Microsoft Dynamics CRM (Archived)

Help configuring Security Roles (read permissions on activities)

(0) Share

Report

Posted on by Community Member

I need to configure CRM Online to fulfill the following requirements:

Executive Team members to see all emails owned by all users regardless of business unit
Non-Executive Team members to see all emails tracked to contacts they own (including emails tracked by members of Executive Team). i.e. they will not be able to see emails tracked to Contacts owned by Executive Team members.

Any ideas?

*This post is locked for comments

I have the same question (0)

All responses (3)

Answers (1)

Community Member on at

Like (0)

Report

RE: Help configuring Security Roles (read permissions on activities)

1. Activity Read privilege set to Organizations

2. For these users, Activity Read privilege set to User - they won't see any emails but their own.

Otherwise - will need to setup a hierarchy of your business units to reflect something as follows:

Parent BU - houses all Executive Team members

Child BU - all non-exec team members - Activity Read priviledge set to User, BU, or Parent/Child BU (not Organization level)

If you have a complex BU hierarchy already - I suggest looking at using Positional/Managerial security available in CRM Online - www.powerobjects.com/.../hierarchical-security-model-dynamics-crm-2015-2

Was this reply helpful? Yes No
Community Member on at

Like (0)

Report

RE: Help configuring Security Roles (read permissions on activities)

Thanks for the response Darren but I don't my requirements were clear enough.

"Allow both Executive and Non-executive team members to view all emails but prevent Non-executive from seeing emails tracked to Contacts Owned by a member of the Executive team".

Was this reply helpful? Yes No
Verified answer

Community Member on at

Like (0)

Report

RE: Help configuring Security Roles (read permissions on activities)

Yep thats a difference maker. Know in CRM ownership is determined at the record itself. Security is based on these ownership fields.

When you apply privilege level for Activities in a security role - its only based on the context of who owns the Activity - NOT on the regarding record (or Party List members on the activity)

I am not aware of way to achieve this exactly with Security Roles in CRM. I still think the closest you could get would be if you use Managerial or Positional security function - however - because of the fact above - would have to get creative in other ways.

The manual approach to acheive this would be to use Access Teams. Non-exec members would be part of a given Access Team. If that access team is added to a Contact, those members would gain access to activities on the Contact.

www.powerobjects.com/.../access-teams-in-dynamics-crm-2013

This can be managed manually through the UI - and may be too cumbersome for end users to manage. You can get into coding/scripting to manage this automatically. This kind of security customization can take a lot of effort. msdn.microsoft.com/.../dn481569.aspx

Was this reply helpful? Yes No

Community site session details

Help configuring Security Roles (read permissions on activities)

Helpful resources

Quick Links

Responsible AI policies

Abhilash Warrier – Community Spotlight

Congratulations to the September Top 10 Community Leaders!

Leaderboard > 🔒一 Microsoft Dynamics CRM (Archived)

Featured topics

Product updates

Community site session details

Help configuring Security Roles (read permissions on activities)

Helpful resources

Quick Links

Responsible AI policies

Abhilash Warrier – Community Spotlight

Congratulations to the September Top 10 Community Leaders!

Subscribe to this forum!

Select categories

Leaderboard > 🔒一 Microsoft Dynamics CRM (Archived)

Featured topics

Product updates