Ran into a unique problem, I'm trying to avoid giving support staff System Administrator in the live environment of CRM, but making a custom role to create users and assign roles is difficult. I've been following the advice of Microsoft and the blogs, and
running trace and looking up the privilegeid in the privilegebase table, but it is seemingly complaining that I need to turn on privileges for of entities that these users won't need. For instance, it want them to have full access to Data import, which I just
don't understand.
So here is the crux of the question, does CRM require that a user possess the privilege they assign to others, basically, does a user need to have as much access as the roles it assigns? If not, how do I make this role?