There is a minimum of requirements for a security role.
F.ex. you need to give the role access to read users table, security roles table etc etc.
So just creating a role with access to the contact entity wont work.
What I normally do, is copy one of the sales representative roles and then start removing the security roles. Dont touch anything related to Business management, Service Management or Customizations tab.. unless you know what you are doing.
The rest of the tabs can be modified to fit your requirements.
Rune Daub Senior Consultant - Dynateam CRM http://www.dynateam.dk