none
Dynamics CRM 2011 - Security Role Permission for Creating New Users

    Question

  • Hello.

    I have created a new security role in order to give extra permissions to certain users, and this fits our needs well. However, I am stuck as to how to grant the permission to create a new user within the system. I have given permissions on this new security role for everything I can think of and still cannot see the 'New Multiple Users' button (as I can see with my Admin account) that allows me to add new users to the system. I have even referred to the SDK privileges by messages page to ensure all of those privileges for creating a system user are enabled, and they are...:

    http://msdn.microsoft.com/en-us/library/bb927977.aspx

    Does anyone know what permission(s) on the security role I might be missing?

    Tuesday, June 07, 2011 7:51 PM

Answers

  • Hi,

    You only need to assign the following security privilliages for Add Users via Add Multiple Users wizard:

    In Business Management Tab shoud have the following security privilliages:

    1. Organization Level Security (Green Circle) for Read and Append To  privileges for Business Unit entity 

    2. Organization Level Security (Green Circle) for Read and Append To privileges for Securiety Role entity

    3. Organization Level Security (Green Circle) for Read, Create, Append and Append To privileges for User entity

    4. Organization Level Security (Green Circle) for Read, Create and Append To privileges for User Settings entity

    5. Organization Level Security (Green Circle) for Read License Info under Miscellaneous Privileges

    In Customization Tab shoud have the following security privilliages:

    1. Organization Level Security (Green Circle) for Read privileges for System Form and View entity

    After making changes into the security role, i would suggest you to also close Microsoft Dynamics CRM and relogin with the same usre.


    Jehanzeb Javeed

    http://worldofdynamics.blogspot.com
    Linked-In Profile |CodePlex Profile

    If you find this post helpful then please "Vote as Helpful" and "Mark As Answer".
    • Marked as answer by kspicer Wednesday, June 08, 2011 2:05 PM
    Wednesday, June 08, 2011 1:37 PM

All replies

  • Hi,

    Try adding him into the CRM Deployment Manager administartor group, Start Menu -> All Programs-> Microsoft DYnamics CRM 2011 -> Deployment Manager

    No its not must required. I am trying to identify the minimum privillages that are requried to add users via wizard. Hope to post soon.


    Jehanzeb Javeed

    http://worldofdynamics.blogspot.com
    Linked-In Profile |CodePlex Profile

    If you find this post helpful then please "Vote as Helpful" and "Mark As Answer".

    Wednesday, June 08, 2011 12:25 PM
  • Is that really necessary to have the ability to create users? This new role is serving as sort of an 'Admin Support' role, and there are some advanced superusers that I wish to give the ability to add/create new users in the system. I would rather not add them to the Deployment Administrators group because they are not an Admin. I feel that what I want should be feasible using security roles and their permissions. Surely there must be a permission I'm missing?...
    Wednesday, June 08, 2011 12:34 PM
  • Hi,

    Were you not able to find that option under the "Business Management" TAB of your security ROLE,

    Image for your reference - http://www.box.net/shared/9ko2h2jysk

    Thanks!


    Cheers, Francis Edwin

    Follow me on: https://twitter.com/astutecrm

    My Blog: http://astutecrm.wordpress.com/ 

    • Marked as answer by kspicer Wednesday, June 08, 2011 1:07 PM
    • Unmarked as answer by kspicer Wednesday, June 08, 2011 1:07 PM
    Wednesday, June 08, 2011 1:04 PM
  • I have enabled all of these privileges and still cannot see the 'New Multiple Users' button as I can with my Admin account.
    Wednesday, June 08, 2011 1:20 PM
  • As a best practice, you can always use the "Copy Role" feature from an existing security role (In your case, from the "System Administrator" role to create a new one and just revoke those settings which are not required for your new role.. Doing this will ensure that the most essential permissions are available for your security role and works flawless.


    Cheers, Francis Edwin

    Follow me on: https://twitter.com/astutecrm

    My Blog: http://astutecrm.wordpress.com/ 

    Wednesday, June 08, 2011 1:30 PM
  • Hi,

    You only need to assign the following security privilliages for Add Users via Add Multiple Users wizard:

    In Business Management Tab shoud have the following security privilliages:

    1. Organization Level Security (Green Circle) for Read and Append To  privileges for Business Unit entity 

    2. Organization Level Security (Green Circle) for Read and Append To privileges for Securiety Role entity

    3. Organization Level Security (Green Circle) for Read, Create, Append and Append To privileges for User entity

    4. Organization Level Security (Green Circle) for Read, Create and Append To privileges for User Settings entity

    5. Organization Level Security (Green Circle) for Read License Info under Miscellaneous Privileges

    In Customization Tab shoud have the following security privilliages:

    1. Organization Level Security (Green Circle) for Read privileges for System Form and View entity

    After making changes into the security role, i would suggest you to also close Microsoft Dynamics CRM and relogin with the same usre.


    Jehanzeb Javeed

    http://worldofdynamics.blogspot.com
    Linked-In Profile |CodePlex Profile

    If you find this post helpful then please "Vote as Helpful" and "Mark As Answer".
    • Marked as answer by kspicer Wednesday, June 08, 2011 2:05 PM
    Wednesday, June 08, 2011 1:37 PM
  • Perfect! Thank you for your help. It turns out I was missing the Append To privileges on the Business Unit and Security Role entities.

    Great find, thanks again!

    Wednesday, June 08, 2011 2:06 PM
  • Hi!

    I had all the permissions that Jehanzeb Javeed explain but it wasn't working for me and I just add Read permissions for Attribute Map.

    I hope could help anyone!


    Js

    Thursday, August 16, 2012 11:17 AM
  • Those security privilliages apply for add a Single user?
    Friday, June 28, 2013 6:08 PM
  • Just the job, just one point, I found it was Assign not Append To that was needed against Security Role.

    Works for both Single User and Multiple Users.

    With the Caveat that this new admin role can only assign roles that the user has assigned to themselves!!!! 

    Monday, July 15, 2013 4:30 PM
  • I found I also needed to add  at least Business Unit level  permissions  for Read,Write, Append To & Assign for the SystemJob entity

    regards Alan Ward

    Wednesday, December 04, 2013 3:09 AM