Sign in
Microsoft.com
 
Microsoft
 
 
 

locked
CRM Limited licence - configuration RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    We're looking at using Limited CAL licences for some of our users. We haven't used these before. I see you can specify a limited licence in the user form.

    Is this all that is required for configuration - i.e. do I just have to set this and users will be excluded from unlicenced functionality? -

    Or - do I need to ensure the security roles reflect the limited licence and create separate security roles to enforce this.

    Thanks

    Phil

    Sunday, October 14, 2012 10:15 PM

Answers

  • Question
    Sign in to vote
    1
    Sign in to vote

    The excerpt below along with what I saw the guide describing the license functionality doesn't imply the need to manage functionality with a security role. With that said, on a test system I created a user and selected the "Limited" License Type, Access Mode "Read-Write" and assigned the CEO security role. I created a custom entity and assigned the CEO role full permissions on it. I created records with a different user both custom and stock and with my test "limited" user I was still able to delete them (security role allowed this). Looking further into the guide, the "limited" access is not supposed to be able mail merge or create workflows but I still was able to do so. 

    I'd be curious to see if someone else could validate this.

    Taken from: Microsoft Dynamics CRM 2011Licensing & Pricing Guide

    Limited CAL - The Limited CAL provides a user with full read-only access (e.g., for reports) and limited write access to “Microsoft Dynamics CRM functionality”. Users may view or query CRM data.

    The use rights supported for Limited CAL include:

    • Data privileges to create Accounts, Contacts, Cases, Leads, and Activities using Microsoft Dynamics CRM clients.
    • Data privileges to append, append to, and update Accounts, Contacts, Cases, Leads, and Activities created by any CRM user using Microsoft Dynamics CRM clients.
    • Data privileges to assign, share, and delete Accounts, Contacts, Cases, Leads, and Activities created by the same user using Microsoft Dynamics CRM clients.
    • Data privileges to follow and post activity feeds against Accounts, Contacts, Leads, Opportunities, and standard entity records created by any CRM user using Microsoft Dynamics CRM clients.
    • Data privileges to create custom entity records using API access only.
    • Data privileges to update custom entity records created by any CRM user using API access only.
    • Append data privileges using Microsoft Dynamics CRM clients for custom activity records created by any CRM user.
    • Append data privileges using API access only for custom entity records (excluding custom activity records) created by any CRM user.
    • Append to data privileges using Microsoft Dynamics CRM clients for custom entity records created by any CRM user.
    • Data privileges to assign, share, and delete custom entity records created by the same user using API access only.
    • Data privileges to follow and post activity feeds against custom entity records using API access only.
    • No data privileges to assign, share, or delete records created by other CRM users.
    • Read-only access to “Microsoft Dynamics CRM functionality”.

    Jason Lattimer

    Monday, October 15, 2012 2:05 AM
    Moderator
  • Question
    Sign in to vote
    0
    Sign in to vote

    Think I found the answer here: http://social.microsoft.com/Forums/en-US/crm/thread/36bcd361-fc70-4eb9-af81-96f5eafe7e6b

    They are not physically limited but depend on you to implement the the correct restriction

    kgorczewski says: "You have a license and you must to care about it to not have more users/devices "

    At least this was the case with MSDCRM 4

    Thanks

    Phil

    Monday, October 15, 2012 2:42 AM

All replies

  • Question
    Sign in to vote
    1
    Sign in to vote

    The excerpt below along with what I saw the guide describing the license functionality doesn't imply the need to manage functionality with a security role. With that said, on a test system I created a user and selected the "Limited" License Type, Access Mode "Read-Write" and assigned the CEO security role. I created a custom entity and assigned the CEO role full permissions on it. I created records with a different user both custom and stock and with my test "limited" user I was still able to delete them (security role allowed this). Looking further into the guide, the "limited" access is not supposed to be able mail merge or create workflows but I still was able to do so. 

    I'd be curious to see if someone else could validate this.

    Taken from: Microsoft Dynamics CRM 2011Licensing & Pricing Guide

    Limited CAL - The Limited CAL provides a user with full read-only access (e.g., for reports) and limited write access to “Microsoft Dynamics CRM functionality”. Users may view or query CRM data.

    The use rights supported for Limited CAL include:

    • Data privileges to create Accounts, Contacts, Cases, Leads, and Activities using Microsoft Dynamics CRM clients.
    • Data privileges to append, append to, and update Accounts, Contacts, Cases, Leads, and Activities created by any CRM user using Microsoft Dynamics CRM clients.
    • Data privileges to assign, share, and delete Accounts, Contacts, Cases, Leads, and Activities created by the same user using Microsoft Dynamics CRM clients.
    • Data privileges to follow and post activity feeds against Accounts, Contacts, Leads, Opportunities, and standard entity records created by any CRM user using Microsoft Dynamics CRM clients.
    • Data privileges to create custom entity records using API access only.
    • Data privileges to update custom entity records created by any CRM user using API access only.
    • Append data privileges using Microsoft Dynamics CRM clients for custom activity records created by any CRM user.
    • Append data privileges using API access only for custom entity records (excluding custom activity records) created by any CRM user.
    • Append to data privileges using Microsoft Dynamics CRM clients for custom entity records created by any CRM user.
    • Data privileges to assign, share, and delete custom entity records created by the same user using API access only.
    • Data privileges to follow and post activity feeds against custom entity records using API access only.
    • No data privileges to assign, share, or delete records created by other CRM users.
    • Read-only access to “Microsoft Dynamics CRM functionality”.

    Jason Lattimer

    Monday, October 15, 2012 2:05 AM
    Moderator
  • Question
    Sign in to vote
    0
    Sign in to vote

    I got similar results - I set a user to limited and tried to find what it couldn't do - but everything worked the same as a a full CAL.

    We've found a number of our users should be using a Limited CAL for what they are doing so I wanted to test how this worked before deploying.

    Thanks for your experiment :)

    Phil

    Monday, October 15, 2012 2:23 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Think I found the answer here: http://social.microsoft.com/Forums/en-US/crm/thread/36bcd361-fc70-4eb9-af81-96f5eafe7e6b

    They are not physically limited but depend on you to implement the the correct restriction

    kgorczewski says: "You have a license and you must to care about it to not have more users/devices "

    At least this was the case with MSDCRM 4

    Thanks

    Phil

    Monday, October 15, 2012 2:42 AM
  • Question
    Sign in to vote
    0
    Sign in to vote
    I suppose that probably makes sense, being there are no restrictions within the application itself to provide any limitations on licensing. It's up to the organization itself to manage the purchased licenses to what is actually implemented.

    Jason Lattimer

    Monday, October 15, 2012 1:07 PM
    Moderator