I'm brand new to AX and the company I work for is also just implementing AX 2012. What I've been asked to look into is how to configure AX to allow and disallow access to forms based on role. For instance, we don't want a Purchasing Manager to be allowed to work with the Vendor Groups form under Setup on the Area Page, but we do want the Accounts Payable Manager to work with that form. Both their profiles have the "Enable vendor process" duty attached which contains a privilege named "Maintain vendor groups". What I've been able to figure out is I can modify the access level of the "Maintain vendor groups" privilege to "No access" and that will restrict the Purchasing Manager from seeing the link on their Area Page, but this access level change appears to be global and is also having the same impact to the Accounts Payable Manager.
Hopefully the example is clear as to what the issue is and what I'm hoping to achieve. Just thinking aloud but would something like this situation require creating a new duty without the "Maintain vendor group" privilege? Or can this be done through the AOT? Or can the privilege itself be configured to apply with specific roles only?
Any help would be appreciated. Please let me know if further details are required and I'll try to answer them.