Hi,
We have created a BPF for opportuniies. This BPF was supposed to be limited to one department, so I created a Security Role with the privileges to access this BPF.
As it turnes out, the platform automatically updates security roles from other (managed) solutions with this, and other BPF's privileges. In our case security roles from ClickDimensions, XperiDo, Crowe and another ISV were updated. Since some of these roles aren't even editable, this seems like a very bad Microsoft bug.
Has anyone seen this before, have a solution??
Roel
*This post is locked for comments
We have the same problem. Has anyone found a solution to this issue?
Thanks,
Craig
You are right, even we noticed that changes and all the OOB BPF (Phone to Case, Opportunity Sales, Lead to Opportunity Sales Processes) entity privileges were added to Relationship Insights Admin/User roles.
Luckily they are editable, and We are planing to remove those privileges.
Hi Goutam,
You are missing the point here. The issue is not about who has access to the BPF. It is about the uncontrolled change to existing security roles that messes up the intended access strategy.
Of course privileges add up, but this is only a problem when other security roles have privileges they should not have in the first place.
Hi Roel,
Did you assigned the security roles to the BPF level ?
If I am not wrong if you have created security roles for particular dept then you can update this security roles as this is unmanaged I guess.
In addition it is expected behavior ,security will be merged and will be assigned highest privileges to the user if you have another managed security roles(having BPF access) asigned to the user.
Hi Goutam,
Thanks for responding, but it is actually visible that managed security roles from ClickDimensions and others suddenly contain privileges they never had before.
Our users need these roles as some of them are actually required to use certain functionality. Some of this functionality does not only look at the privileges in the role, but also verifies that you have a certain security role based on the guid of the role in question.
Roel
Hi Roel,
I dont think security roles automatically update from any of those solutions. Try with single user with assigning only one security roles. Make sure the user does not assign any team which having assigned any other security roles.
Stay up to date on forum activity by subscribing. You can also customize your in-app and email Notification settings across all subscriptions.
André Arnaud de Cal... 291,134 Super User 2024 Season 2
Martin Dráb 229,928 Most Valuable Professional
nmaenpaa 101,156