I've been told a few times that Business Units in CRM 2011 are "tricky" and shouldn't be set up lightly since they have irreversible consequences for a CRM 2011 implementation.
On the other hand, teams in CRM 2011 seem much more flexible in managing record security.
For what reason would I still choose to set up Business Units in CRM 2011? What can I do with Business Units that I can't with Teams (and vice versa)?
Business Units are important for the security concept of Dynamics CRM. They define a kind of a boundary within you can define specific roles or permissions. They are also used to represent an organization structure.
Teams are used for ownership of a record (new feature in CRM 2011), which is handy if you can't define a single owner. They are also used for easier sharing - you could share a record with a team, instead of sharing it with multiple persons. Another usage is to grant permissions to multiple users with grouping them into a team and assign a security role to the team.
Create a separate, new Business Unit (BU) at a higher BU level than all of the other User BUs (to avoid security role Parent:Child Business Unit permissions), then create a Team in that Business Unit.
Next, assign a security role to the new Team. Set the security role to be
restricted Read at the BU level (half a pie). Then, assign the "special" records to the Team.
Next, put the people who you want to see the records into the Team.
They will inherit the Team's security role permissions and will be the only ones in the company that can see those specific records.
You don't necessarily have to assign records to the team if you can just assign them to a user in that BU. However, you may need to assign the records to the Team if you don't have a user in the BU.
**NOTE: Watch out for Parent: Child Business Unit or Organization level permissions. The BU hiearchy would then play a role here.
*Be sure to test this before you put this into production**
Please follow below links which help alot
http://andrewbschultz.com/2011/08/09/business-units-bus-and-security-roles-in-microsoft-dynamics-crm-2011-solution-exports/
http://andrewbschultz.com/2011/06/17/the-architecture-of-team-security-in-crm-2011/
Thanks,
Related
Is there any possibility to create sub-users under a user account using one license, but taking into account they need to have full access to the main functionalities of the CRM.
No. Even by sharing a user between multiple people you would likely be breaching your licence terms.
Without understanding why you would want to do this, if the reason is cost, I would suggest investigating Power Apps and Team Member licences. They are a cheap way to access Dynamics data, although can be restrictive.
Theoretically I'm sure there is probably no limit, but realistically I'm looking to understand how many users can be added into a MS Dynamics 365 Team. I'd like to understand what impact adding more than 8,000 users to a single team would have in terms of performance of the Dynamics application.
Why so many users in a team? We're looking at a potential requirement, which needs to secure 4 fields on an entity so that users can create those fields but not view the data in them. Short Answer: Field Level Security. However, we have a large user base ie. 8,000 users and once we create a field security profile, we need to assign that profile to 8,000 users. So an idea was to create a Team and assign the field security profile to the team. Then add 8000 users into that team.
So back to my original question. Is this a plausible solution and is there anything we're overlooking in going ahead with this. Would we face performance issues going forward? Is there a better/alternate solution to meet the requirement?
This 8k users + team + FLS scenario should not be a problem, as I remember from this performance benchmark (on online CRM 2016 update 1 though. ie v8.1), the testing was performed and gave better results with below configuration to prove statistically.
Field-level security was also enabled on custom attributes to reflect
a realistic enterprise organization.
Based on customer research, each user of a specific role was assigned
a realistic set of data. The data that the user would own was based on
the user’s role. Before the test, the total data in the test database
included more than 656,549,587 business records with a total database
size of 1.024 TB.
TeamMembership with 61,406 records.
A batch of 17,868 concurrent users performed create, update, and
delete (CRUD) operations within Dynamics CRM Online.
I'm trying to set up our software development company on Dynamics CRM 2016. I've customized almost everything I need such as accounts, leads and processes. However, It still feels that the CRM is designed for company with tangible products and shipping, etc...
Is there a way to setup Dynamics CRM for professional service company rather than product company?
This is not correct.
You can perform many actions that a professional service provider business model contains. For example, you can create and/or schedule:
Phone calls
Tasks
Appointments
Emails
You can also use marketing module for your services. Campaigns and quick campaigns.
You can gather leads, work upon those unqualified leads and convert them to opportunities.
You can also record invoices for your services as your products.
And so on ...
And the best part is that Microsoft has provided so many customization and development options in Dynamics CRM that you can almost use the XRM platform to just manage any type of relationship management. So, you can customize or even add new entities and relationships to suite your particular business needs.
One thing to keep in mind: First, always try to map your business requirements on the existing CRM processes so that you can take advantage of the out-of-the-box provided processes and reporting.
Update
The deployment/set up procedure for Dynamics CRM is same for all business domain. However, you may customize and extend Dynamics CRM, put those extensions and customizations in one or more solutions and then import those solutions over the target instances.
Update
You may override product price on quote (for example) by double clicking the product grid record on the quote form. See below image:
I'm registering a new 2013 on-line and I notice that there are two license types:
1. Microsoft Dynamics CRM Online
2. Microsoft Dynamics CRM Online Professional
What's the difference between them (in short)? I've read the description and I get the impression like "this one is yellow and the other is a car", so I simply can't compare.
According to this article, there are three (not two) different models and only one allows customizing the system (so it's only that one that there's any point showing to the customers).
What's up with that?!
In short, the headlines are:
All three licences allow access to CRM from all available clients eg browser, outlook, tablet, phone. (This is a big difference from the 2011 ESS CAL).
All three licences allow read access to all data, including custom entities. (subject to Security Roles of course).
Essential allows read/write access to activities, activity feeds and custom entities.
Basic allows everything in Essential, plus read/write to Accounts, Contacts, Cases, Leads. Also access to reports, and to create personal charts and dashboards.
Pro allows everything. Most notably Sales and Marketing (Opportunity, Quote etc, Campaign, Marketing List), plus service management (facility/equipment and all that).
Pro is needed to build customisations, but not to use them, which is where I think some confusion has arisen.
If you are talking about user licences there appears to be three distinct types.
It was a bit confusing however my general belief is:
1) Professional
This would be the Administration users who need to customize the system, build processes, templates, administer CRM, and run marketing campaigns.
2) Basic
Would be suitable for general users (ie:- ones that just need to work with entities but don't need to do much else). They can't do marketing campaigns which might restrict people who are given this licence. However your day to day staff should be fine with this as they have general access to entities as well as Reports and Dashboards etc.
3) Essential
Has very little access to core entities (even Account and Contact) so unless you have a client who wants to work with only custom entities then this seems like a pointless licence.
I'm evaluating CRM 2011 to replace an existing app and and have some questions about security and segregating information by Client (or Account).
I have a custom entity for 'Client'. There are lot of custom entities that are related to 'Client' which consitute the data needed to be captured.
I would like to limit specific teams/users to work on specific clients and see only the data for those clients that they have access to.
I'm seeing that individual entities can be assigned to teams/users but I need all related entities to be locked down by Client so that regular users
Dont see records in views or searches that belong to other clients.
Can't create or access records for other clients.
Can this be done in CRM 2011? How?
Also - is it possible to limit processes/workflows to operate or trigger on records of specific clients only?
Probably the easiest thing to do would be do base your security on business units. Groups of clients an their related records would all be in the same business unit, and as long as you set their security roles to only allow access to records in their own business unit, that would work.
For workflows that only trigger on particular clients, it depends on the exact requirements. You could certainly check the business unit of the client as the first step in the workflow and continue or exit based on that. If it's something more complex, you can write a custom workflow assembly to do the check for you.