Development client
The AX 2012 client can be launched in development mode. This exposes all the development tools without having to jump through multiple contextual menus. The window is stripped of its Main Menu, Content Pane and Navigation bar. The X++ editor uses the same engine that powers the Visual Studio editor, with long-awaited features like: line numbering, block editing, change highlighting, etc.
Models
Models complement the code layering system in AX to goup objects . Models can be imported/exported from the system and withnaming, versioning and signing possibilities .The layer-based application object files (AOD-files) are replaced by a dedicated SQL Server database, which is also the model store. All application elements are located in this database, which is created by the setup program of Dynamics AX 2012 Models will be the new way ISV solutions are distributed rather than the current system of distributing AOD files).
The new storage model with AX 2012 will remove the only single point of failure in the AX architecture. With AX 2009, the application is stored in a shared folder which is only accessible by the AOS. The high availability solution for Microsoft file servers is the Distributed File System (DFS) technology. However, Microsoft does not recommend creating multiple copies of .aod files, therefore the folder which contains the application files cannot be configured with DFS.
Visual Studio integration
For an AX developer, it will become a requirement to have a Visual Studio 2010 installation. With Microsoft Dynamics AX 2012, the integration between the two is to the point where managed code can now be called in business logic processes using event handlers attached to AX class methods. Through the use of the Application Explorer (AOT in Visual Studio), objects like tables or classes can now be used, with full IntelliSense, in managed code thanks to automatically generated proxies.
Role-based Security
In previous versions of AX, assigning security keys was the main task rl for a developer about . With AX 2012’s role-based security, developers play a much bigger role when creating new elements. Permissions are now assigned on the AOT elements and are grouped together in Privileges. These Privileges are then gathered in Duties which define a role.
The new security framework is based on:
- Roles: a group of duties specific to a function (accountant, mechanic, clerk, manager, …)
- Duties: a group of related privileges needed for a specific task (sales order entry, approve expenses, order picking etc,
- Privileges: a group of entry points (mostly menu items) needed for a specific action (create sales order lines, set up HRM parameters, start a picking route, …)
- Permissions: a group of base objects each with the required level of access (update salesTable, update HRMParameters, …)
Developers are responsible to provide the appropriate privileges and permissions
An administrator can define roles and duties based on the privileges and permissions -and link users to roles
Standard, out-of-the box roles, duties, privileges and permissions are available to secure all functionallity in Ax2012!Previous versions had … no out-of-the-box security configured roles.
Some other facts:
- SecurityKeys are no longer used
- Companies are replaced by legal entities
- Domains are replaced by organisations
- Users groups no longer used in a security context
External users (without an Active Directory -account!) can log on to the Enterprise Portal (using a numberof ways of user authentication in SharePoint 2010)
XDS (eXtended Data Security)
In previous versions there was RLS (record level security), where you could estrict the selected data by adding a where clause to tables Ax2012 takes RLS to the next level: it’s called the XDS framework
- the combination of an application context (form, menu item, …) and a role context (user, role, …)
- is applied to a policy (based on queries, so more flexible compared to RLS, also the meta data is used to apply data security on linked tables)
- this policy filters the data as configured
an example:
- define a query on the salesTable,
- a policy defines that you can only see customers from a specific group (‘x’),
- you only see the salesTable records for customers of group ‘x’ …
Even if your select looked like ‘select from salesTable’,then it would become something like ‘select from salesTable where exists (select from custTable where custTable.PK = salesTable.FK and custTable.group = ‘x’)’.
- Applying multiple policies, would add extra ‘exists’ clauses to the query.
- Ax2012 comes predefined with 11 policies (3 enabled by default)
- This sounds like a performance killer but there’s a solution (as with most potential performance issues in ax2012).
- Policies that result in complex queries including multiple joins can be cached in temp tables that are populated the first time the complex policy-query is executed. The next time this complex query is executed … it is not … the results from the temp table are used in the query rather than executing the complex query over and over again. This is called a ‘myConstruct‘ and the refreshrate is customizable (on each execution, per session, …). Ax2012 comes with 7 myConstruct tables out-of-the-box.
- A new feature for developers is the possibility to get the actual SQL statements (policies applied) from within X++.
The goal of this new security framework is
- Faster implementation
- Role-tailored user experience
- Comprehensive data security
Disaster recovery
In Microsoft AX 2012, the application folder is stored in a database, so it is possible to integrate it into high-availability solution for SQL databases. That’s will improve data integrity; simplify backup procedure and offer high-availability for Microsoft Dynamics Ax architecture.
And more
The list of smaller changes is huge – temporary tables in the database, table inheritance, data contracts, new user controls, AIF changes, just to name a few… Expect Ax 2012 announcements at Atlanta at end AprilThere is much to get used to with Dynamics AX 2012 and this release is a major step forward There is even more good news to come on the functional side which I will cover in a future blog when the wrappers come off.