Creating a Security Role in Dynamics 365

In this blog post, we will learn how to create a Security Role in Dynamics 365. Before we start with how to create a Security Role, lets first understand what a Security Role is. Security roles in Microsoft Dynamics 365 are a matrix of privileges and access levels for the various entities. They are grouped under different tabs based on their functionality. These groups include: Core Records, Marketing, Sales, Service, Business Management, Service Management, Customization and Custom Entities.

What are Privileges?
Privileges are the basic security units that outline what action a user can perform in the CRM system. These cannot be added or deleted but only modified. The common privileges in Microsoft Dynamics 365 for each entity are as follows:

  • Create — Allows the user to add a new record
  • Read — Allows the user to view a record
  • Write — Allows the user to edit a record
  • Delete — Allows the user to delete a record
  • Append — Allows the user to attach other entities to, or associate other entities with a parent record
  • Append to — Allows the user to attach other entities to, or associate other entities with the record

What are Access Levels?
This is indicated by the degree of fill and color of the little circles against each entity for each privilege. These levels determine the records of an entity upon which the user can perform a given privilege. The 5 levels of access are as follows:

  • None — No privileges given
  • User — Privileges to the records owned by the user or shared with the user. Also includes the privileges owned by the team to which the user belongs.
  • Business Unit — Privileges for all records owned in the business unit to which the user belongs
  • Parent: Child Business Unit — Privileges for all records owned in the business unit to which the user belongs and to all the child business units subordinate to that business unit
  • Organization — Privileges for all records in the organization regardless of who owns it

Usually a base security role is assigned to each user. Additional privileges can be assigned by adding a role with more privileges since the higher authority prevails. If the default security roles are not meeting the organizations’ security needs, new roles can be created in one of three ways-

  • Modifying a default role
  • Creating a new custom role from scratch
  • Copying an existing role as a new role
  1. First navigate to Settings. Under the System list, click on Security then Security Roles.
  2. Select the Security Role that you want to copy.On the Actions toolbar click on More Actions. In the box that opens click Copy Role.
  3. A dialog box opens. In the New Role Name field type the name of the new role.If you want to change the privileges for the new Security Role, choose the ‘Open a new Security Role when copying is complete’ check box. Click OK.

Creating a new security role from scratch is not recommended as there are 580 pre-defined privileges. The better way is to copy an existing role and modify it so that it is much easier and at the same time it also helps in maintaining consistency in the system’s security.

In this manner we were successfully able to create a new Security Role in Dynamics 365.

Thanks for visiting this blog post. If you have any questions or comments, please do drop them in the comment section below so I can get back to you.

Public Cloud Consultant | Microsoft MVP | Solutions Specialist (Azure) | Azure Certified | Microsoft Certified Trainer A decade more experience working across various Microsoft products, programs, projects & technologies. Experience leading CoE (Centers of Excellence) for Azure, Microsoft 365, Dynamics 365 & Power Platform among others. Enabler in customer's hybrid cloud, cloud assessment, migration and modernization journey.

Leave a Reply

Your email address will not be published. Required fields are marked *