This blog post summarizes one of the most difficult issues I have wrestled with in my consulting career - it also stumped the experts at Microsoft Tech Support and all of the gurus at my disposal - well almost all.
Symptoms: A user is granted access to a Dynamics GP Window through a Role. The user can see the link to the window in navigation. When the user clicks on the link in navigation nothing happens. The window does not open, there is no error produced. Intermittently the link will disappear from navigation, after it is clicked.
Security in current Dynamics GP releases is structured as follows:
At the bottom tier are the specific window, report, file and posting permissions, which used to be how GP security was administered - it is quite frankly very detailed, very flexible and therefore very cumbersome.
These low level permissions are now collectively assigned to Microsoft created Tasks (task based security groups). These tasks use a naming convention, and while the naming convention isn't easily decipherable, the Task Names are very instructive (i.e. Set up credit cards, Set up taxes, Set up bank accounts, etc.)
Microsoft has created logical Roles making it much easier to grant and deny access to areas of the software based on the functions a user should perform as part of their job. Tasks are assigned to these Roles. The Roles are much more intuitive, having names like AR Clerk, AP Clerk, Accounting Manager, etc.
First - you have to check thoroughly to ensure the user is actually granted access to the window through a Task assigned to one of the Roles assigned to their User. Once you have validated the user has access to the window, and you still encounter the behavior described above, try the following:
Create another user and copy permissions from the original user to the new user in the User Security Setup window. If you have this problem, this step won't help, but it will confirm you have this issue.
So now we're down to "brass-tacks." You have a user who cannot access a window they have been granted access to, even though they can see the link for the window in navigation. There is no explanation/error for this problem.
I ran Check Links, disabled customization, granted SQL Administrator access to the affected users - nothing seemed to work. All these activities did make it clear to me we were dealing with a problem with roots firmly planted in Dynamics GP Security set up.
So, I reached out to several people I consider gurus, and one of them, Brenner Klenzman, said he'd seen something like this before. I was thrilled! He even had a solution to the problem. Brenner suggested un-clicking the roles assigned to the user and re-clicking them (not sure those are real words). So I did just that and tested access again - no improvement! This fix, while it had worked for Brenner on a previous occasion, did not resolve the problem.
I engaged Microsoft Technical support, and went through several days of creating and submitting log files. Installed and used the support debugging tool. Still No Luck! Microsoft Tech Support called "no joy" and credited back my technical support incident.
Now I was a heart-beat away from emailing the client some exceedingly bad news. We were going to have to destroy security and recreate it, in a live environment... I was dusting off a KB article on how to do just that, and putting together a plan of action to implement it.
When inspiration struck. Don't ask me why, but I decided to implement Brenner's fix at a lower level. I opened up the Tasks assigned to the Roles and un-clicked then re-clicked them. Hallelujah - success!