Sign in
Microsoft.com
 
Microsoft
 
 
 

locked
CRM Online User Management RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi All,

    A very basic question - being new to CRM Online.

    I understand we can synchronize on-premise active directory users with azure active directory.

    We can then activate the users and assign them CRM licenses.

    I also understand that security roles need to be assigned to all users to give them required permissions - as per the requirement.

    The question is - can a security group be assigned to security role?

    I have read you can assign security roles individually to a user but can they be grouped into a security group and then assigned to a role.

    For e.g. I might have a CSR AD group - managed on-premise and synchronized to azure active directory and I want this group be assigned a security role or roles.

    Please advise.

    Regards,

    Ajay Suri


    Tuesday, April 15, 2014 11:34 AM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote
    Hi,
    you can group crm users with a Team, and assign a crm security role to this Team.
    But AFAIK there isn't an OOB function to map AD groups to crm Teams (means you need to manually maintain the users inside the crm teams or build an application to accomplish this)

    My blog: www.crmanswers.net - Rockstar 365 Profile

    Tuesday, April 15, 2014 12:12 PM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote
    Hi,
    you can group crm users with a Team, and assign a crm security role to this Team.
    But AFAIK there isn't an OOB function to map AD groups to crm Teams (means you need to manually maintain the users inside the crm teams or build an application to accomplish this)

    My blog: www.crmanswers.net - Rockstar 365 Profile

    Tuesday, April 15, 2014 12:12 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Thanks Guido,

    Just a thought - Is it because the users need to be licensed individually?

    Regards,

    Ajay Suri



    Tuesday, April 15, 2014 12:25 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    I don't think this can be connected to the license method.

    This is more a user management problem. You have several AD users and of course they can be arranged using AD groups (to manage group policies, etc etc)
    The same management problem happens inside CRM, you have different users (belong to the same BU or different BUs) and you need to manage their access to the data with the security roles. A team can be a solution, because if two users are inside a team they obtain the permissions assigned to the team.
    But also if we have a connection between CRM users and AD users (for login purposes) a similar relation doesn't exist (I repeat OOB) between AD groups and CRM Teams

    My blog: www.crmanswers.net - Rockstar 365 Profile

    Tuesday, April 15, 2014 12:45 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Thanks Guido,

    Would have been ideal if it was able to map teams to security groups or assign security groups to security roles.

    It would have made life a lot easier as all user management would have been possible through on-premise AD.

    Anyways, thanks very much for your assistance.

    Regards,

    Ajay Suri

    Tuesday, April 15, 2014 12:52 PM