With the latest Business Central version, the management of permissions by security groups has been optimized.
The more a company grows and changes in its structures, the more complex it becomes to keep an overview of all user permissions and to manage them properly. But the process can now be simplified with new so-called security groups. These allow users to be grouped by department, task area or other criteria. The appropriate permissions are then assigned collectively to the entire group.
The use of security groups reduces the time required for permission management and also lowers the risk of errors. This makes access control much easier and ensures that users only have access to the areas they need. New employees can be quickly and easily added to the appropriate security groups.
The use of security groups in Business Central requires the creation of Azure Active Directory security groups. Members must be added to these either in the Microsoft 365 admin center or in the Azure Active Directory portal. Then, on the “Security Groups” page, the Azure Active Directory security groups can be linked to those in Business Central by selecting the “New” action.
In the “AAD security group name” field, you can now search for the desired Azure Active Directory security group to be used. A FactBox shows the associated members and permissions of the group. Finally, the “Permissions” button on the security group page can be used to assign the required permissions to the security groups and manage them.
The new security groups replace the previous user groups in Business Central, which can no longer be used from Business Central 2024 Release Wave 2 (version 25.0). There is a migration routine that transfers the permissions of the user groups to the users. Unfortunately, the security groups have to be transferred manually during the migration.