Skip to main content

Notifications

Microsoft Dynamics CRM (Archived)

Privileges on Custom entities needed in order to assign roles to users

(0) ShareShare
ReportReport
Posted on by 350

Hi, while working on a Dynamics CRM 2016 customization project, we created some custom entities. Now, we are working on setting up the security roles together with our customer's Security Managers (SecMgrs) who will be on charge of administering the CRM Security. Those SecMgrs have noticed that when they want to assign a security role (any) to any internal user, Dynamics CRM is claiming for missing permissions for them (SecMgrs) on our custom entities. An example of the error message they are seeing is this:

<Message>RoleService::VerifyCallerPrivileges failed. User: 48825915-e7d5-e611-80bd-5cb901c89690, PrivilegeName: prvReadmycustomentity, PrivilegeId: 527ef36d-d58a-4ea0-8a8b-8acc0f902476, Depth: Basic, BusinessUnitId: b1df201b-e0d5-e611-80bd-5cb901c896d0</Message>

What is the reason for this behavior? Is this a fault with our custom entities settings? Why do the SecMgrs need specific permissions on custom entities to assign any roles to users? If this is a normal functionality in Dynamics CRM, is there any official documentation from Microsoft to support it? 

I would appreciate your help and advise with this question. Thanks for your time reading this!!

Xavier

*This post is locked for comments

  • Suggested answer
    Aric Levin Profile Picture
    Aric Levin 30,188 on at
    RE: Privileges on Custom entities needed in order to assign roles to users

    Each Entity in CRM has the following permissions:

    Create, Read, Write, Delete, Append, Append To, Assign and Share

    There are Global Privileges, such as Export to Excel and Entity Level Privileges as above, and they each have to be assigned separately.

    Think of a scenario where your security managers have access to only reassign a specific set of records and not all records. This is why the permission is that way.

  • Xavier Villafuerte Profile Picture
    Xavier Villafuerte 350 on at
    RE: Privileges on Custom entities needed in order to assign roles to users

    Thanks Aric for your answer. It makes sense to me your explanation. However, I have a doubt. The Security Managers already had a security role with the correct permissions and later our custom entities were added to the CRM. Why they need to modify again their security role to grant them read permission over our custom entities?

  • Suggested answer
    Aric Levin Profile Picture
    Aric Levin 30,188 on at
    RE: Privileges on Custom entities needed in order to assign roles to users

    Xavier,

    There is no difference between custom entities and system entities when it comes to security and privileges.

    What you need to make sure is that the person who assigns the records, have the appropriate access rights to the record as well as to the assign privilege. I cannot assign a record if I don't have read access to the record.

    In most cases the Read and Assign privilege or all that is necessary, but you might have additional requirements based on your assignment process.

    See the following msdn article on ownership of records:

    https://msdn.microsoft.com/en-us/library/gg334673.aspx

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Announcing Our 2025 Season 1 Super Users!

A new season of Super Users has arrived, and we are so grateful for the daily…

Announcing Forum Attachment Improvements!

We're excited to announce that attachments for replies in forums and improved…

Vahid Ghafarpour – Community Spotlight

We are excited to recognize Vahid Ghafarpour as our February 2025 Community…

Leaderboard

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 291,969 Super User 2025 Season 1

#2
Martin Dráb Profile Picture

Martin Dráb 230,846 Most Valuable Professional

#3
nmaenpaa Profile Picture

nmaenpaa 101,156

Leaderboard

Featured topics

Product updates

Dynamics 365 release plans