What Is Account Level Security?
Account Level Security is a feature in Microsoft Dynamics GP that restricts which General Ledger accounts a user can view, enter, or edit. Rather than giving all users access to the full chart of accounts, Account Level Security allows administrators to define an Organizational Structure and assign users to specific positions within that structure. Each GL account is then linked to one or more organizational positions, so users only see the accounts relevant to their role.
This is particularly useful for organizations that want to:
- Prevent users from viewing financial data outside their department or business unit
- Reduce errors by limiting the accounts available during transaction entry
- Protect sensitive financial information (e.g., executive compensation accounts, intercompany accounts)
Once configured, users will only see accounts associated with their assigned organizational position(s) when entering transactions, running inquiries, or viewing account lookups within Dynamics GP.
SmartView Internal (Inside Dynamics GP)
SmartView Internal is an alternative inquiry interface that runs inside Dynamics GP and provides a faster, more flexible way to view SmartList data. However, SmartView Internal does not honor Account Level Security.
SmartView’s security model is based on SmartList security: if a user has access to a SmartList, they have access to that same list in SmartView. Account-Level Security restrictions that apply within standard Dynamics GP windows and transaction entry are not carried over to SmartView lists. As a result, when a user opens a GL-related SmartView list (such as Account Transactions or Account Summary), they may see accounts that would otherwise be restricted in standard Dynamics GP windows and SmartLists.
Result: A user whose Dynamics GP experience is restricted to a subset of GL accounts may still be able to view all accounts through SmartView Internal.
SmartView External (Outside Dynamics GP)
SmartView External is a standalone application that allows users without a full Dynamics GP license to access list data from outside of GP. SmartView External users are set up separately from Dynamics GP users and are linked to either a Dynamics GP user account or a Dynamics GP security role to determine which lists they can access.
Because SmartView External operates outside of the Dynamics GP application, Account Level Security restrictions configured within GP are not applied to data returned through SmartView External lists.
Result: SmartView External users who access GL-related lists may see all accounts in the database, regardless of any Account Level Security settings configured in Dynamics GP.
Recommendations
If your organization relies on Account Level Security to control access to sensitive GL accounts, be aware that granting users access to SmartView (either Internal or External) for GL-related lists may expose account data that is otherwise restricted in Dynamics GP.
Consider the following mitigations:
- Limit SmartView access to non-financial lists for users subject to Account Level Security restrictions.
- Use Dynamics GP security tasks to explicitly restrict which SmartLists are visible to specific users or roles, removing GL account-related lists for restricted users.
- Review SmartView External user configurations carefully — because External users are linked to a GP user or role, ensure the linked GP user is also subject to appropriate SmartList-level restrictions.
- Use SmartList Builder to create restrictions on lists similar to the account level security that is setup and apply those restrictions to the appropriate users that they apply to.
If you have any questions on Account Level Security, please contact us.
