC Role. Once you have imported the BASIC role and permissions for the BASIC role, assign this role to all users who use the RoleTailored client. |