Security roles RRS feed

  • Question

  • I have created several business units. I have also created several users assigned to different business units. These users and business units have records assigned to them. My problem is that when I log in with credentials as a user in a different BU I can view all the records for the other users even though I have assigned Parent:Child Business Units to this user. The records are in the Account entity.
    Tuesday, September 24, 2013 11:46 PM

All replies

  • When you assign Parent:Child BU Read access on Account, the user will be able to read all the accounts in his BU and those in the subordinate business units of the BU he belongs to.

    Assign Business Unit level Read Access on Account if you want the user to view all the accounts in his BU but not from other BUs.

    Not sure of the BU structure you have configured. Consider adding a little more detail so that the issue can be narrowed down to.

    If my response helps you in finding your answer then please click 'Mark as Answer' and 'Vote as Helpful'

    Wednesday, September 25, 2013 4:28 AM
  • The structure I have is as follows;

    The organization has several branches and I have represented these as business units.

    Products are sold by the entire organization(common to all business units);

    Price lists should be specific to business units.

    Each business unit also controls it's own accounts and contacts.


    When a user in one business unit logs into the system they are able to view and change details of products, price lists and accounts; which belong to other business units or the organization. I'm using the default security roles that are inbuilt in dynamics.


    • Edited by Liech_Leo Wednesday, September 25, 2013 4:37 AM
    Wednesday, September 25, 2013 4:35 AM
  • Can you please also specify the hierarchy of these BUs as which one is parent, which one is child?

    Manny Grewal

    • Edited by Manny Grewal Wednesday, September 25, 2013 10:59 PM
    Wednesday, September 25, 2013 10:58 PM
  • If you don't want users to view accounts that belong to other BU users then change security role and grant security level of read/write to Business Unit only instead of Parent:Child Business Units.

    If this post answers your question, please click "Mark As Answer" on the post and "Mark as Helpful" Thanks, Imran Abbasi

    • Proposed as answer by Imran I Abbasi Thursday, September 26, 2013 1:51 AM
    Thursday, September 26, 2013 1:51 AM
  • Hi Guys,

    Thank you so much for your suggestions. You were all correct, however after drilling into the Account entity records I found that I had shared the records with that user and had not recorded that down :-( . Sorry for the trouble.


    Thursday, September 26, 2013 1:55 AM