Skip to main content

Notifications

Announcements

Join us in the Community for an AMA: December 12th Register Today
News and Announcements icon
Dynamics 365 Community / Forums / Microsoft Dynamics CRM (Archived) / Impacts of changing OO...
Microsoft Dynamics CRM (Archived)

Impacts of changing OOB Parental behavior

(0) ShareShare
ReportReport
Posted on by DianeF1 210

We have several user bases that are utilizing a single instance of CRM.  All users spanning our business units should have access to the Account records that have a type of "Customer".  The Accounts of Customer type are in the business unit (GCS&S).  Account of type "prospect" should be limited in access to those users who are in the same Business Unit (GCS&S or Commercial or Defense or BusDev - all of which have a parent bus unit of Spirit).

We have this successfully implemented.  Our issue comes to play with Opportunities.

Opportunities should be limited to the business unit.  We have found that those opportunities in the Business Unit BusDev that use the Account records that are in the Business Unit GCS&S can be seen by the GCS&S business unit users.  This was due to The N:1 relationship between Opportunities and Account with the behavior type of Parental.  

From my research "You are seeing the effect of the 'Parental' Relationship with 'Reparent  Cascade All' setting. If a relationship has Reparent Cascade All, then the owner of the parent record will have the same level of authorisation over the child records as they do over the parent."

As a new installation of Dynamics we want to understand the implications of changing the relationship.

Requirements

  1. All customer accounts are accessible by all dynamics users - we have working
  2. All prospect accounts are accessible by only users in the business unit the account is assigned -we have working
  3. When using accounts on other entities visibility of the other entity should not be increased by the visibility of the related account record. - problem

In order to get #3 to work what should the parental relationship be on the account record?

Regards,

Diane

*This post is locked for comments

  • Suggested answer
    DianeF1 Profile Picture
    DianeF1 210 on at
    RE: Impacts of changing OOB Parental behavior

    Thank you everyone the issue is resolved.

    I did find that only opportunities that are created AFTER the relationship was modified did act as expected so we had to do some data clean up per andrewbschultz.com/.../isolated-dynamics-crm-security-feature-reparent.  I also modified the relationship to Cascade None on reparent only.

    Thanks for you help!

  • Verified answer
    Andreas Cieslik Profile Picture
    Andreas Cieslik 9,265 on at
    RE: Impacts of changing OOB Parental behavior

    The same exact behavior is explained here very well:

    andrewbschultz.com/.../isolated-dynamics-crm-security-feature-reparent

    So beware of how and when you configure it.

  • Verified answer
    Andreas Cieslik Profile Picture
    Andreas Cieslik 9,265 on at
    RE: Impacts of changing OOB Parental behavior

    Yes, it would be important to know in which step you have changed the reparent behavior to cascade none.

    What happens if Diane creates a new opportunity under the account "The Boeing Company"? Is Jerry still able to see it?

  • Verified answer
    tw0sh3ds Profile Picture
    tw0sh3ds 5,600 on at
    RE: Impacts of changing OOB Parental behavior

    Hi,

    Can you check if Jerry can see the new Opportunities? Because for me the scenario was like that - you created Opp1 and Opp2 with parental relationship (so Jerry has access to Opp1 because it's under account his tema ows). Now you changed to relationship to cascading. Jerry will not loose the read permission that he already has (as it is a record in CRM POA table). But he should not see the next Opportunities created the same way. Also why are you using Cascading and set almost everything to none? Why not referential?

  • DianeF1 Profile Picture
    DianeF1 210 on at
    RE: Impacts of changing OOB Parental behavior

    I have set the relationship between account and opportunity to be behavior: Configurable Cascading and set Assign, Share, Unshare, and Reparent to Cascade None.

    I have the scenario:

    Business Units are set up as:

    1_2D00_11_2D00_2017-6_2D00_58_2D00_25-AM.png

    1. GCS&S - Team GCS&S Owns the account "The Boeing Company"
    2. Jerry - In the Businss Unit and Team named GCS&S
    3. Jerry has a role that allows him to create/own Accounts, Opportunities, Contacts, etc.
    4. Diane - In the Business Unit and Team named BusDev
    5. Diane has a role that allows her to create/own Accounts, Opportunities, Contacts, etc.
    6. Diane - Owns the account "Diane test"
    7. Diane creates two opportunities
      1. Opp1 - using the account "The Boeing Company"
      2. Opp2 - using the account "Diane test"
    8. Jerry looks at "All Opporuntities" view and 
      1. Opp1 - Jerry can see
      2. Opp2 - does not show in Jerry's view (as expected!)

    Based on the guidance I would have assumed with the relationship change to Cascade None that Jerry would NOT be able to see Opp1.

    Roles are set up as

    Role Entity create read write delete append Append To Assign Share
    GCS&S - Jerry Account Parent: Child BU Parent: Child BU Parent: Child BU None Parent: Child BU Parent: Child BU User Org
    GCS&S - Jerry Opportunity Parent: Child BU Parent: Child BU Parent: Child BU User Parent: Child BU Parent: Child BU User Org
    BD - Proposal - Diane Account Org Org Org None Org Org User Org
    BD - Proposal - Diane Opportunity Parent:Child BU Parent:Child BU Parent:Child BU User Parent:Child BU Parent:Child BU Org Parent:Child BU

    How is Jerry able to see Opp1?

  • DianeF1 Profile Picture
    DianeF1 210 on at
    RE: Impacts of changing OOB Parental behavior

    True - I knew what I wanted to say but wasn't clear.

    We have found that the OOB relationship between Opportunity and Account is set such that when our Accounts owned by GCS&S are used by BusDev on an opportunity THEN the GCS&S users can see the BusDev Opportunities.  Our requirements are that they should NOT be able to view each others Opportunities.  I will read your articles than you.

    Diane

  • Suggested answer
    Andreas Cieslik Profile Picture
    Andreas Cieslik 9,265 on at
    RE: Impacts of changing OOB Parental behavior

    I think this article can help you with your decision:

    blogs.msdn.microsoft.com/.../check-and-set-assign-cascade-relationship-behavior-for-microsoft-crm

    3rd requirement is confusing, maybe you can be more specific in your wording.

    but by referring to this article...

    crmtipoftheday.com/.../what-does-reparent-mean

    I would say you need "Cascade None" on "Reparent" to not increase the visibility of the parent account record owner.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Join us in the Community for an AMA: December 12th Register Today

Quick Links

December Spotlight Star - Muhammad Affan

Congratulations to a top community star!

Top 10 leaders for November!

Congratulations to our November super stars!

Tips for Writing Effective Suggested Answers

Best practices for providing successful forum answers ✍️

Leaderboard

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 291,253 Super User 2024 Season 2

#2
Martin Dráb Profile Picture

Martin Dráb 230,188 Most Valuable Professional

#3
nmaenpaa Profile Picture

nmaenpaa 101,156

Leaderboard

Featured topics

Product updates

Dynamics 365 release plans