Security for Dynamics 365 Finance and Operations is complicated. Often we put complicated things off until the end or until they are needed. I have seen many times that security is the last thing considered just prior to go live.
The norm is probably best described as just setting all of the product owners (if you are using agile) to administrators. Don’t get me wrong in some cases the product owners need to be set to administrator as the system is being learned so that they can access anything that they need, but as the project moves forward the product owners should at least have a second login that has security applied if its not practical to apply security to their main login.
There is a fairly simple trick to determining the security needed for a particular form that we’ll take a look at below. This like all things is not perfect, but allows you a good start to at least give the security role access to the screen.
The screen that I am talking about is found on most pages under Options and in the page options section is called Security Diagnostics.
This screen is available to System Administrators and Security administrators. So if you do not see it check what role you are assigned to. When you click into the security diagnostics you are given a list of roles, duties and privileges that apply to that page.
Do not get me wrong this is not the end all be all screen for security for a page. I have not seen, for example, that this screen would list security around if a button on the screen required certain roles or privileges that these would show up on the Security diagnostics screen. This is a good place to start though if you are trying to figure out what security needs for a particular screen.
This is definitely an easy thing to miss if you are not looking for it, and is one of those features that will save a lot of headache when trying to determine security.