Sign in
Microsoft.com
 
Microsoft
 
 
 

locked
Field level Security - CRM 2011 RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    I am adding couple of fields to to the incident as part of an enhancement request.

    Only Role1 (already existing) should be able to edit the new fields.

    All other role could read the data.

    How do the set the default behavior of the fields to be read only ? I don't have any teams defined.

    I am looking for something that I can set this without changing other roles..(there are lot of users on the other roles)

    Can we associate role and field security role instead of creating a team or adding  users one by one?

     

    Tuesday, April 30, 2013 2:04 PM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote

    I could suggest you to use two solutions:

    1- Use field security profile, and only give the write access to the desired security role. Other users only have read access on this field.

    2- Create two similar forms for the entity. On form A the field is read only and on the form B the field is its normal condition. Then, only the desired user should see the form B and other should see form A.


    My Weblog | My Website

    Tuesday, April 30, 2013 2:33 PM
    Moderator

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote

    I could suggest you to use two solutions:

    1- Use field security profile, and only give the write access to the desired security role. Other users only have read access on this field.

    2- Create two similar forms for the entity. On form A the field is read only and on the form B the field is its normal condition. Then, only the desired user should see the form B and other should see form A.


    My Weblog | My Website

    Tuesday, April 30, 2013 2:33 PM
    Moderator
  • Question
    Sign in to vote
    0
    Sign in to vote

    1. how do i associate field security role to user security role ?. I could see only teams and users..

    2. Too much work for a small change. Lot of fields..and going forward I need to maintain 2 forms,,duplicate business logic on both forms for every enhancement/change..

    Tuesday, April 30, 2013 2:53 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    Of course you could not! You could only associate the security profiles to users and teams. And you said in your requirement that only one or two users could have distinct privileges. Hence, grant to those users the required profile privilege.


    My Weblog | My Website

    Tuesday, April 30, 2013 3:03 PM
    Moderator
  • Question
    Sign in to vote
    0
    Sign in to vote

    Role 1 has X number of users..(users that can edit)

    This could create a security hole that If a new user is added to the system in any roles (without a team that is associated to the filed level security ) would get access to the fields..

    Tuesday, April 30, 2013 3:11 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    If so, create a team and assign the X number of the users to the team. Then define the security profile for that team. On hire or fire of the employee you could add or remove them from this team.


    My Weblog | My Website

    Tuesday, April 30, 2013 3:19 PM
    Moderator
  • Question
    Sign in to vote
    0
    Sign in to vote

    users (already) belongs to different roles. I need to specify one role should edit and all others should read (preserving their existing roles and security).

    looks like adding all roles to the team gives cumulative privileges

    So far only way i was able to achieve this by adding users to the field security profile one by one.. (even though I know their roles)

    Tuesday, April 30, 2013 4:31 PM