we have 2 customer created roles
in role 1 the user can change the contact information on a vendor contact
in role 2 the user cant change the contact information on a vendor contact
this was intended.
Now a user has role 1 and role 2 -> should he be able to change the contact info ?
when we do the test the user with the 2 roles assigned cant change the contact infos, if we remove the role 2 then he can
i thought d365 roles are cumulative
any ideas?
regards
P
Hi Pirmin,
Were you able to solve your issue? Like Nikolaj mentioned, you can use or create privileges with read-only rights instead of using the 'deny' option.
You cannot set a priority on a role.
Denying access has always overruled access. You might just have used the "unset" option earlier.
hmm strange this is first time that a "deny" overrules a full access when having multiple roles, we will check !
Hi Charlotte, where can i set the priotity of a role?
Hi Pirmin Bercher,
Generally speaking, the effect of multiple security roles is cumulative, which means that the user has the permissions associated with all security roles assigned to the user. But the permissions of the two roles you mentioned are conflicting, so when you want to change the contact information on a vendor contact, you need to increase the priority of role 1.
Best Regards,
Charlotte Xu
Accesses are cumulative.
Unless you have used the "deny" option on role 2.
Denying access to the different access levels (read/update/create/delete), will override any other access granted to the same object.
You should change the access on role 2 to be granted "read" access and then leave the update/create/delete set to "Unset", this will allow the user to be granted higher access through another role.
#1
Zain Mehmood
132
Moderator
#2
Siv Sagar
109
Super User 2025 Season 1
#3
Adis
65
Super User 2025 Season 1
Share
Report
All responses (
Answers (
