Friday, October 6, 2017

MB2-712 - Security - Business Units and Users

Business units allows to define the structure of the organisation. 

Users, teams and security roles will be linked to business units and make them a fundamental building block in the security model for Dynamics CRM. 

Important things to know about BU:



  • Root BU can be renamed but cannot be deleted, disabled or moved to have a parent BU
  • Name of the root BU is default to the organisation name when system is first time deployed and can be changed
  • Child BU have parent which will be root BU or another child business  unit
  • Parent business unit for new child BU will default to root BU
  • Child BU can be renamed, disabled and deleted (only after disabled)
  • Child BU can be moved under new parent and doing this will also move all users under
  • Any users in business unit will lose access to system if BU is disabled
When creating a user in on premise CRM, the username will be Domain-name\Username from active directory and with Office 365, you need to assign a CRM licence from admin area.

When creating a User, BU is a mandatory field and will default to root BU. To access CRM, each user must have at-least one security role assigned to it.

with on premise, you can add multiple users at the same time. when you select New multiple users, you have to select BU and security roles and each user will then have same roles and business units and you have to select access type for those users.

You can add users from Active directory, which works well when more number of users needs to be added. all users created will have same business unit and roles, so if there are multiple BU or need to assign different security roles, then you need to do this process multiple times to achieve what's needed.

User cannot be deleted, but can be disabled. With on premise, you can disable user and for online CRM, you have to remove their licence.

If you move user BU, and if it has more records created, then might take longer to update all and if user is moved from one to another BU, all security roles will be removed and user must be assigned with new security roles to continue access CRM system.

Questions/comments/suggestions? please put it in comments below post for further discussion!!!

Follow By Email for more updates directly into your inbox...


at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)