Check access to a Dynamics 365 CRM record using ‘Check Access’ button

By | February 18, 2021

Introduction:

The most common issue that user faces while working on entity records is the access issue. Due to insufficient privilege, the user sometimes finds it difficult to work on the records. So, to overcome this and to let the users themselves know the assigned privileges, Microsoft has added a new button on the records called ‘Check Access’ using which user can easily check out their access to the records. Also, users can get to know how they got those privileges i.e., via security roles, sharing, directly assigned, or via the team the user belongs to.

How it works?

1) Open an Entity record for which you want to check access.

For example: Go to Account entity and open Account record as shown below:

Check access to a Dynamics 365 CRM

2) Click on Check Access button from the command bar.

3) The Check Access dialog box will be displayed with access information. Let’s explore the information that is displayed on the dialog box.

User Lookup:

This lookup field will only be displayed to the users having ‘System Administrator’ security role. Using the user lookup field, user can check the access/rights/privileges of other users.

Access:

User will be able to see and verify that they have required rights to perform an action on the record such as Read, Write, Create, Delete, Append, Append To, Assign and Share.

And by clicking on each action, user can see how respective access has been obtained.

Access via Security role:

  • Assigned Directly:

It shows that the selected record is owned by the logged-in user and displays the security role through which the user got access to the particular action on the record (i.e., Read, Write, Create, etc.) and the privilege level (User level, Business Unit level, Organization level, etc.) of the same.

For example: In this case, the logged-in user has having ‘Salesperson’ security role assigned and has an ‘Organization level Read’ Permission of the selected record.

  • Assigned to Team I’m member of:

It shows that the logged-in user does not have direct access to the record i.e. via their security role and got access to the particular action on the record (i.e. Read, Write, Create, etc..) via the team the user belongs to.

For Example: In this case, the logged-in user belongs to the ‘TEAM’ team having the ‘Sales Manager’ security role assigned which contains ‘Business Unit level Create’ Permission for the selected record.

Access via sharing record:

If the record is shared with the logged-in user, or the team user belongs to or the organization then shared access will be displayed. There are below possibilities of users getting access to records via shared access.

Record Shared with me:

If the checkbox is checked that means the selected record is shared with the logged-in user to perform certain actions on the record.

The record was shared with me because I have access to related records:

If the checkbox is checked that means the logged-in user has access to the related record of the selected record which is shared with the user.

For example: Account and Contact are related to each other and if Account record is shared with the current logged in user then on related contact record, this checkbox will be checked.

Record was shared with Organization:

If the checkbox is checked that means the selected record is shared with the organization to perform a set of actions and logged in user got access to record because user is present in the organization.

Record was shared with the team(s) that I’m a member of:

If the access checkbox is checked that means record is shared with the team and current logged in user belongs to the same team.

Record was shared with the team(s) that I’m a member of because team has access to related record:

If the checkbox is checked that means logged in user is having access of related record of the selected record which is shared with the team in which logged in user is present.

For example: Account and Contact are related to each other and if Account record is shared with the team current logged in user belongs to then on related contact record, this checkbox will be checked.

Access via Hierarchy Setting:

The hierarchy access only takes place if Hierarchy Security management is enabled in that organization and for that entity, and if the user is a manager.

Record is owned by direct report:

If the access checkbox is checked that means logged in user is set as manager on the user record who is owner of the selected record.

Record is owned by a team my direct is a member of:

If the access checkbox is checked that means current logged in user is present in the team which is set as the owner of the selected record.

Record was shared to by direct report:

If the access checkbox is checked that means current logged in user is set as manager on the user record with whom the selected record has been shared.

My indirect report has Read access to record:

If the access checkbox is checked that means other users present in the user hierarchy at low level is having Read Access of selected record.

Conclusion:

In this way, ‘Check Access’ button makes much easier for the user to find out the security role involved and how the user got access to the particular record.

Marketing4Dynamics – Mailchimp and Dynamics 365 CRM integration to plan effective sales strategies, increase sales and improve ROI

  • Sync Audiences, Members and Tags from Mailchimp to CRM
  • Sync CRM Marketing List (Contacts/Leads) to Mailchimp
  • Sync Campaigns and Member activities from Mailchimp to CRM
  • Monitor and analyze Mailchimp campaign statistics through Dashboards in CRM