Ok, in the network tab of Chrome I get an error object containing the following "message":
"CallerPrincipal":{"PrincipalId":"15b7ee76-5288-ea11-a811-000d3ab114e3","Type":8,"IsUserPrincipal":true},"OwnerPrincipal":{"PrincipalId":"adb0dabe-4589-ea11-a811-000d3ab11b09","Type":8,"IsUserPrincipal":true},"ObjectId":"00000000-0000-0000-0000-000000000000","ObjectTypeCode":2,"EntityName":"contact","ObjectBusinessUnitId":"aa943c1e-309c-ea11-a812-000d3aba8599","RightsToCheck":"CreateAccess","RoleAccessRights":"None","PoaAccessRights":"None","HsmAccessRights":"None","GrantedAccessRights":"None","Messages":["PrincipalHasOwnerPrincipalWithAtLeastBasicPrivilegeDepth = False","EntityUserGroupRights = None","MinimumPrivilegeDepthRequired = Global","SecLib::AccessCheckEx2 failed. Owner Data: roleCount=3, privilegeCount=624, accessMode=0; Principal Data: roleCount=4, privilegeCount=637, accessMode=0"],"EntityOwnershipTypeMask":1,"CallerInfo":{"IsSystemUser":false,"IsSupportUser":false,"IsAdministrator":false,"IsCustomizer":false,"IsDisabled":false,"IsIntegrationUser":false,"Teams":null,"Roles":null},"ReadOnlyState":"UserAndOrgFullAccess","IsHsmEnabled":false,"HsmInfo":null}
The stack trace seems irrelevant for finding the error so I didn't post it.
As you can see it seems to complain about the "Contact" entity. ("EntityName: Contact")
The "create" right was set to "user" so I elevated it to "Organization" and then tried to qualify again. Then I got the same error except that now it complained about "Opportunity". So I set create right to "Organization" level for opportunity. Then I get the same error but now it says "SystemUser"...
And I don't know what about systemuser to do? There is no such core record what I can see...
