Breaking news from around the world
Get the Bing + MSN extension
Now Available in Community - MBAS 2019 Presentation Videos
Catch the most popular sessions on demand and learn how Dynamics 365, Power BI, PowerApps, Microsoft Flow, and Excel are powering major transformations around the globe. | View Gallery
2019 release wave 2 Discover the latest updates to Dynamics 365Release overview guides and videos Release Plan | Early Access Availability
Ace your Dynamics 365 deployment with packaged services delivered by expert consultants. | Explore service offerings
Connect with the ISV success team on the latest roadmap, developer tool for AppSource certification, and ISV community engagements | ISV self-service portal
The FastTrack program is designed to help you accelerate your Dynamics 365 deployment with confidence.
FastTrack Program | Finance TechTalks | Customer Engagement TechTalks | Talent TechTalks | Upcoming TechTalks
After upgrading to the latest version of PSA, we had some users send in reports of security errors when performing some common operations. The errors look something like this:
At first glance, this can look like a bunch of gibberish. But there are a few pieces of information you can pull from the error to understand what’s missing and how to correct it.
Before we dive in, we need a cross reference table of the CRM User’s GUIDs with their names. Build a quick Advanced Find on the Users entity, including their First Name, Last Name and Business Unit and without any filters (we might be dealing with non-enabled users here, so we want to include everything). Export the results to Excel and open the file.
In Excel, you’ll notice the first visible column is Column D. Columns A, B and C are hidden, and Column A contains the GUID we’re after. Follow these directions to unhide Column A. Once the GUID is visible, it’s a good idea to save this file as a reference. You’ll be surprised at how often you’ll come back to it.
So now that we’ve got our User GUIDs and names in a nice table, we can get back to the error message. First, check the GUID of the OwnerId:
This is the GUID of the user that owns the record that’s causing the security error. Note down this user’s name using the cross reference table you just built.
Next, check the GUID of the CallingUser (the user that’s trying to open or edit the record) and note down their name.
And finally, check the ObjectTypeCode:
This is the ID of the entity of the record that’s causing the error. If the Type Code is less than 10,000, you can probably find it on James Hall’s Object Type Codes Cheat Sheet (thanks James!).
But if it’s over 10,000, you’ll need to look it up with a quick query to the CRM API. Copy and paste the URL below into a text editor and change ENVIRONMENT to your environment’s URL. Also change the Object Type Code to the one you see in the error message.
https://ENVIRONMENT.crm.dynamics.com/api/data/v8.1/EntityDefinitions?$select=SchemaName,ObjectTypeCode&$filter=ObjectTypeCode eq 10015
In the browser where you have CRM open, open a new tab and paste in this URL. The browser will ask you to save or open the resulting JSON response; go ahead and hit Open.
The results will look like this:
Ah ha! The msdyn_estimate was our culprit in this example.
So now you have the users and entity involved, which is enough information to dig in to the security model and work out a fix. In my case, the user trying to edit a Project Task (Work Breakdown Structure) record but was missing permissions on Estimate. After a quick Security Role update, they were back on their feet.
Hope this helps!
The post Project Service: Decoding Security Errors appeared first on Dynamic Consulting.
Business Applications communities