web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Supply chain | Supply Chain Management, Commerce / security roles in d365...
Supply chain | Supply Chain Management, Commerce
Suggested Answer

security roles in d365 f&o

(0) ShareShare
ReportReport
Posted on by CU14050944-0

we have 2 customer created roles
in role 1 the user can change the contact information on a vendor contact
in role 2 the user cant change the contact information on a vendor contact
this was intended.
Now a user has role 1 and role 2 -> should he be able to change the contact info ?

when we do the test the user with the 2 roles assigned cant change the contact infos, if we remove the role 2 then he can 

i thought d365 roles are cumulative

any ideas? 

regards

P

I have the same question (0)
  • Suggested answer
    NikolajSorensen Profile Picture
    NikolajSorensen 1,792 on at

    Accesses are cumulative. 

    Unless you have used the "deny" option on role 2.

    Denying access to the different access levels (read/update/create/delete), will override any other access granted to the same object.

    You should change the access on role 2 to be granted "read" access and then leave the update/create/delete set to "Unset", this will allow the user to be granted higher access through another role. 

  • Suggested answer
    Charlotte X Profile Picture
    Charlotte X on at

    Hi Pirmin Bercher,

    Generally speaking, the effect of multiple security roles is cumulative, which means that the user has the permissions associated with all security roles assigned to the user. But the permissions of the two roles you mentioned are conflicting, so when you want to change the contact information on a vendor contact, you need to increase the priority of role 1.

    Best Regards,

    Charlotte Xu

  • CU14050944-0 Profile Picture
    CU14050944-0 on at

    Hi Charlotte, where can i set the priotity of a role?

  • CU14050944-0 Profile Picture
    CU14050944-0 on at

    hmm strange this is first time that a "deny" overrules a full access when having multiple roles, we will check !

  • Suggested answer
    NikolajSorensen Profile Picture
    NikolajSorensen 1,792 on at

    You cannot set a priority on a role.

    Denying access has always overruled access. You might just have used the "unset" option earlier.

  • André Arnaud de Calavon Profile Picture
    André Arnaud de Cal... 301,119 Super User 2025 Season 2 on at

    Hi Pirmin,

    Were you able to solve your issue? Like Nikolaj mentioned, you can use or create privileges with read-only rights instead of using the 'deny' option.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Neeraj Kumar – Community Spotlight

We are honored to recognize Neeraj Kumar as our Community Spotlight honoree for…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Supply chain | Supply Chain Management, Commerce

#1
Laurens vd Tang Profile Picture

Laurens vd Tang 301 Super User 2025 Season 2

#2
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 118 Super User 2025 Season 2

#3
Siv Sagar Profile Picture

Siv Sagar 105 Super User 2025 Season 2

Last 30 days Overall leaderboard

Featured topics

Quality order uses default receipt location instead of actual physical receipt location

Product updates

Dynamics 365 release plans