A Microsoft Dynamics 365 Finance security insight (and failsafe!)

Resetting passwords. It’s the last thing you want your IT staff or system admins to have to spend time doing, but usually it’s the first thing they’re asked to do by someone in the workplace almost every single day.

For most systems, you can just send users a link or—even better—the system itself sends them a link.

But Microsoft Dynamics 365 Finance is different—a lot different. And with good reason, too, as it’s where your most critical business info is stored and managed. Anytime a password “goes missing,” an administrator or manager should be informed and in the loop of any resets.

Which is why in Dynamics 365 Finance, resetting a “Worker” password can only be done by a user with System Administrator and OB Warehouse Manager roles.

In his own words, here’s what one of our engineers recently uncovered and shared with our support team.

Did you know this? Only users with the System Administrator and Warehouse manager roles and the warehouse user themselves can reset the worker password.

I discovered if you duplicate the out of the box Warehouse manager role or add the privilege “Maintain user passwords” to a custom role, the user will not have this access.  This was frustrating and didn’t make sense to me, so I did some digging.

In the AOT, in the Whsworker table there is a method “allowUserToChangePassword” which is coded with the roles that allow this access. 

To add this access to custom roles, the method can be edited in the AOT by either adding other roles or removing this limitation.  I thought this would be worth sharing with the customers. Please let them know.

And with this blog post, we’re doing exactly that! Thanks, team. Keep the insight, tips, and tricks coming!