If you wish to have a link in the Dynamics CRM sitemap menu only appear for certain people, this can be accomplished by adding the privilege tag to the subarea in the sitemap XML. This allows you to specify that users must have the permission specified to see the link. For example, in the standard Activity Feed personal wall link in CRM 2013, users must have read permission for the Post entity to see the “What’s New” link.
If you don’t like performing XML surgery, an easier way to do it is with the sitemap editor in the XRM Toolbox. By right clicking on a sitemap link, you can select “Add Privilege,” then specify the entity and the permission required.
So what if you want to hide an entire area for a group of users? If all links in an area are hidden for a user, the entire area will go away. So, for example, say you want to hide the Settings area for users who are not System Administrators? In that case, you could add a privilege tag to all of the subareas in the settings area and specify read permission for the Solution entity. Any user who is does not have read permission for the Solution entity will not see the Settings area button.
But what if you want to show it to a specific group and hide from all of the rest of the groups, and there is no specific permission that group has that is not shared by the other groups? For example, say that you add an “Inside Sales” sitemap area to group links needed by the inside sales group. This includes links that other groups have access to, but you want to hide this area from other groups to simplify their user experience.
In this example, you could create a new custom entity called “Inside sales view.” Do not add the custom entity to the sitemap, but only give read permission to the entity to the inside sales group. Then add a privilege tag to each of the subareas in the “Inside Sales” sitemap area based on read permission for the “Inside Sales View” entity.
The result will be that only the inside sales group (and system administrators) will see the new sitemap area.