How to resolve Security errors on Login

David MeegoFrom the Microsoft Dynamics GP Application Level Security Series.

When logging into Microsoft Dynamics GP or Microsoft Business Solutions - Great Plains, you might receive the following error:

You don't have security privileges to open this window.

Once you click OK, the login appears to complete.

During login, access is required to a number of forms within the product, if access has been denied you will receive the error described.  Even if you follow the Knowledge Base (KB) Article 858718 on the subject (see link below) you might still receive this error.  The issue is that many third party and Independent Software Vendor (ISV) products open hidden forms just after login. If security access has been denied to these forms you will be able to login, but will receive the error message and the third party product might not operate correctly.

We can use the Support Debugging Tool for Microsoft Dynamics GP to help resolve this issue. As we are only using Standard Mode features, any user can be used.

Below are the steps, please skip steps already completed previously: 

  1. Click here for the links to download the tool from PartnerSource.
     

  2. Extract the archive files to your application folder.
     

  3. Launch Microsoft Dynamics GP and select Yes to include new code.
     

  4. Log into Microsoft Dynamics GP.
     

  5. From the menus click Microsoft Dynamics GP (for v10.0), click Tools, click Support Debugging Tool.
     

  6. From the Support Debugging Tool window, click Options, click Dex.ini Settings.
     

  7. On the Debug Tab, in the Support Debugging Tool Options section, select the Enable SQL Logging on next login checkbox. This performs the same changes to the Dex.ini as the steps in KB 850996 (see link below).
     

  8. Click OK to close the Dex.ini Settings window.
     

  9. Exit the Microsoft Dynamics GP application.
     

  10. Delete or rename the DEXSQL.LOG file if it exists. By default it would be stored in the application folder or the Data subfolder under the application folder. For example: C:\Program Files\Microsoft Dynamics\GP\Data.
     

  11. Re-launch Microsoft Dynamics GP.
     

  12. Log in and get up to the Security error message.
     

  13. Rename the DEXSQL.LOG so that no more logging is added to this log (for example: rename to DEXSQL_Error.LOG).
     

  14. Open DEXSQL_Error.LOG with Notepad and look for the line below:

    For v8.0 & v9.0: Find the last line starting with "EXEC DYNAMICS.dbo.zDP_SY02000SS_1".

    For example: EXEC DYNAMICS.dbo.zDP_SY02000SS_1 1, 'user', 309, 2, 22047

    where 309, 2, 22047 is the Product ID, Resource Type and Resource ID.

    For v10.0 or later: Find the last line starting with "{ CALL DYNAMICS.dbo.zDP_SY10000SS_1".

    For example: { CALL DYNAMICS.dbo.zDP_SY10000SS_1 ( 'user', 1, 309, 22047, 2 ) }

    where 309, 22047, 2 is the Product ID, Resource ID and Resource Type.
     

  15. Complete the Login.
     

  16. From the menus click Microsoft Dynamics GP (for v10.0), click Tools, click Support Debugging Tool.
     

  17. From the Support Debugging Tool window, click Options, click Resource Information. Screenshot below:
     
    Resource Information
     

  18. Leave the Resource Type set to Form, Window & Fields.
     

  19. Enter the Product ID and the Product Name will be identified. 
     
    For example: 309 is Fixed Assets.
     

  20. The next number is 2, which tell us that the resource is a Form.
     

  21. Enter the Resource ID and the form will be identified.
     
    For example: 22047 is the Asset User Data (FA_User_Data_Maintenance) form.

Once you have the form identified, you can adjust the security settings to provide access and stop the error message appearing. 

Note for v10.0 only: If the window is a third party hidden window, please contact the developer of the product in question and request that they update their code to remove their hidden window from the security system. The methods involved are described in the Integration Guide manual installed with Dexterity. Please see the post: Quick Tip: Updating Dexterity customizations to work with Security Tasks and Security Roles.

For v8.0 & v9.0: You can then use Advanced Security (Tools >> Setup >> System >> Advanced Security) or Standard Security (Tools >> Setup >> System >> Security) to grant access.

For v10.0 or later: You can use Security Tasks and Security Roles to grant access. For information on how to identify the Security Tasks and Security Roles linked to a particular form, please see the How to identify the Security Tasks and Security Roles associated with a specific window or report post or the How to identify the Security Tasks and Security Roles using the Support Debugging Tool post.

Edit: Build 10 of the Support Debugging Tool now includes a Security Information window which can be opened from the Security Profiler and Resource Information windows.  This window will display the Security Tasks and Security Roles associated with the select resource and provide easy navigation to the security windows to make changes if desired. Just right click and select Security Information to open the window. For more information see Support Debugging Tool Build 10 released.

For more information on creating a DEXSQL.LOG or what the minimum security access required to log in is, please see the KB Articles below:

How to create a Dexsql.log file for Microsoft Dynamics GP and Great Plains (KB 850996) Secure Link

How to set up minimum security access to log in to Microsoft Dynamics GP or to Microsoft Great Plains (KB 858718) Secure Link

David

Ref: Updated from Internal KB 929596 to use Support Debugging Tool

07-Dec-2008: Updated Step 14 with information for logs from v10.0.

15-Jan-2009: Add details of new Security Info window in Support Debugging Tool build 10.

01-Jul-2009: Fixed typo as pointed out by Steve Endow's comments.

21-Oct-2011: Added Link to Quick Tip: Updating Dexterity customizations to work with Security Tasks and Security Roles post.