July 5, 2023 | By Andrew Wingate

Seamless Integration of Dynamics 365 Business Central with Azure Security Groups

Introduction

Effective user management is crucial for any organization. Dynamics 365 Business Central now integrates with Azure Security Groups, offering a streamlined approach to managing user permissions and system access. This integration simplifies the process of onboarding users and enhances security by leveraging Azure Active Directory (AAD). In this blog, we will explore how to onboard users in Dynamics 365 Business Central using Azure Security Groups and the benefits this brings to organizations.

Challenges of Traditional User Onboarding

Previously, creating users in Dynamics 365 Business Central required direct access to the application to complete user setup and configuration. IT admins had to navigate various menus, assign roles, and define permissions, which was time-consuming and prone to errors. This process often led to inconsistencies in security policy enforcement.

The Power of Integration

The integration of Azure Security Groups with Dynamics 365 Business Central simplifies user onboarding and access management, offering a more efficient and secure solution. Here are the key advantages:

  • Centralized User Management with Azure Active Directory
    By using Azure Security Groups to manage Dynamics 365 Business Central permissions, user management is centralized within Azure Active Directory (AAD). Administrators can create and manage user accounts directly in AAD, eliminating the need to access Dynamics 365 Business Central. This centralization ensures consistency, simplifies administration, and reduces access discrepancies.
  • Role-Based Access Control (RBAC)
    Azure Security Groups provide robust RBAC capabilities, allowing organizations to define access levels based on job roles or responsibilities. By mapping roles and permissions within Dynamics 365 Business Central to Azure Security Groups, admins can easily provision users with appropriate access rights, ensuring they have the necessary permissions while maintaining granular control.
  • Streamlined Onboarding Process
    This feature automates the onboarding process. Admins can assign new users to specific Azure Security Groups, automatically granting access to relevant resources, including Dynamics 365 Business Central. This automation reduces manual provisioning errors and saves time.
  • Enhanced Security and Compliance
    Azure Security Groups offer robust security features like multifactor authentication and conditional access policies. Leveraging these capabilities enhances security and compliance efforts, ensuring only authorized individuals access critical data and reducing the risk of data breaches.
  • Simplified User Offboarding
    Offboarding is simplified as well. When an employee leaves, disabling or removing their account from AAD revokes access to all associated systems and resources, minimizing security risks and protecting data.

Step-by-Step Guide

Step 1: Create Azure Security Groups

Create one or more Azure Security Groups that align with your license types. For example:

  • “Essential” users, who require comprehensive business access.
  • “Team Member” users, who need basic purchase-side access.

Step 2: Set Permissions in Dynamics 365 Business Central

Navigate to the Security Groups page in Dynamics 365 Business Central. Select a security group from Azure Active Directory for use in this scenario.

Step 3: Apply Permissions

Use the ‘Permission Set by Security Group’ action to review and apply permissions. The Security Groups page allows you to drill into specific permissions and review them across all Azure security groups.

Figure 4a and 4b: Review and manage permissions across Azure security groups.

Caution: The default company specification is set to ‘blank.’ If you need to restrict permissions to specific companies, use the alternative page.

Recommendation: Transfer control of permission sets to security groups and remove any setup from the License Configuration page. This ensures centralized management and simplifies the process.

Conclusion

Integrating Azure Security Groups with Dynamics 365 Business Central offers a modern approach to user management. This method streamlines user provisioning, enhances security, and ensures consistent access control. Organizations can save time, reduce errors, and enforce stricter security measures, leading to greater operational efficiency and agility.

For more information, contact your Telefónica Tech account manager or visit Microsoft’s dedicated resource on Manage user permissions using security groups | Microsoft Learn.