The Dynamics AX client uses the Windows security context (effectively the user you are logged in to Windows as), as opposed to maintaining its own cryptography. This means when you open the AX client, there is no second login.

AX does, however, have the concept of a user, which is typically an employee that has an account in your Active Directory. This is required to grant the users access to log in to AX and to manage their roles, duties, and privileges (security access). It also affects licensing (refer to Appendix, Further Reading and Chapter 10, Setting Up and Managing Security, for further details). AX also allows you to create a relationship between users and employees. A user can be an employee, which is not enforced by the system. However, to use some of the functionality, you need to associate the user to an employee.

The decision of which users to import and their roles within the organization becomes apparent once you have designed your organizational structure. This will have been done as part of the implementation. You would only create or import users that specifically require access to Dynamics AX.

The following are the three types of users within Dynamics AX:

The following are the four methods of creating users within Dynamics AX covered in this chapter:

Where appropriate, an equivalent PowerShell command will be offered. This will allow automation of administration functions. To use PowerShell, you need to install the management utilities and open the Microsoft Dynamics AX 2012 Management Shell.