Tip #1089: User Delete Privileges Stretch Further Than You Think

This one was discovered by my KPMG partners in crime Fiona Whiteing and Jijeesh Kunhiraman on a recent project. As you may know, for a record such as a Contact, if I own the record, I can see the child Activities whether my security role gives me permission or not. I do not know if […]

Tip #1086: Bring back content access levels

Protected area

Dynamics 365 Portals have a very convenient way to control access to knowledgebase articles – content access levels. Link contact, account, or web role to a content access level (e.g. Gold Partners), then simply associate that access level with a knowledgebase article and boom – that article is only available to the users associated with […]

Tip #1083: Don’t expire your passwords

Password

Mini Truckstop Jonas “The Shuffler” Rapp fed us a perfect question for a security slam dunk. Really? (Jonas’s words, not mine) Yes, really. We’ve already mentioned the brilliant password guidance in our tip 1031. Since some folks seem to have missed the memo, here’s the quote from the guidance (highlights are mine – g.d.). Most […]

Tip #1079: Security Design Principles

We have a lot of flexibility when it comes to security in Dynamics 365; field-level, record-level, hierarchy, ad hoc sharing and so on. Sometimes, depending on the requirements, there are a few ways to skin the cat (such a violent expression). Whenever you are presented with a range of options to solve a problem, it […]

Tip #1068: How to Grant Access to Organization Insights

Back in my first TOTD post, I sung the benefits of Organization Insights. It is truly the administrator’s best friend. But what if a non-administrator wants in on the action? It turns out that, by default, the only two Security Roles that can see the Organization Insights dashboard are the System Administrator and System Customizer […]

Tip #1067: When two groups say “We want to hide our stuff but see everyone else’s”

Generally my policy is unless there is a REALLY good reason, all data in CRM should be shared. However, on rare occasion, there is a REALLY good reason. When you have one special group who want to hide their, say, Activities from everyone else, a well-placed Business Unit will do the job (either have one […]

Tip #1061: Hierarchical security rebuild

Hierarchy

We have not done a mini truckstop for a while so it’s good to bag one at the beginning of the year. Question It’s a first time for Greg “Stealth MVP” Olsen to ask the MVP crowd a question. We have Hierarchy Security setup and working well for an enterprise customer, but not sure how […]

Tip #1017: Protect your cell number

Phone security

Microsoft’s strong focus on security means sometimes they get false positives for people signing up for trials and misdiagnose them as bots or service abusers. If you provision multiple Dynamics 365 trials, chances are you found yourself in this situation more than once. Other scenario where you wouldn’t want to use your number if you […]