Tip #158: If upgrading more than one version, recreate security roles

Let’s say you work for a company that uses CRM 4.0, you did not upgrade to 2011,  and you now are moving to CRM 2013. If you use custom security roles (and most people do), I recommend recreating your custom security roles.

Many new privileges were added in CRM 2011, and even more were added in CRM 2013. if you use standard roles, these new permissions are automatically added to your roles; however, if you use custom roles, these privileges are not added to the roles. If you continue to use your existing security roles, you are in for many “access denied” permissions surrounding privileges, tablet apps, processes, and other new features.

Updating a custom role when moving one version is a challenge. Updating a custom role when moving two or more versions can sometimes be more trouble than it is worth.

  1. Start with a standard role with minimal permissions, such as the Salesperson role.
  2. Copy the role, creating a new custom role.
  3. Open your existing security role and snap to the left side of the screen using windows key + left arrow.
  4. Open your new custom security role and snap to the right side of the screen using windows key + right arrow.
  5. Update the new role to match the entity level permissions on the Core Records, Marketing, Sales, Service, and Custom Entity tabs.
  6. On the bottom of the Core Records tab, verify new permissions around auditing are enabled if desired.
  7. On Business Management tab, leave the settings for CRM for Phones and CRM for Tablets and Field Security set, unless you specifically need to disable them.
  8. Leave the Customization tab as it is by default in the new role. Since we copied a role that has no customization permissions, this will not make your users system customizers, but will verify that they have the correct settings to view the new metadata components.

By doing this your users will have what they need to use the new features and also will eliminate the majority of the role related issues upgraders experience with CRM for tablets.

 

Share on FacebookTweet about this on TwitterShare on Google+

3 thoughts on “Tip #158: If upgrading more than one version, recreate security roles

  1. […] Link til artikel (Engelsk): If upgrading more than one version, recreate security roles… […]

  2. […] Each new version of CRM adds additional security role permissions. These privileges are not enabled by default for custom security roles. When you upgrade one version, it is typically straightforward to add the missing privileges to existing custom security roles. If you move two or more versions, there will be a significant number of role discrepancies and it will likely take a significant amount of trial and error to get the missing privileges added to your roles to give access to the new functionality. That is why I strongly recommend that if you move two or more versions of CRM, recreate your custom security roles. […]

  3. […] Each new version of CRM adds additional security role permissions. These privileges are not enabled by default for custom security roles. When you upgrade one version, it is typically straightforward to add the missing privileges to existing custom security roles. If you move two or more versions, there will be a significant number of role discrepancies and it will likely take a significant amount of trial and error to get the missing privileges added to your roles to give access to the new functionality. That is why I strongly recommend that if you move two or more versions of CRM, recreate your custom security roles. […]

Leave a Reply

Your email address will not be published. Required fields are marked *