web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Small and medium business | Business Central, N... / Trouble with Permissions
Small and medium business | Business Central, N...
Answered

Trouble with Permissions

(4) ShareShare
ReportReport
Posted on by Fares 167
Hello,
 
I find it it very difficult to ffigure out how to build my permission sets for my users without giving them more access than I want and without having to add every single permission needed one by one.
 
For example, a new employee is getting a permission issue when trying to connect to BC, not being able to execute CodeUnit 7233 Master data Management. But we had no such issue before and the employee is not going to be using anything related to the master data functionality. If the permission is a basic one for logging in first time, why is not part of D365 Basic for example ?
 
I also have a new categories of employees that will have very restricted access but I don't know how to give the correct permissions without adding them one by one. I'm afraid to rely on the Record Permissions functionality because I can't make sure whether it will give more than strictly necessary.
 
Thank you for the help,
Fares
Categories:
Dynamics 365 Business Central
I have the same question (2)
  • Gerardo Rentería García Profile Picture
    Gerardo Rentería Ga... 25,555 Most Valuable Professional on at
  • Verified answer
    Ramesh Kumar Profile Picture
    Ramesh Kumar 7,547 Super User 2026 Season 1 on at
    This is known issue as everyone is different. But here are few tips which I use when creating the premissions for new user or team
     
    Here are a few strategies you can use to manage permissions more effectively:
    • Start with existing permission sets: BC provides several predefined permission sets that you can use as a starting point. You can then customize these sets to fit your specific needs. For example, the "D365 BASIC" permission set is a good starting point for most users.
    • Use permission set groups: Permission set groups allow you to bundle multiple permission sets together, making it easier to assign a collection of permissions to users. You can create custom permission set groups that fit your organization's needs.
    • Analyze permission requirements: When encountering permission issues, use the Security Troubleshooting tool in BC to analyze the specific permissions required for a task or object. This can help you identify the root cause of the issue and add the necessary permissions.
    • Test and refine: When creating custom permission sets or groups, test them thoroughly to ensure they provide the necessary access without over-exposing sensitive data.
    • Record Permissions: You're right to be cautious with Record Permissions, as they can grant more access than intended. Use them judiciously and test thoroughly to ensure they're not over-granting permissions.
    Thanks, Ramesh
    If this was helpful, please check the "Does this answer your question?" box and mark it as verified.
     
  • Suggested answer
    YUN ZHU Profile Picture
    YUN ZHU 99,138 Super User 2026 Season 1 on at
    For permission management, I personally recommend reverse management, that is, excluding permissions instead of adding permissions. Because Microsoft may add new logic every time it updates, and every update will affect permissions, which is very troublesome.
    For example,
    PS: Dynamics 365 Business Central: Permission Exclusion (Exclude in Permission Set)
     
    Hope this helps.
    Thanks.
    ZHU
  • Suggested answer
    Khushbu Rajvi. Profile Picture
    Khushbu Rajvi. 22,153 Super User 2026 Season 1 on at
  • Suggested answer
    Sohail Ahmed Profile Picture
    Sohail Ahmed 11,169 Super User 2026 Season 1 on at
    Maybe this will help simplify your process.
     
    Yes, permission management in BC can be tricky. Here are a few tips:
     
    1. Start with Minimal Role + Record Permissions
     
    Assign a basic role (like D365 Read or very limited custom role).
     
    Use Record Permissions only during test sessions to log what's missing, then manually review and clean it up.
     
     
    2. Use Permission Recorder Carefully
     
    Run the Permission Recorder while performing only the intended tasks.
     
    Then export, review, and edit the set — remove anything unnecessary (e.g., unintended background calls like Codeunit 7233).
     
     
    3. Avoid Overreliance on Built-In Roles
     
    Built-in roles like D365 BASIC may include access to features your users won’t use.
     
    Create your own roles starting from scratch or duplicating existing ones, then trimming.
     
     
    If you’re repeatedly creating roles for similar user types, consider creating role templates and reusing them.
     
    Mark below checkbox to make this answer Verified if it helps you. Let me know if you’d like a sample minimal permission set.
     
     

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Introducing the 2026 Season 1 community Super Users

Congratulations to our 2026 Super Stars!

Meet the Microsoft Dynamics 365 Contact Center Champions

We are thrilled to have these Champions in our Community!

Congratulations to the March Top 10 Community Leaders

These are the community rock stars!

Leaderboard > Small and medium business | Business Central, NAV, RMS

#1
OussamaSabbouh Profile Picture

OussamaSabbouh 1,949 Super User 2026 Season 1

#2
YUN ZHU Profile Picture

YUN ZHU 1,064 Super User 2026 Season 1

#3
Khushbu Rajvi. Profile Picture

Khushbu Rajvi. 559 Super User 2026 Season 1

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans