web
You’re offline. This is a read only version of the page.
close
Skip to main content
News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Customer experience | Sales, Customer Insights,... / Account - opportunity ...
Customer experience | Sales, Customer Insights,...
Suggested answer

Account - opportunity permissions for owner and team members

(0) ShareShare
ReportReport
Posted on by scr1pt 130

Hello,

Dynamics 365 v9 on premise.

We have the Salesperson role, where "Opportunity" read permissions are set on User level, "Account" read - on Organization level.

Also we have Account access team template with Read/Write/Share/Append/Append to permissions.

The problem is that Access team member (with salesperson role), added to account is able to see all the Opportunities within the account, but the account owner - only his own opportunity.

The goal is to make this reverse - account owner should be able to see all opportunities, related to own account, but account team member - only his own opportunities.

How can we reach this?

I have the same question (0)
  • scr1pt Profile Picture
    scr1pt 130 on at
    RE: Account - opportunity permissions for owner and team members

    Second problem - how can we grant access to all opportunities, realated to the account to account owner? With current settings he can see only his own opportunities, related to the account.

    For the second problem, you must adjust your security role and gives Read privilege (organizational) for Opportunity entity.

     

    No, this is not suitable, because we need to give permission to real all opportunities of the account, which user owns, but no all of the opportunities in the system.

  • Suggested answer
    Ricardo Gimenez Profile Picture
    Ricardo Gimenez on at
    RE: Account - opportunity permissions for owner and team members

    Hello,

    In order to removed inherited sharing for specific records you could use a script considering an OnPremise environment. If you are using an Online environment, a support case should be opened to help you identify the affected records by ObjectTypeCode and PrincipalId.I`m not sure if unshare the record through interface will works for it and this procedure could be painful since lot of records were shared.

    For the second problem, you must adjust your security role and gives Read privilege (organizational) for Opportunity entity.

    Thanks,

  • scr1pt Profile Picture
    scr1pt 130 on at
    RE: Account - opportunity permissions for owner and team members

    Hello,

    I changed the Share and Reparent for opportunity_customer_accounts to Cascade None, and the problem with Access team member access is solved for the new people, added to access team.

    But for the existing people, the only solution which helped to remove permissions to read existing opportunities was to completely delete access team, created for the user, and create this team again. Is there any supported way to do it without deletion?

    Second problem - how can we grant access to all opportunities, realated to the account to account owner? With current settings he can see only his own opportunities, related to the account.

  • Suggested answer
    Ricardo Gimenez Profile Picture
    Ricardo Gimenez on at
    RE: Account - opportunity permissions for owner and team members

    Hello,

    In order to accomplish the mentioned goal (account owner should be able to see all opportunities related to own account, but account team member, only his own opportunities) you should reconfigure the Account 1:N relationship named "opportunity_customer_accounts" to Configurable Cascade.

    By default, this relationship has Primary behavior, so you must change to Configurable Cascade and under Behavior Type for Share, change to None Cascade. Doing that, when the account record is share to the Account team, the Opportunities created by Account owner will not be shared.

    Please, take note that "Read" privilege for Opportunity entity must be set to User level for users (please check this privilege inside the role) included in the Access Team, otherwise, they can view other opportunities into the shared account.

    Since the relationship configuration must be evaluated based on your own business rule, my recommendation here is apply this changes in a controlled environment and execute some tests and validations.

    Thanks,

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Dynamics 365 Community Calls Return
Join experts in person to explore low code and AI agents at the Power Platform Community Conference sponsored by Microsoft
Responsible AI policies for the Community

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Mansi Soni – Community Spotlight

We are honored to recognize Mansi Soni as our August 2025 Community…

Congratulations to the July Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Customer experience | Sales, Customer Insights, CRM

#1
DAnny3211 Profile Picture

DAnny3211 134

#2
Daniyal Khaleel Profile Picture

Daniyal Khaleel 132

#3
Abhilash Warrier Profile Picture

Abhilash Warrier 70 Super User 2025 Season 2

Last 30 days Overall leaderboard

Featured topics

Hide selecting Contact for potential customer when creating quote

Product updates

Dynamics 365 release plans