You’re offline. This is a read only version of the page.
Hi,
We are using CRM 2013 SP1 U3.
Recently we noticed that for a two months period, the service desk have been deleting active directory users when they leave the department. Most of them had Dynamics CRM accounts and we are worried that they might come back to work for us again in the future. So we tested ways to create new active directory accounts for them but map it to their pre-existing CRM system user accounts. That part is working. The problem is that it seems like these users don't have their own CRM profile customizations or they don't have permissions over their CRM profile customizations. And same goes for shared views. They cannot see CRM views that have been shared with them.
We have tried mapping these CRM users to a different active directory account and mapping them back to their new active directory account (within CRM administration), pushing their updated active directory GUID and AuthInfo to their UserId in MSCRM_CONFIG using SQL management studio and LDAP without any success.
The only way these users get enough privilege to edit their own CRM customizations and see shared views is if we elevate their security role privileges so that the "Write" permission for User Settings right under the Business Management tab for that security role is set to Business Unit instead of User. This kind of behavior makes it seem like the users are accessing profiles that are not their own. So I don't think that elevating their privileges is the solution.
Has anyone encountered this issue before? And how did you manage to fix it? I don't want to have two user accounts in CRM for the same person. If the only solution is to elevate user profile Write privileges, can you explain what it's doing and why I'd have to use that fix?
Thank you,
Stéphane
*This post is locked for comments
I have the same question (0)
Share
Report
All responses (
Answers (
2
