Personalized Community is here!
Quickly customize your community to find the content you seek.
Have questions on moving to the cloud? Visit the Dynamics 365 Migration Community today! Microsoft’s extensive network of Dynamics AX and Dynamics CRM experts can help.
2021 Release Wave 2Discover the latest updates and new features releasing from October 2021 through March 2022.
2021 release wave 2 plan
The FastTrack program is designed to help you accelerate your Dynamics 365 deployment with confidence.
FastTrack Program | Finance and Operations TechTalks | Customer Engagement TechTalks | Upcoming TechTalks | All TechTalks
We use power platform to make integration filed service and finance and operation.
in CRM we have business unit is " CFM " and default team is "CFM" and this team continue all users
All projects run and the records inserted into CRM with no problem when my user and the default team "CFM" take system admin role.
and if remove system admin role from default team "CFM" give below error
Reason: Forbidden, Header x-ms-client-request-id 2f8a208e-6735-4359-bc89-fefa7746a87b, Error code: 0x80040231, Message: Principal team (Id=e1db5cff-8595-e811-814c-5065f38bd441, type=9, teamType=0, privilegeCount=1450), is missing prvReadmsdynce_externalproject privilege (Id=ab94614e-98a1-4bda-9e15-56e3a803de65) on OTC=10464 for entity 'msdynce_externalproject'. context.Caller=88ed0604-a423-e911-a960-000d3a464508
Message states that your "CFM" team doesn't have privilege to read prvReadmsdynce_externalproject.
If you want to resolve your issue and you don't want to assign "CFM" team "System Administrator" role you can either assign the role that has that privilege or create a new Security Role that has read privilege of "prvReadmsdynce_externalproject" entity and assign it to the team.
Thanks Andrew for your reply.
This means that we must give all users privileges on all integration entities.
Sure, there is another solution.
I am not sure how you are integrating. Often you will setup a User that is the integration user, and set it as either a non-interactive user (once setup the licence can be removed) or application user - these user types are for integration purposes - and then give that user a security role with the relevant permissions. However, you may have a scenario where the integration needs to operate as the user in the other system in this case then you will probably need the user in the D365 with a security role (either directly against a user or a Team) with the appropriate privileges assigned.
I gave you solution but in your situation - you can take it or leave it.
Good luck finding something that is not what I suggested and what will work.
Business Applications communities