This section provides step-by-step instructions for creating and configuring Team Members users in Business Central 25.
Step 1: Access User Management
Navigate to Users Page
-
Open Business Central 25
-
Use the Tell Me search box (Alt+Q)
-
Search for "Users" and select "Users" page
-
Alternatively, navigate to System Administration → Users
Verify Permissions
Before proceeding, ensure you have:
-
SUPER permissions or
-
D365 SECURITY permission set with user management rights
Step 2: Create New User Record
Start User Creation
-
On the Users page, click "New" action
-
A new user card will open
Enter User Information
Required Fields:
-
User Security ID: Enter the user's Azure AD Object ID
-
Find this in Azure AD portal under user properties
-
Format:
xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
-
-
User Name: Enter a unique username (often email prefix)
-
Full Name: Enter the user's complete display name
Optional Fields:
-
Contact Email: User's email address (usually same as authentication)
-
Authentication Email: Email used for sign-in
-
Language ID: Set preferred language (e.g.,
is-ISfor Icelandic)
Example User Setup
User Security ID: 12345678-90ab-cdef-1234-567890abcdef
User Name: jon.petersen
Full Name: Jón Petersson
Authentication Email: jon.petersen@municipality.is
Contact Email: jon.petersen@municipality.is
Language ID: is-IS
Step 3: Configure License Type
Assign Team Member License
-
In the License Type field, select "Team Member"
-
The system will automatically apply Team Member restrictions
-
Verify the license shows as "Team Member" in the user record
Set User State
-
Set State field to "Enabled"
-
Leave Expiry Date blank for permanent access
-
Set expiry date only for temporary users
Step 4: Configure Authentication
Authentication Settings
-
Windows User Name: Leave blank for cloud users
-
Web Service Access Key: Leave blank (not needed for Team Members)
-
Change Password: Set to No for Azure AD users
Email Configuration
-
Authentication Email: Must match Azure AD email
-
Contact Email: Can be different for notifications
Step 5: Assign Permission Sets
Standard Team Member Permissions
Add these permission sets in the User Permission Sets section:
Essential Permissions:
-
TEAM MEMBER - Core Team Member functionality
-
D365 TEAM MEMBER - Standard Team Member access
-
D365 READ - Basic read permissions
Add Permission Sets
-
Click "Permission Sets" action on the user card
-
Click "New" to add permission sets
-
Select the permission set from the dropdown
-
Repeat for each required permission set
Optional Permission Sets
Based on user needs, add:
Workflow Users:
-
D365 APPROVAL WORKFLOWS - For approval participation
Time Tracking:
-
TIMESHEET - For time and expense tracking
Limited Posting (if required):
-
D365 JOURNALS, POST - For limited journal posting
Step 6: Configure Dimensional Security
Municipal Dimension Assignment
For Sveitarstjóri Wise users:
-
Navigate to User Permission Sets
-
For each permission set, click "Filters"
-
Set Global Dimension 1 Filter to user's municipality code
-
Example:
REYKJAVIKorAKUREYRI
Department Filtering
If using department dimensions:
-
Set Global Dimension 2 Filter to department code
-
Example:
FINANCE,HR,TECH
Advanced Dimensional Security
For complex security requirements:
-
Create custom permission sets with dimension filters
-
Use User Groups for role-based assignments
-
Configure Security Filters on tables
Step 7: User Groups Assignment (Optional)
Predefined User Groups
If using user groups, assign relevant ones:
Standard Groups:
-
D365 TEAM MEMBER - Standard Team Member group
-
D365 READ ONLY - Read-only access group
Custom User Groups
Create custom groups for:
-
Municipal departments
-
Specific roles
-
Temporary assignments
Step 8: Configure Additional Settings
Personal Settings
-
Time Zone: Set user's time zone
-
Locale ID: Set regional format (e.g.,
is-IS) -
UI Language: Set interface language
Contact Information
-
Office Phone: User's office number
-
Office Extension: Internal extension
-
Mobile Phone: Mobile contact
Step 9: Test User Access
Initial Testing
-
Sign in as the user to verify access
-
Check Role Center loads correctly
-
Verify navigation works as expected
-
Test Account Budget Overview access
Functional Testing
-
Open Account Budget Overview page
-
Verify data filtering works correctly
-
Test drill-down to ledger entries
-
Check dimension filtering is applied
Permission Verification
-
Try to access restricted pages (should be blocked)
-
Verify read-only restrictions on data
-
Test workflow approval if applicable
Step 10: Documentation and Communication
Document the User
Record in your user database:
-
User details and role
-
Permission sets assigned
-
Municipal/department assignments
-
Access date and duration
Notify the User
Send welcome communication including:
-
Login URL for Business Central
-
Username and authentication method
-
Role Center they should expect
-
Support contact information
-
User guide attachments
Bulk User Creation
For Multiple Users
When creating many Team Members:
-
Export existing user as template
-
Prepare Excel file with user data
-
Use Configuration Packages for bulk import
-
Validate all users before activation
Automation Options
Consider using:
-
PowerShell scripts for Azure AD integration
-
Configuration packages for standardized setup
-
User provisioning workflows
Common Configuration Patterns
Department Head Setup
Permission Sets: TEAM MEMBER, D365 TEAM MEMBER, D365 APPROVAL WORKFLOWS
Dimension Filters: Municipality + Department
Special Access: Workflow approval rights
Financial Analyst Setup
Permission Sets: TEAM MEMBER, D365 TEAM MEMBER, D365 READ
Dimension Filters: Municipality + Finance department
Special Access: Extended financial reports
External Auditor Setup
Permission Sets: TEAM MEMBER, D365 READ
Dimension Filters: All municipalities (read-only)
Time Limit: Temporary access with expiry date
Quality Assurance Checklist
Before completing user setup:
- User can log in successfully
- Correct role center is displayed
- Data filtering works as expected
- Restricted functions are blocked
- Performance is acceptable
- Documentation is complete
- User has been notified
- License consumption is tracked