Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Microsoft Dynamics CRM (Archived) / How to restrict users ...
Microsoft Dynamics CRM (Archived)

How to restrict users from looking at certain customer contacts (or accounts)

(0) ShareShare
ReportReport
Posted on by Community Member Microsoft Employee

I have a techie query for everyone!

I have a security conundrum.

I have some customers eg “Britney Spears” who no doubt has an insurance policy with my client.

So they have this concept of only one contact record, one single contact but certain customers like celebrities they don’t want all the users to be able to see all the details.

As you know with CRM, if you have rights to see contacts you can see ALL the contacts not just half according to data attributes.

The problem is always advanced find and reporting which will show you all contacts.

However as I say they want to restrict stuff.

My thinking is either use Business Units, but that will result in multiple instances of a contact as one BU wont be able to see the same contact in another BU. And then would need to sync with a master somehow although I don’t like it as a solution.

Other option is some kind of child entity records which contain all the interesting stuff and the parent contact record just holds name itself. This would be good for them as some of their entities have 400 fields as they just keep lumping extra stuff on but would mean a whole lot of new entity relationship changes which again feels not good.

So does anyone have any other possible ways of doing this or do you know of a 3rd Party product that would enable this single client contact view?

Any help would be most appreciated!!

Mike

*This post is locked for comments

  • Suggested answer
    Hosk Profile Picture
    Hosk on at
    RE: How to restrict users from looking at certain customer contacts (or accounts)

    Yes I can confirm making a field searchable on stops it being used as search criteria, so this isn't any good for you.

    If you want to put security on fields then you could use Field Level Security, This would enable you to stop people viewing fields if they did not have the correct field level security role.

    You also wouldn't need to do any javascript because if they went to contact form and didn't have the correct field level security role they wouldn't see any of the fields.  This would also apply to searching and reports

    below is an article and youtube video to show you how they work

    msdn.microsoft.com/.../gg309608.aspx

    www.youtube.com/watch

  • Community Member Profile Picture
    Community Member Microsoft Employee on at
    RE: How to restrict users from looking at certain customer contacts (or accounts)

    I just tried these out, they appear as available fields to view in advanced find which is a no no for us.

  • Suggested answer
    Hosk Profile Picture
    Hosk on at
    RE: How to restrict users from looking at certain customer contacts (or accounts)

    I think non searchable fields cannot be viewed/used in reports either

  • Community Member Profile Picture
    Community Member Microsoft Employee on at
    RE: How to restrict users from looking at certain customer contacts (or accounts)

    That's kind of my second option ie the child entity which could be secured.

    If a field is non searchable, presumably it is still available to reports?

    That's my problem, we could restrict stuff with JavaScript but need it to be invisible to Reports and AdvFind

    Yeah 400 is crazy, same thing they have done for Incidents have just reused entity when should have created some new ones.

  • Hosk Profile Picture
    Hosk on at
    RE: How to restrict users from looking at certain customer contacts (or accounts)

    Business units would work but setting up security can be tricky.

    You could create a new entity, special contacts and then only allow certain users to see this.

    You could put sensitive data on a tab and then using javascript hide this tab for people who didn't have a certain security role.  You could also make the sensitive fields non searchable so they wouldn't appear in advanced find.

    400 fields, I think you might want to put this in another entity because do all contacts need all 400 fields?  Are they all related to a contact and contact information.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Announcing Our 2025 Season 1 Super Users!

A new season of Super Users has arrived, and we are so grateful for the daily…

Vahid Ghafarpour – Community Spotlight

We are excited to recognize Vahid Ghafarpour as our February 2025 Community…

Tip: Become a User Group leader!

Join the ranks of valued community UG leaders

Leaderboard

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 292,494 Super User 2025 Season 1

#2
Martin Dráb Profile Picture

Martin Dráb 231,307 Most Valuable Professional

#3
nmaenpaa Profile Picture

nmaenpaa 101,156

Leaderboard

Featured topics

Product updates

Dynamics 365 release plans