web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Finance | Project Operations, Human Resources, ... / The user has more perm...
Finance | Project Operations, Human Resources, ...
Suggested Answer

The user has more permission than the security role provides

(0) ShareShare
ReportReport
Posted on by Anna9956 10 
I have a problem that the user has more rights than the security role provides.
I assigned him a child business unit and security role for him.
Everything worked fine. But suddenly I saw that the user sees all apps (for all business units, not just for his). 
I checked the access level for viewing applications - everything is right - for his role he need to see only 1 app.
But in reality it is not.
When i assigned him a child business unit and security role for him - he can see other applications and even customize 
the system!!!     
it's incredible, because his role does not give him such rights and there is only one role assigned to him.
I tried to assign a parent business unit to him and everything began to work as it should.
how can it be that a child unit gives more rights than a parent?
or the problem is something else?
I have the same question (0)
  • OsmanIstanbul Profile Picture
    OsmanIstanbul 2,818 on at

    Hi,

    does the user has any delagation?

    pastedimage1623757770734v1.png

  • Suggested answer
    André Arnaud de Calavon Profile Picture
    André Arnaud de Cal... 301,130 Super User 2025 Season 2 on at

    Hi Anna,

    Can you tell what you mean with "all apps"? I do understand the term business unit. Is it the same?

    Note that when you assign organizations on a security role, by default it will only restrict access based on legal entity information. So this is intended to limit access for a role in specific legal entities.

    If you want to filter on records, like the business unit, you need to implement eXtensible Data Security (XDS). I made an example how to link the Organization assignment with XDS for record filtering: Extensible Data Security examples - Secure by retail channel (dynamicspedia.com)

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Neeraj Kumar – Community Spotlight

We are honored to recognize Neeraj Kumar as our Community Spotlight honoree for…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Finance | Project Operations, Human Resources, AX, GP, SL

#1
Martin Dráb Profile Picture

Martin Dráb 451 Most Valuable Professional

#2
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 428 Super User 2025 Season 2

#3
BillurSamdancioglu Profile Picture

BillurSamdancioglu 239 Most Valuable Professional

Last 30 days Overall leaderboard

Featured topics

End-of-life Announcement for Microsoft Dynamics GP

Product updates

Dynamics 365 release plans