I have noticed that a CRM user can see all emails of people belonging to his same business unit. Where does this behavior come from? I didn't find the Email entity in the Security roles privileges definition, that looks very strange to me.
Email is an activity, so this share the same privilege set as other activities like Task, Appointment, Fax, etc.
Related
I am customizing Dynamics CRM, and I am modifying access teams through coding. But I don't want users to be able to add access teams from screen. I cannot find the permission for that; can someone tell me where is it in the security role?
You have to identify the security role for users to limit the permission and remove the share privilege on that security role for that Access teams enabled entity. Read more
You can control who can add members to the Access Team subgrid. Only users with share privilege for the entity on which the access team exists can add or remove members from the Access Team subgrid. This makes sense—by adding people to the Access Team, you are in effect sharing the record with the people on the team.
You need a developer do that because it should modify the ribbon command in the systemuser entity.
As I understand, we can access records created by Portal users and their respective Entity Permissions apply for them. However, I wanted those users to be able to even access records which were created by CRM users within Dynamics 365 (and not records created from Portal by a Portal user which is assigned to System)
Is this possible? If yes, how can I achieve that?
Thanks in advance!
It does not matter who created the record, what matters is if that user has access to it. It would not make much sense to show only records that were created by the portal users - how would you then handle something like Customer Service (on one end users use portal, but on the other they are using CRM, bot are creating records).
So basically I'm not sure how aware are you of the configuration of permissions, but let's say that you configured that a Contact (which is a portal user) has access to all records "Cases" that are referencing this contact (this is simply configuration in Entity Permission record). If yes then contact will see records created by him and all other cases that are referencing him as a contact, so if you as a CRM user will create a Case for a Contact, this Contact will see the case.
I'm building an employee self service portal via Dynamics 365, and when I use the lookup field to display my name in a form other employee names are displayed too:
I've been fiddling with the security roles for a while now and still cant seem to get it to display a single employee name.
I'm also planning to do it a different way by filling up the employee name based on the username on the upper right.
How do you guys suggest I go about this?
First things first. Portals won't use any CRM Security role concepts as it's for CRM users. Portal is built on top of Contact entity. Contact is Portal user & Web role will control his/her access.
You have to Entity Form Metadata to populate the fields per your need. The contact lookup can be filled in by current login Portal user this way. Even you can implement something like manage/restrict the Contacts only from your parent Account in that lookup easily.
I created a workflow . My workflow sends e-mails to users who has salesperson security role. But I have big problem. After I export and import customizations in different company users of old company are shown on the e-mail template. How can I create a worflow which sends e-mail to users who has selected security role.
Regards,
Erdogan Uslu
The workflow editor isn't that powerful. You can't select a bunch of users with certain attributes and apply an action to them. You'll have to create a custom workflow activity. Run as the admin user to retrieve the list of users with a certain role. Base it off the SDk article Retrieve the Roles for a User
You would need to reverse this expression, so to speak. Add a condition expression on the role link, to match on the role name. Then you would remove the condition expression from the system user link. Make the role link a child of the system user link (right now the systemuser is a child of the role link). Change qe.EntityName to "systemuser".
You'll then need to create an e-mail. See SDK articles on sending e-mail and creating workflow activities. Hope this helps.
Using a security role like that is quite a weak mechanism for grouping users. CRM has the concept of a Team. Can't you create a Team, then send your email to the team?
How can I check user's role in workflow? I have a workflow it will send a mail to users if owner of created entity does not have sales manager role.
I assume this is a continuation of:
{Microsoft CRM 4.0} How to send e-mail to some users who has salesperson security role
What trouble are you having?
What have you tried?
Can you provide what code you've written for your workflow activity so far?