Remove From My Forums

CRM 2011 - User roles dont change anything about acces right

Question
0

Sign in to vote

Hi,

We have test deployment in whic crm and sql are on same machine , base deployment is turkish.

We try to give specific user roles to test user but, strange thin is it dont affect user acces level to system.

Do you have any suggestion, some of trace logs are like these.

I aplied this succestion but nothing changed : http://social.microsoft.com/Forums/en/crmdeployment/thread/66075c99-0e51-4cd0-8167-b2fb3b290467

Thanks,

[2011-08-11 16:52:50.371] Process: w3wp |Organization:00000000-0000-0000-0000-000000000000 |Thread: 16 |Category: Exception |User: 00000000-0000-0000-0000-000000000000 |Level: Error | CrmException..ctor

at CrmException..ctor(String message, Exception innerException, Int32 errorCode, Boolean isFlowControlException)

at CrmException..ctor(String message, Int32 errorCode)

at PlatformCommand.CreateCrmExceptionFromServiceFault(FaultException`1 fe)

at PlatformCommand.XrmExecuteInternal()

at UpdateCommand.Execute()

at RecentlyViewedList.SaveInternal(IOrganizationContextEx context, Int32 typeCode, String recentlyViewedXml, Dictionary`2 entityList)

at RecentlyViewedList.SaveAll(IOrganizationContextEx context, Boolean dataChanged, IList`1 clientEntityList, IList`1 clientViewList, ICollection`1 etcList)

at RecentlyViewedList.SaveAll(IOrganizationContextEx context, String recentlyViewedXml)

at RecentlyViewedWebService.UploadRecentlyViewed(String recentlyViewedXml, Boolean retrieveAfterUpdated)

at RuntimeMethodHandle._InvokeMethodFast(IRuntimeMethodInfo method, Object target, Object[] arguments, SignatureStruct& sig, MethodAttributes methodAttributes, RuntimeType typeOwner)

at RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks)

at RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)

at LogicalMethodInfo.Invoke(Object target, Object[] values)

at WebServiceHandler.Invoke()

at WebServiceHandler.CoreProcessRequest()

at SyncSessionlessHandler.ProcessRequest(HttpContext context)

at HandlerWrapper.ProcessRequest(HttpContext context)

at CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()

at HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

at ApplicationStepManager.ResumeSteps(Exception error)

at HttpApplication.System.Web.IHttpAsyncHandler.BeginProcessRequest(HttpContext context, AsyncCallback cb, Object extraData)

at HttpRuntime.ProcessRequestInternal(HttpWorkerRequest wr)

at ISAPIRuntime.ProcessRequest(IntPtr ecb, Int32 iWRType)

>Crm Exception: Message: SecLib::AccessCheckEx failed. Returned hr = -2147187962, ObjectID: feded79d-6787-e011-9122-d8d385bbd450, OwnerId: 1f462846-6387-e011-9122-d8d385bbd450, OwnerIdType: 8 and CallingUser: 1f462846-6387-e011-9122-d8d385bbd450. ObjectTypeCode: 2500, objectBusinessUnitId: e0469786-f786-e011-b370-d8d385bbd450, AccessRights: WriteAccess , ErrorCode: -2147187962

--

[2011-08-11 16:52:50.358] Process: w3wp |Organization:1e159a0a-7af1-488f-b2a2-7fbbdeabb69e |Thread: 16 |Category: Platform |User: 92a7a737-f7dd-42cf-ae6d-c55e55b469e0 |Level: Error | MessageProcessor.Execute

at MessageProcessor.Execute(PipelineExecutionContext context)

at InternalMessageDispatcher.Execute(PipelineExecutionContext context)

at ExternalMessageDispatcher.ExecuteInternal(IInProcessOrganizationServiceFactory serviceFactory, IPlatformMessageDispatcherFactory dispatcherFactory, String messageName, String requestName, Int32 primaryObjectTypeCode, Int32 secondaryObjectTypeCode, ParameterCollection fields, CorrelationToken correlationToken, CallerOriginToken originToken, UserAuth userAuth, Guid callerId, Guid transactionContextId, Int32 invocationSource, Nullable`1 requestId, Version endpointVersion)

at ExternalMessageDispatcher.Execute(IInProcessOrganizationServiceFactory serviceFactory, IPlatformMessageDispatcherFactory dispatcherFactory, String messageName, String requestName, Int32 primaryObjectTypeCode, Int32 secondaryObjectTypeCode, ParameterCollection fields, CorrelationToken correlationToken, CallerOriginToken originToken, UserAuth userAuth, Guid callerId, Guid transactionContextId, Int32 invocationSource, Nullable`1 requestId)

at OrganizationSdkServiceInternal.ExecuteRequest(OrganizationRequest request, CorrelationToken correlationToken, CallerOriginToken callerOriginToken, WebServiceType serviceType)

at OrganizationSdkServiceInternal.Execute(OrganizationRequest request, CorrelationToken correlationToken, CallerOriginToken callerOriginToken, WebServiceType serviceType)

at InprocessServiceProxy.ExecuteCore(OrganizationRequest request)

at PlatformCommand.XrmExecuteInternal()

at UpdateCommand.Execute()

at RecentlyViewedList.SaveInternal(IOrganizationContextEx context, Int32 typeCode, String recentlyViewedXml, Dictionary`2 entityList)

at RecentlyViewedList.SaveAll(IOrganizationContextEx context, Boolean dataChanged, IList`1 clientEntityList, IList`1 clientViewList, ICollection`1 etcList)

at RecentlyViewedList.SaveAll(IOrganizationContextEx context, String recentlyViewedXml)

at RecentlyViewedWebService.UploadRecentlyViewed(String recentlyViewedXml, Boolean retrieveAfterUpdated)

at RuntimeMethodHandle._InvokeMethodFast(IRuntimeMethodInfo method, Object target, Object[] arguments, SignatureStruct& sig, MethodAttributes methodAttributes, RuntimeType typeOwner)

at RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks)

at RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)

at LogicalMethodInfo.Invoke(Object target, Object[] values)

at WebServiceHandler.Invoke()

at WebServiceHandler.CoreProcessRequest()

at SyncSessionlessHandler.ProcessRequest(HttpContext context)

at HandlerWrapper.ProcessRequest(HttpContext context)

at CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()

at HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

at ApplicationStepManager.ResumeSteps(Exception error)

at HttpApplication.System.Web.IHttpAsyncHandler.BeginProcessRequest(HttpContext context, AsyncCallback cb, Object extraData)

at HttpRuntime.ProcessRequestInternal(HttpWorkerRequest wr)

at ISAPIRuntime.ProcessRequest(IntPtr ecb, Int32 iWRType)

>MessageProcessor fail to process message 'Update' for 'userentityuisettings'.

---

Ersin Öztürk - TR http://www.ersinozturk.net/

Thursday, August 11, 2011 2:23 PM

All replies

1

Sign in to vote
Hi

Use Business Unit approach and add users to the business unit according to your criteria.

Check this link this might be helpful.

http://www.dynamicscrmtrickbag.com/2011/07/20/dynamics-crm-2011-security-roles/

Thanks

fayz
Fkhoja
- Proposed as answer by Jim Glass Jr Thursday, August 11, 2011 5:39 PM
- Unproposed as answer by Ersin Öztürk Sunday, August 14, 2011 9:00 PM
- Proposed as answer by Fkhoja Tuesday, November 29, 2011 9:28 AM
Thursday, August 11, 2011 3:06 PM
0

Sign in to vote

Hi,

Thank you for reply but problem is, assume you have an user and after you remove all the roles s/he has, user can contunie to user crm system.

Ersin Öztürk - TR http://www.ersinozturk.net/

Friday, August 12, 2011 6:57 AM
0

Sign in to vote

And here is an screenshot. User has no roles assigned bu able to use crm system.

Ersin Öztürk - TR http://www.ersinozturk.net/

Tuesday, August 16, 2011 7:30 AM

Asked by:

CRM 2011 - User roles dont change anything about acces right

Question

All replies