Featured Post

Dynamics GP 2019 is now Released

It is now released, Microsoft Dynamics GP 2019 which moves the system to the modern product life cycle   " Beginning with the October...

Tuesday, February 9, 2016

Workflow Delegations under User Preferences, Access Denied for Limited Users

One of the most important features introduced recently in Dynamics GP is precisely workflow 2.0 and the ability to manage various workflow-associated tasks through the web client. As for requisitions specifically, Limited users were introduced to let the users enter and approve requisitions, which seems perfectly superb.
 
Workflow Delegations - User Preferences
 
In order to manage delegations, users are supposed to fill out the user from the Active Directory, who is supposed to approve/reject on behalf of them. There are precisely two issues which are encountered when using this window which are:
  1. Once the window is open, and the option "Automatically delegate my workflow tasks to "  is checked, closing the window becomes impossible unless the "Delegate to" field is filled out. As shown below, the system doesn't allow you to close the window giving an error that "A delegate must be selected"

    Select a delegate warning Message

  2. The delegate to "lookup" is not part of the limited users privileges, it can only be granted to full users.
The security task associated with the lookup window can be seen under "Microsoft Dynamics GP Product, Windows Types, System Series and Full User Type". If you choose the Limited user, the Directory Account Lookup is not included, which is why it can not be granted to limited users.

Workflow Delegation - Lookup button

Security Privilege Error - on Lookup button

Directory Account Lookup - Security Task
 
 
 
 
 
Work-around Solution (Workflow Delegation Lookup)
 
Although limited users can not open the lookup in order to search for a specific user in the Active Directory, they can still type in the "Delegate to" field and pick a specific user from the AD. For instance, if you want to delegate tasks to a user in the AD with the name "Mahmoud Saadi", type in the very initial characters of the name and then press Tab, the system will automatically retrieve the first name from the AD. 

This is definitely invalid when you have multiple users in the AD with the same account name, which will result with retrieving incorrect accounts. 


I have submitted my feedback on MSConnect to be consider by Microsoft Support team, ID: 2339798 on this Link.

Best Regards,
Mahmoud M. AlSaadi

2 comments:

  1. BE SMART AND BECOME RICH IN LESS THAN 3DAYS....It all depends on how fast 
    you can be to get the new PROGRAMMED blank ATM card that is capable of
    hacking into any ATM machine,anywhere in the world. I got to know about 
    this BLANK ATM CARD when I was searching for job online about a month 
    ago..It has really changed my life for good and now I can say I'm rich and 
    I can never be poor again. The least money I get in a day with it is about 
    $50,000.(fifty thousand USD) Every now and then I keeping pumping money 
    into my account. Though is illegal,there is no risk of being caught 
    ,because it has been programmed in such a way that it is not traceable,it 
    also has a technique that makes it impossible for the CCTVs to detect 
    you..For details on how to get yours today, email the hackers on : (
    atmmachinehackers1@gmail.com ). Tell your 
    loved once too, and start to live large. That's the simple testimony of how 
    my life changed for good...Love you all ...the email address again is ;
    atmmachinehackers1@gmail.com

    ReplyDelete