Hi Rahul,
You are correct, you need to give permission = Write to the user in order to allow them activate or deactivate record, there is no dedicated privilege for this.
It seems you want to allow the user to act/deactivate a record not to prevent it.
So if you want to allow the user to Activate/Deactivate a record, but cant update any other detail, you are required to give Write permission to the user.
But, to prevent them to update any other details, you can implement field level security.
Steps:
1. Go to the Customization
Settings --> Customize --> Customize the System
2. Go to the Entity you want to give permission
3. Then go to the field you want to prevent to be updated
Choose the field, for example:
Then just enable the Field security.
*This is you need to do to all fields you want to prevent to update.
Usually, we use only for specific fields that is very very important, remember only CRM 2015 that can support system field, ok. CRM 2013 still cannot support this system field security.
4. Then go to the Administration, field security profiles
5. Then you can create new profile
After that, assign to the users or teams you want to give this permission (can do later)
6. Then give the field permissions, you can see the list of fields you have enable in the early step
Save it.
Other good references:
https://crmbusiness.wordpress.com/2014/05/22/crm-2013-how-to-set-up-field-level-security/
http://www.dynamics101.com/2013/09/configure-field-level-security-microsoft-dynamics-crm-2011/
This is can be tough because you need to enable the fields per entity as well, one by one.
But this is a way without custom code, because your purpose here is in fact allow user to deactivate/activate the records, but cannot edit other detail, in fact in CRM you need Write permission, you are not having objective to prevent user to deactivate or deactivate, so the ribbon visibility customization for deactivate button is not recommended here.
Another way, you can use Plugin or Realtime workflow to validate, if any field is updated then prevent error.
But, here you need to write custom code for plugin then have to check the current login for user, and if realtime workflow is cannot be used for specific role as well.
You can also write javascript to disable all form fields here:
https://www.it-gems.com/2013/10/set-whole-form-read-dynamics-crm-2011.html
Combine this with Role-based Form.
https://www.powerobjects.com/blog/2012/09/24/pros-cons-role-based-forms-crm-2011/
https://www.powerobjects.com/blog/2010/12/07/microsoft-dynamics-crm-2011-role-based-forms/
You can specify a form by security role.
Then make this form as read-only when form update.
CRM only have the form read-only or editable at all, no specific for deactivate only, just for your reference here if you want to prevent user see the editable form.
http://blogs.msdn.com/b/crm/archive/2012/03/22/read-optimized-forms.aspx
But, this is the user cannot deactivate as well.
So, I recommend you to use Field Level security or combine the role-based form with javascript for Form Update to disable the fields detail.
I hope this can help you, Rahul.
Thank you.
