web
You’re offline. This is a read only version of the page.
close
Skip to main content
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Microsoft Dynamics CRM (Archived) / why user can access on...
Microsoft Dynamics CRM (Archived)

why user can access only one record in BU two level upper

(0) ShareShare
ReportReport
Posted on by Charlie Chen179 37

Hi everyone,

User X  cannot access any custom entity record owned by a team in a BUs two levels upper than him, as he has BU level read privilege only . After admin user assign one of the custom entity records to the user's BU, user X can see the custom entity record. Then admin user assigns the same record back to its original BU, user X remains access to it but no access to the rest. How can this happen? It supposes to be inaccessible to user X after changed to another BU. Can anybody give a hint? Thanks.

*This post is locked for comments

I have the same question (0)
  • Charlie Chen179 Profile Picture
    Charlie Chen179 37 on at
    RE: why user can access only one record in BU two level upper

    I think the behavior is the result of below setting. Thanks Guido.

    pastedimage1566484324399v1.png

    Now, I have a question if it works like this, why above query return me nothing. Interesting.

  • Charlie Chen179 Profile Picture
    Charlie Chen179 37 on at
    RE: why user can access only one record in BU two level upper

    Thanks for your reply. I used "RetrieveSharedPrincipalsAndAccessRequest" to check if it's shared with any user and the system return null.

    var req = new XMLHttpRequest();

    req.open("GET", Xrm.Page.context.getClientUrl() + "/api/data/v9.1/RetrieveSharedPrincipalsAndAccess(Target=@Target)?@Target=%7B%22sl_maincategoryid%22%3A%22AAA2A8C3-937D-E911-A986-000D3A3ACD0B%22%2C%22%40odata.type%22%3A%22Microsoft.Dynamics.CRM.custom_entity%22%7D", false);

    req.setRequestHeader("OData-MaxVersion", "4.0");

    req.setRequestHeader("OData-Version", "4.0");

    req.setRequestHeader("Accept", "application/json");

    req.setRequestHeader("Content-Type", "application/json; charset=utf-8");

    req.onreadystatechange = function() {

       if (this.readyState === 4) {

           req.onreadystatechange = null;

           if (this.status === 200) {

               var results = JSON.parse(this.response);

           } else {

               Xrm.Utility.alertDialog(this.statusText);

           }

       }

    };

    req.send();

    {

       "@odata.context": "custominstance.crm.dynamics.com/.../$metadata

       "PrincipalAccesses": []

    }

  • Suggested answer
    Guido Preite Profile Picture
    Guido Preite 54,084 Moderator on at
    RE: why user can access only one record in BU two level upper

    probably the record has been shared to that user

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Join experts in person to explore low code and AI agents at the Power Platform Community Conference sponsored by Microsoft

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Abhilash Warrier – Community Spotlight

We are honored to recognize Abhilash Warrier as our Community Spotlight honoree for…

Congratulations to the September Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > 🔒一 Microsoft Dynamics CRM (Archived)

#1
HR-09070029-0 Profile Picture

HR-09070029-0 2

#1
Aric Levin - MVP Profile Picture

Aric Levin - MVP 2 Moderator

#3
ED-30091530-0 Profile Picture

ED-30091530-0 1

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans