Sign in
Microsoft.com
 
Microsoft
 
 
 

locked
CRM 2011 OOB Security Roles RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hello,

    I have been working with a client recently who wants to delete all the OOB security roles from CRM 2011.

    Initially our thoughts were you can do it however the OOB roles are a very good foundation for building your own roles from. (that's my advice anyway)

    Some have said this is fine, others have said they wouldn't do it, so I thought why not ask the internet for opinions... :)

    any advice welcome.

    Wednesday, March 12, 2014 10:17 AM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi rattylaa,

    For one of our Customers, we had a similar scenario, where they didn't use any of the OOB security roles, except the System Administrator (of course) and System Customizer. They had their own Customer Service role and Sales/Marketing roles inspite of CRM having them OOB. So, what we did was created roles having names as "CustomerName - SecurityRoleName". This way, we insisted they keep the OOB roles and use the ones starting with "CustomerName - ...". That way they didn't mixup the OOB and custom rules and they agreed to it.

    If that is the case with you, where they suspect mixing up custom roles with OOB ones, you can suggest what we did for our case. Or else, if they are too sceptical to use the OOB ones, you can remove them from Dynamics CRM (unless you already have users assigned to these rules). I believe they would only want to remove the OOB ones because they don't want to use it, which means they wouldn't want to create one by copying it from existing OOB ones as well; which means you can go ahead and remove them.

    Admin QuikView Solution for CRM 2013

    Wednesday, March 12, 2014 11:23 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    I allways delete the OOB security roles.

    I created my own CRM solution containing the minimum security settings required to run a user on CRM. So I use that role and modify the users needs from that.

    Rune Daub Senior Consultant - Dynateam CRM http://www.xrmmanagement.com

    • Proposed as answer by RuneDaub Wednesday, March 12, 2014 1:31 PM
    Wednesday, March 12, 2014 1:31 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Simple - remove them from UAT / QA / test / training and Live / production but keep the OOB roles in your Development organization.

    And/or create a one-off Solution with them in and export to keep in case you want to restore them.

    Don't delete System Admin (you can't) and System Customizer (not sure if you can, but it can be very useful for the "magic" of having access to custom entities, which you could not reproduce on another custom role)

    Hope this helps.
    Adam Vero, Microsoft Certified Trainer | Microsoft Community Contributor 2011
    UK CRM Guru Blog

    Wednesday, March 12, 2014 7:12 PM