web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

🚀 Season of Sharing Community Challenge Launch!
Ask A Community Pro
Introducing our New Video Series: Community Spotlight
News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Microsoft Dynamics CRM (Archived) / Two users with same se...
Microsoft Dynamics CRM (Archived)

Two users with same security privileges in reality have different access

(0) ShareShare
ReportReport
Posted on by Community Member

Hello!

Two users have the same security role applied to both of them. This role has only basic access level privileges for all actions on opportunity records. Security for one user behaves exactly as expected, he can read/write/etc only records created by him, but security for another one does not apply at all: he can view and edit all of the opportunity records, regardless of the ownership. No other security roles are applied to any of them. Both of these users are in the same business unit and same team.

Because I've spent so much time trying to fix it here is in point form everything that I've tried to no avail:

  • Changing the business unit does not help, the user can read/write records owned by any business unit
  • Changing the team does not change anything either
  • I am absolutely positive that there is only one security role applied, so no cumulative privileges issues here
  • The records are not shared. Or at least, when I open the sharing form, no usernames show up
  • Both users have same license mode (professional) and same and access mode (read-write)
  • Hierarchy security is disabled
  • Tuning it on and off type solutions do not help, in particular: 
    • Disabling the security role and applying it back
    • Copying the security role and applying the new one
    • Disabling the user and enabling him back
    • Restarting the server
  • Removing all of the opportunity entity privileges completely actually does disable both of them from opening opportunity records altogether. But giving back even basic privileges re-enable the god-mode user to do whatever he wants with the opportunities.

Being able to poke around the system is probably needed to troubleshoot this kind of problem with an unknown cause. So any hint as to in which direction I should be looking would be very much appreciated. Some setting, an article on ThechNet/MSDN, a keyword to  Google  Bing, anything!

I suspect it might have something to do with the SQL database permission, but my experience in with Microsoft SQL is very limited.

We are using Microsoft Dynamics CRM 2016 on-premise.

*This post is locked for comments

I have the same question (0)
  • Suggested answer
    Community Member Profile Picture
    Community Member on at

    Hi Alexandr,

    it maybe a customization behaviour.

    Please try to disable all plugin step over entity (with Retrieve and RetrieveMultiple is possible to hide records).

    Please let me know.

    If you found the answer helpful, please mark as Verified 

    Join my network on LinkedIn      Follow me on Twitter 

    Thank You & Best Regards

    Francesco Picchi

    Microsoft Dynamics CRM Consultant, Bologna+Milano, ITALY

    Independent Contractor

    http://www.francescopicchi.com

  • ashlega Profile Picture
    ashlega 34,477 on at

    Hi Alexandr,

     I don't think it's SQL database - Dynamicsis applying its own permissions by adding conditions to the SQL queries, so it would not change anything for Dynamics if the user were a SQL admin, for example.

     It must be something in Dynamics..

      I am wondering if that user can see opportunities only or if he can see everything else, too?

     Anyway, since some of the default views have filters, what I would try is:

    - Go to advanced find

    - Select Security Roles entity

    - In the conditions, select Related->Users

    - And, then, under "Users", choose User Equals <user in question>

     See what comes up and if you get the same results for the other user

    Then do the same for teams (choose team entity, and use the same kind of user condition)

  • Community Member Profile Picture
    Community Member on at

    Hello, Alex!

    Thank you for your suggestions! I changed up the permissions on the Contacts entity to match all permissions on the Opportunity entity and security behaves just as expected: users can see only records owned by them. So it looks like this problem is specific to the Opportunities.

    Applying advanced find also shows the exact same security roles and teams fro the both users. And the roles and teams are exactly the ones which were expected.

    Please let me know if this tells you anything important or if you can think of other things I should look into.

  • Community Member Profile Picture
    Community Member on at

    Hello, Alex!

    Thank you for your suggestions! I changed up the permissions on the Contacts entity to match all permissions on the Opportunity entity and security behaves just as expected: users can see only records owned by them. So it looks like this problem is specific to the Opportunities.

    Applying advanced find also shows the exact same security roles and teams fro the both users. And the roles and teams are exactly the ones which were expected.

    Please let me know if this tells you anything important or if you can think of other things I should look into

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

🚀 Season of Sharing Community Challenge Launch!
Ask A Community Pro
Introducing our New Video Series: Community Spotlight

Quick Links

Season of Sharing Community Challenge Launch!

Jump in, show your community spirit, and win prizes!

Women in Power Builds Momentum

Expanding mentorship, skilling, and AI innovation

Congratulations to the May Top 10 Community Leaders

These are the community rock stars!

Leaderboard > 🔒一 Microsoft Dynamics CRM (Archived)

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans