Personalized Community is here!
Quickly customize your community to find the content you seek.
Check out the latest Sales updates!Learn about the key capabilities and features of Dynamics 365 Sales and experience some of the new features.
Download overview guide | Watch Sales video
2020 release wave 1Discover the latest updates and new features to Dynamics 365 planned through September 2020
Release overview guides and videos Release Plan | Preview 2020 Release Wave 1 TimelineWatch the 2020 Release Wave 1 virtual launch event
Ace your Dynamics 365 deployment with packaged services delivered by expert consultants. | Explore service offerings
Connect with the ISV success team on the latest roadmap, developer tool for AppSource certification, and ISV community engagements | ISV self-service portal
The FastTrack program is designed to help you accelerate your Dynamics 365 deployment with confidence.
FastTrack Program | Finance TechTalks | Customer Engagement TechTalks | Upcoming TechTalks
Hi all experts,
I encounter the below situation:User A owns an Account [ABC Company], there are 2 Contacts under ABC Company, Peter Chan owned by User A, and Mary Wong owned by User B
Both User A and B is assigned with Sales Executive role, in which they should only be able to access the records owned by themselves.(the Security Role assignment is attached for reference)
But now User A is able to see both Contacts Peter Chan and Mary Wong.
Is this a standard behaviour in which Account owner can see all the linked Contact in regardless of the ownership?Is there any way to block User A's access to the record Mary Wong?
In CRM, Security role privileges are cumulative: having more than one security role gives a user every privilege available in every role.
So, check User A might have any other security role or part of any team.
Yes, it is a standard behaviour.
Unfortunately, there is currently no solution to this.
I would recommend you suggest an idea: https://experience.dynamics.com/ideas
This behavior looks as by design. Cascade relationship between the Account and Contact entity generates that if there are shared contacts with users, their dependent records can also be viewed by others. For more information, you can check this link: https://docs.microsoft.com/es-es/dynamics365/customerengagement/on-premises/developer/entity-relationship-behavior
For your reference when we work with relationships:
Parental: In a parental relationship between two entities, any action taken on a record of the parent entity is also taken on any child entity records that are related to the parent entity record. if you delete a record in the parent entity, the related child entity records are also deleted; or if you share a parent entity record, the related records from the child entity are also shared. All options are disabled for Parental relationship
Referential: In a referential relationship between two entities, you can navigate to any related records, but actions taken on one will not affect the other.
Take note that after change the behavior through relationship configuration, the affected records will remain available.
Hope this helps.
If I understood your need, you can enable of the read and or write privilege in the Contact entity in the security roles and configure the access team in the Contact entity, restricting and or enabling the privileges of the users associated with the specific record according your necessity.
Follow the link talking more about the access team.
Business Applications communities