web
You’re offline. This is a read only version of the page.
close
Skip to main content
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Microsoft Dynamics 365 | Integration, Dataverse... / Dynamics 365 (CRM) use...
Microsoft Dynamics 365 | Integration, Dataverse...
Suggested answer

Dynamics 365 (CRM) user security role to manage users

(0) ShareShare
ReportReport
Posted on by Community Member

Hello Community,

In Dynamics 365 (CRM) online, does anyone know, or can point me to some documentation, what the minimum security permissions are to set up a Dynamics user security role to manage users - i.e. just to assign teams to users, and assign roles to users)?

Thank you!

I have the same question (0)
  • Suggested answer
    LuHao Profile Picture
    LuHao 40,890 on at
    RE: Dynamics 365 (CRM) user security role to manage users

    Hi partner,

    After a lot of tests, I found that when a user has the privileges for the Security Role, Team and User entity, then he can assign the security role to other users, but can only assign the security roles he already has.

    Please refer to this blog: https://community.dynamics.com/crm/b/magnetismsolutionscrmblog/posts/permissions-required-to-manage-roles-in-dynamics-crm-2011

    Create a new security role that only gives it Read and Assign permissions to the Security Role entity; ReadAppend and Append to privileges for the Team entity and User entity.

    pastedimage1571215384248v1.png

    Assign this new security role to specific users (or a owner team) so that these users with this security role can assign security roles that they have to other users, and add users to the team.

    For example, User A has two security roles, 'Account Manager' and 'Sales Manager'. After you assign the new security role to User A, then he can assign 'Account Manager' and 'Sales Manager' security roles to other users, and he can add any user to any team. 

    For security roles that User A does not have, he cannot assign them to users.

    So, if you want to assign security role B to some users, first you need to assign security role B and new security role to user A, then user A can assign security role B to other users.

    In addition, I found a similar theme: https://community.dynamics.com/crm/f/microsoft-dynamics-crm-forum/165688/security-role-permissions-to-create-users-and-assign-security-roles-to-users

  • Community Member Profile Picture
    Community Member on at
    RE: Dynamics 365 (CRM) user security role to manage users

    Hi Hao,

    Thanks for your response. To be more specific, my question is if I don't want to give the System Admin role to a user for that user to be able to assign teams and other security roles to other users, is there a way I can configure a custom security role (not the same as the system admin role), which contains the very minimum permissions to allow a user to be able to assign teams and other security roles to other users.

    Is that possible?

  • LuHao Profile Picture
    LuHao 40,890 on at
    RE: Dynamics 365 (CRM) user security role to manage users

    Hi partner,

    'assign teams to users, and assign roles to users' - Does this mean the owner team and security roles?

    1. If so, please refer to this document on ‘Assign a security role to a user’: 

    https://docs.microsoft.com/en-us/power-platform/admin/create-users-assign-online-security-roles#assign-a-security-role-to-a-user

    Make sure you have the System Administrator or System Customizer security role or equivalent permissions.

    After my tests, only the System Customizer security role can't access Security > Users, so System Administrator or equivalent permissions can assign security roles to users.

    2. please refer to this document on ‘Edit an owner team’: https://docs.microsoft.com/en-us/power-platform/admin/manage-teams#edit-an-owner-team

    Make sure that you have the System Administrator, Sales Manager, Vice President of Sales, Vice President of Marketing, or CEO-Business Manager security role or equivalent permissions.

    In summary, only the System Administrator security role or equivalent permissions can assign teams to users and assign roles to users.

  • Suggested answer
    Denny Deng Profile Picture
    Denny Deng on at
    RE: Dynamics 365 (CRM) user security role to manage users

    Use the Mode Access: Administrative; Type Licence: Administrative.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Join experts in person to explore low code and AI agents at the Power Platform Community Conference sponsored by Microsoft

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Abhilash Warrier – Community Spotlight

We are honored to recognize Abhilash Warrier as our Community Spotlight honoree for…

Congratulations to the August Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Microsoft Dynamics 365 | Integration, Dataverse, and general topics

#1
Sahan Hasitha Profile Picture

Sahan Hasitha 394

#2
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 124 Super User 2025 Season 2

#3
Nimsara Jayathilaka. Profile Picture

Nimsara Jayathilaka. 123

Last 30 days Overall leaderboard

Featured topics

Identifying an Org as CDS or Dynamics
Get batch job history log from D365 FO to Power Automate
Gross and Net Weight of Shipments feeding back into Sales Order (from External Source)

Product updates

Dynamics 365 release plans