web
You’re offline. This is a read only version of the page.
close
Skip to main content
Community site session details

Community site session details

Session Id :
Microsoft Dynamics 365 | Integration, Dataverse...
Suggested answer

Help with setting Security Model for users.

(0) ShareShare
ReportReport
Posted on by 35

Hello Friends,

I request your help! I would like your suggestions with setting up the security model (Business Units, Teams, etc) for the below scenario.

Lets assume a Company XYZ has two Projects (ProjectA and ProjectB), which are sub-contracted to 3 partners (PARTNER1, ..2, ..3). The company builds a CRM App to allow the Partners
to submit Project Progress report.

A Custom Entity (PROGRESS) is planned with the following fields
PARTNER -- (defaults to the Partner submitting the report)
PROJECT -- (Option Set for Projects)
PROGRESS_DESCRIPTION -- (Free text)

=======================================================
PARTNER1
ProjectA-User1 -- must be able to Create/Read/Update,
Only Project A Report
Only for Partner1

ProjectB-User1 -- must be able to Create/Read/Update,
Only Project B Report
Only for Partner1

Partner1-Manager -- must be able to Create/Read/Update,
Both ProjectA and ProjectB Report
But Only for Partner1

=======================================================

PARTNER2
ProjectA-User2 -- must be able to Create/Read/Update,
Only Project A Report
Only for Partner2

ProjectB-User2 -- must be able to Create/Read/Update,
Only Project B Report
Only for Partner2

Partner2-Manager -- must be able to Create/Read/Update,
Both ProjectA and ProjectB Report
But Only for Partner2

=======================================================

CompanyXYZ
CompanyXYZUser -- must be able to Read/Update,
Both ProjectA and ProjectB Report
For All Partners

No Partner must ever be able to READ/UPDATE/CREATE the record of any other Partner

Your suggestions are greatly Appriciated.

Thanks

I have the same question (0)
  • Suggested answer
    Community Member Profile Picture
    on at
    RE: Help with setting Security Model for users.

    Maybe I am over simplifying this:

    Assumption - there are more than 6 total users.

    Company BU

    Two 'child' business units - A and B

    Assign the subcons to the child BUs, assign company users to company BU

    The child (subcon) BUs get business unit level rights on a security role

    The Company/Parent BU gets either org or parent/child rights on a security role.

  • Ugna Undit Profile Picture
    35 on at
    RE: Help with setting Security Model for users.

    Hello Mike.

    Say If the subcon user (ProjectA-User1) is assigned "Child A" BU level security role, he would still be able to Create/Read records for Both Projects (from that child BU). I would like to restrict him to one Project only. Is there a way?

    I appreciate you taking the time to help!

    Thanks

  • Suggested answer
    Community Member Profile Picture
    on at
    RE: Help with setting Security Model for users.

    I see where I did not follow.  Is there a Project A for each subcon? or is it the same Project A? - I read it as one project a for both subcons, but subcons can only read their records, not the other subcons project A records.

    I have never used this, but maybe Hierarchy security is an option for you: docs.microsoft.com/.../hierarchy-security

    If you would rather stick to the BU, teams, etc.

    - Same Parent/Child BU structure I said before, but (Assuming there is more than 1 member of each 'project team' you could do team ownership, so team A and B for the projects - teams have a user level access right (instead of BU, parent/child, global).  The BU manager gets BU level security role - which means they probably wont need to be on a team.

  • Ugna Undit Profile Picture
    35 on at
    RE: Help with setting Security Model for users.

    Hi,

    I think this solution will work (the one with creating Teams within each child BU for the respective Projects).

    Thank You!

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Pallavi Phade – Community Spotlight

We are honored to recognize Pallavi Phade as our Community Spotlight honoree for…

Leaderboard > Microsoft Dynamics 365 | Integration, Dataverse, and general topics

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 78 Super User 2025 Season 2

#2
Martin Dráb Profile Picture

Martin Dráb 57 Most Valuable Professional

#3
Anthony Blake Profile Picture

Anthony Blake 43 Super User 2025 Season 2

Last 30 days Overall leaderboard

Product updates

Dynamics 365 release plans