Hi,
Security roles are the most complex concept in Dynamics CRM Security model. Here is my 2 cents about it.
Lets divide the security roles concepts into two pieces.
1) Privileges
Privileges are the basic units about an actions a user can perform on CRM. These actions predefined which cannot be added or delete but can be modified.
The Access Level determines, for a given entity, at which levels within the organization hierarchy a user can access.
--
Security roles are the most complex concept in Dynamics CRM Security model. Here is my 2 cents about it.
Lets divide the security roles concepts into two pieces.
1) Privileges
Privileges are the basic units about an actions a user can perform on CRM. These actions predefined which cannot be added or delete but can be modified.
- Create - Allows the user to add a new record.
- Read - Allows the user to view a record.
- Write - Allows the user to edit a record.
- Delete - Allows the user to delete a record.
- Append - Allows the user to attach other entities to, or associate other entities with a parent record
- Append to - Allows the user to attach other entities to, or associate other entities with the record.
- Share - Allows the user to share a record with other Users/Teams.
The Access Level determines, for a given entity, at which levels within the organization hierarchy a user can access.
- None - No privileges given.
- User - Privileges to the records owned by the user or shared with the user. Also includes the privileges owned by the team to which the user belongs.
- Business Unit - Privileges for all records owned in the business unit to which the user belongs.
- Parent: Child Business Unit - Privileges for all records owned in the business unit to which the user belongs and to all the child business units subordinate to that business unit.
- Organization - Privileges for all records in the organization regardless of who owns.
--
Happy CRM'ing
Gopinath