Skip to main content

Notifications

Announcements

No record found.

Microsoft Dynamics 365 | Integration, Dataverse...
Suggested answer

Business Unit Manager access

(0) ShareShare
ReportReport
Posted on by 873

Hello,

I have the following security requirements that I need to implement in our module:

I created a Business Unit called "IT Department" that has 4 users as follows:

  1. User 1: Is a director and has an admin role assigned and he will be able to see all the Team data under this BU. (Business Unit level access)
  2. User 2: Is a manager under the director (User 1) and he should not able to see User 1 data as he will be able only to see User 3 & User 4.
  3. User 3 and User 4 should only see their own data.

I am still stuck on how can I restrict access for User 2 to not see User 1 data and allow him to see the normal team members' data?

If I created a custom security role for User 2 and gave him everything at the BU level then he will be able to see User 1's data again.

Note: User 1 cannot be assigned to have access to the Organization level only the BU that he belongs to.

Could you please advise what will be the solution to the above requirements? I would greatly appreciate it if you could provide an example.

Best regards,

EBMRay

  • Suggested answer
    Saeid G Profile Picture
    Saeid G 142 on at
    RE: Business Unit Manager access

    How about this

                                                            IT Department

                      User 1 (Business Unit )                               User 2 (Parent Child)

                                                                       User 3 (Business Unit)               User 4  (Business Unit)

    IT Department: Parent BU            

    User 1 and user 2 are child of IT Department

    User 3 and user 4 are child of User 2. 

    I guess your explanation of user 1 is not clear.  If user 1 has to see all the records of managers and other users (since is director), then you can design as below:

                                IT Department

                         User 1 (Parent Child )                           

                         User 2 (Parent Child)

        User 3 (Business Unit)               User 4  (Business Unit)

    pastedimage1665456280903v1.png

    Hope this helps.

  • Suggested answer
    Community Member Profile Picture
    Community Member Microsoft Employee on at
    RE: Business Unit Manager access

    Hi EBMRay,

    Maybe you can use the Manager hierarchy to achieve your goal.

    The Manager hierarchy security model is based on the management chain or direct reporting structure, where the manager’s and the report’s relationship is established by using the Manager field on the system user table. 

    With the Manager hierarchy security model, a manager has access to the records owned by the user or by the team that a user is a member of, and to the records that are directly shared with the user or the team that a user is a member of.

    So you can set user 2 as the manager field for user 3 and user 4, Then you just need set 'user' level read privilege for the user 2.

    pastedimage1665381851420v2.png

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Congratulations 2024 Spotlight Honorees!

Kudos to all of our 2024 community stars! 🎉

Meet the Top 10 leaders for December!

Congratulations to our December super stars! 🥳

Get Started Blogging in the Community

Hosted or syndicated blogging is available! ✍️

Leaderboard

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 291,684 Super User 2024 Season 2

#2
Martin Dráb Profile Picture

Martin Dráb 230,414 Most Valuable Professional

#3
nmaenpaa Profile Picture

nmaenpaa 101,156

Leaderboard

Product updates

Dynamics 365 release plans