Share
ReportHi all
we need to disable advance functionality as it is considered a security gap. Do you know any supported way to do this?
Thanks in advance
*This post is locked for comments
You’re offline. This is a read only version of the page.
Hi all
we need to disable advance functionality as it is considered a security gap. Do you know any supported way to do this?
Thanks in advance
*This post is locked for comments
It is possible to achieve by doing some workaround. Can be restricted with a security role.
Useful link
Hi,
are you sure that you Dev did it correctly because it seems to be the type of URL for online. Here a screenshot of one trial instance:
Thanks!!!
But I am afraid we have already tried that and it didn't work. We are online.
Regards
Hi,
then it will a high unsupported customization!!!
as you can see in my previous link for onpremise installation(I hope you are), the advance find url always is the same.
So in your Retrievemultiple plugin you could parse the url to find if it contains the "advance find" part. http://[servername]/[organizationname]/main.aspx?pagetype=advancedfind
Then abort the advance find and throw a message to the user.
Hi all
permissions are applied properly, this restriction cannot be solved with security roles (long history). I have been thinking about retrievemultiple plugin, but I cannot find a way to check if current retrievemultiple request comes from advance find functionality
Regards
I totally agree with Wayne.
Moreover if your users are a little bit clever they can find such website where they can recreate the url to access Advance find:
community.dynamics.com/.../finding-advanced-find-in-crm-2013
I only typed: "advance find url crm" in google and it was the 1st result
Advanced find in no way violates your security policies, as long as security roles are set up correctly. Trying to obscure this will not solve anything. Even if you managed to remove the button from the ribbon, they could still go to "Views -> Create View" and that will open Advanced Find anyway.
Hi,
You could make the entities non-searchable so that it wont be visible in advanced find.
However, if you have concerns about data security then you should look for ways to restrict the security.
Even if it is possible to hide/disable it, there are other areas users can acces the data ...for example direcr record link.
Hope this help.
Stay up to date on forum activity by subscribing. You can also customize your in-app and email Notification settings across all subscriptions.
#1
André Arnaud de Cal...
291,280
Super User 2024 Season 2
#2
Martin Dráb
230,214
Most Valuable Professional
#3
nmaenpaa
101,156
All responses (
Answers (