web
You’re offline. This is a read only version of the page.
close
Skip to main content
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Blogs / Rao Rapolu MS Dynamics CRM Blog / Never ending Security Model

Never ending Security Model

Views (567)
Rao Rapolu Profile Picture Rao Rapolu 470

I was asked to review the current security model recently by one of my clients;

The current security model was based on one single BU but requirement was to create multiple;

I have created multiple business units -- assigned no security roles

The connected TEAMS with the same name -- Assigned with security roles

Users linked to TEAMS -- doesn't have any security roles

All worked fine until the new user joined in the existing team.

And the new user couldn't get access to create two of the entities (strange again, I have to bring this up with Microsoft) may be a cache issue at CRM Cloud servers(???)

I had to assign same role (as team) to the user first and then login and try to create a new record and then I have logged out and taken that role from the user. and all working fine.

The error I was getting initially is as follows (usual standard error):

Unhandled Exception: System.ServiceModel.FaultException`1[[Microsoft.Xrm.Sdk.OrganizationServiceFault, Microsoft.Xrm.Sdk, Version=8.0.0.0, Culture=neutral, PublicKeyToken=xxx]]: System.Web.HttpUnhandledException: Microsoft Dynamics CRM has experienced an error. Reference number for administrators or support: #xxxDetail:

<OrganizationServiceFault xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.microsoft.com/xrm/2011/Contracts">

  <ErrorCode>-2147220970</ErrorCode>

  <ErrorDetails xmlns:d2p1="http://schemas.datacontract.org/2004/07/System.Collections.Generic" />

  <Message>System.Web.HttpUnhandledException: Microsoft Dynamics CRM has experienced an error. Reference number for administrators or support: #C7838BB7</Message>

  <Timestamp>2017-02-01T14:34:13.7960994Z</Timestamp>

  <ExceptionSource i:nil="true" />

  <InnerFault>

    <ErrorCode>-2147187962</ErrorCode>

    <ErrorDetails xmlns:d3p1="http://schemas.datacontract.org/2004/07/System.Collections.Generic" />

    <Message>SecLib::AccessCheckEx failed. Returned hr = -2147187962, ObjectID: xxx, OwnerId: xxx,  OwnerIdType: 8 and CallingUser: xxx. ObjectTypeCode: 2500, objectBusinessUnitId: 5xxx, AccessRights: WriteAccess </Message>

    <Timestamp>xxx</Timestamp>

    <ExceptionSource i:nil="true" />

    <InnerFault i:nil="true" />

    <OriginalException i:nil="true" />

    <TraceText i:nil="true" />

  </InnerFault>

  <OriginalException i:nil="true" />

  <TraceText i:nil="true" />

</OrganizationServiceFault>

 

Comments

*This post is locked for comments