You’re offline. This is a read only version of the page.
10
Hello there,
I have an issue regarding Business Units. First of all I will explain you how we are organized and what we want to achieve.
The Sales Office is organized in three areas: North-West, North-East and Center. Every area has its own Area Manager, followed by the related Sales Consultants of each area, who report to their Area Manager.
Above the Area Manager there's the Sales Director and above him the CEO. So: CEO -> Sales Director -> Area Managers -> Sales Consultants.
CEO and Sales Director have to be able to manage Accounts and Leads for all the organization, so they have the same security permissions, with create, read, delete, etc., set to Organization level.
Area Managers have to be able to manage Accounts and Leads for their area, and their area only, so their personal records and the ones of the Sales Consultants who directly reports to them.
Sales Consultants have to be able manage their personal Accounts and Leads.
I created the three Business Units following the areas, so North-West, North-East and Center, which have, as Parent Business Unit, the default one, so the organization.
I created two type of permissions, the ones for Sales Consultants, who have Accounts and Leads set to User level as the following:
And one for the Area Manager, who has Accounts and Leads at Business Unit level:
I tested everything with two users: Simon, who is the Area Manager, and Manuel, who is the Sales Consultant.
I both assigned them North-West Business Unit. North-West BU has the organization as the parent BU.
Manuel has the permissions as the first image. Simon has the permissions as the second one.
Manuel views his personal records only, and it is right.
Simon views records of all the organization, so even if the owner of the record is part of an other BU (North-East or even the root BU), Simon views the records, but he should be able to manage just his personals and Manuel's records, according to the current configuration.
What Manuel views in the all accounts view:
What Simon, his Area Manager views:
As you can see he's able to view the records of all the organization, as 4692 are all the Accounts existing in the system.
The other users are part of the root BU, so the organization BU. There is one user who is part of the North-East BU, but it seems like there is no difference because Simon can still manage his records.
Am I missing something? Thank you.
It seems like the users I mentioned were part of several Teams which inherited other Security Roles which gave access to all records to the Area Manager, that's why he had access to all records. My fault.
Share
Report
All responses (
Answers (
