Tip #1079: Security Design Principles

We have a lot of flexibility when it comes to security in Dynamics 365; field-level, record-level, hierarchy, ad hoc sharing and so on. Sometimes, depending on the requirements, there are a few ways to skin the cat (such a violent expression). Whenever you are presented with a range of options to solve a problem, it […]

Tip #1068: How to Grant Access to Organization Insights

Back in my first TOTD post, I sung the benefits of Organization Insights. It is truly the administrator’s best friend. But what if a non-administrator wants in on the action? It turns out that, by default, the only two Security Roles that can see the Organization Insights dashboard are the System Administrator and System Customizer […]

Tip #1067: When two groups say “We want to hide our stuff but see everyone else’s”

Generally my policy is unless there is a REALLY good reason, all data in CRM should be shared. However, on rare occasion, there is a REALLY good reason. When you have one special group who want to hide their, say, Activities from everyone else, a well-placed Business Unit will do the job (either have one […]

Tip #1014: How to target delegated administrator in apps

Security administration

I love when people ask a question but then answer it themselves within couple minutes. Take, for example, Steve “RapidStart” Mordue. Has anyone else experienced issues with attempting to use an App Designer built app with Delegated Admin Role? Before I could even type my a non-answer stating that only someone insane would try something […]

Tip #994: Compare two security rules

Steve “kick the hornet’s nest” Mordue asks: Does anyone know of a tool for comparing two security roles easily? Good news Steve. There’s a Yack for that. David Yack’s fantastic Xrm.Tools has a security role explorer that allows you to easily compare two Dynamics 365 security roles, identify what is unique to each role, and […]