New Entities and Security Privileges in CRM 2013

Any new release of CRM comes with additional features. Most of these features have a security privilege associated with it. With the introduction of new functionalities in CRM 2013, there are new entities and security privileges available. Let’s have a look at what these privileges are and why are they necessary.

Tab

Entity/Privilege

Description

Core Records

Trace

The TraceLog entity is an internal entity which is visible in the system but have no supported developer scenarios. It’s not known at this stage if this entity is only required by the Microsoft Support Personnel.

Manage Data Encryption Key – Change | Read | Activate

In order to support the new server-side sync and Yammer integration capabilities, Dynamics CRM 2013 needs to store passwords for email services and Yammer authentication tokens. Microsoft Dynamics CRM 2013 uses standard Microsoft SQL Server cell level encryption for a set of default entity attributes that contain sensitive information, such as user names and email passwords.

More information about Data encryption can be found here.

Business Management

E-mail Server Profile

This entity represents the email server profile for an organization. Email server profiles in Microsoft Dynamics CRM store settings that are used by server-side synchronization to connect to an email server and process email for the associated mailboxes.

More information on how to create an email server profile and add mailboxes to an email server profile can be found here.

Mailbox

The Mailbox entity represents the mailbox synchronization settings for user, queue, or forward mailbox. It is used for synchronization of incoming or outgoing email as well as appointment, contacts and tasks. The user’s mail preferences for incoming/outgoing mail are set on the mailbox entity. If the users are not granted the read permission to mailbox entity, they will not be able to configure CRM Outlook Client.

CRM for Phones

This was previously known as the ‘Go Mobile’ privilege in the earlier versions of CRM. Granting this privilege enables the users to use CRM for phones.

More information on how to setup CRM for phones is provided here.

Go Offline in Outlook

If your users install CRM for Outlook, and are granted the “Go Offline in Outlook” privilege, they can work offline with the Microsoft Dynamics CRM records that they own.

Use CRM For tables

This privilege is similar to the “CRM for Phones” privilege. By granting just the “CRM for Tablets” permission would not enable the users to use CRM for tablets. They have to be granted read permissions on System Application Metadata and read/write permission on User Application Metadata privileges.

More information on how to setup CRM for tablets can be found here .

Customization

Process Session

This privilege was known as “Dialog Session” in CRM 2011. This enables the user to run the dialog sessions in CRM 2013.

System Application Metadata

By granting just the “CRM for Tablets” permission would not enable the users to use CRM for tablets. They have to be granted read permissions on System Application Metadata and read/write permission on User Application Metadata privileges.

User Application Metadata

By granting just the “CRM for Tablets” permission would not enable the users to use CRM for tablets. They have to be granted read permissions on System Application Metadata and read/write permission on User Application Metadata privileges.

Activate Business Process Flows

A business process flow guides you through various stages in the business process, from start to finish. Once the business process flow is configured and before they can be used, they need to be activated. The ‘Activate Business Process Flows’ privilege enables the user to activate a business process flow.

Activate Real-Time Processes

Similar to the Business process flow, the real-Time processes are another category of workflow processes in CRM 2013. The user will be able to activate a real time process if this privilege is granted.

Activate Business Rules

This privilege is similar to business process flows and real-time processes. The user will be able to activate the business rules process if this privilege is granted.
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s