March Blog Series: Connectivity
Insights from: Wendell Simmons (Product Management at Fullscope) and Ashley Kleeman (Fullscope Microsoft CRM Business Analyst)
Nothing is as frustrating as being blocked by a vague Access Denied error. There's no clue as to what the issue is and in most organizations with integrated systems, the problem could be anywhere. That's when the support team puts on their detective hats and start the source elimination process which can be tedious. I reached out to Ashley for any quick tip to get to the ah-ha moment faster.
Ashley, typically when IT support gets a vague "Access is denied" error ticket, the first assumption may be there's a security issue, but the source unclear. Also, the root cause may be something else entirely. What's your approach to solving this problem?
Access Denied can be caused by many things. Network settings, plugin privileges, or any change in Dynamics CRM's security model could cause these unintended consequences. The first step is to identify which system is triggering the message. Identifying, or eliminating, the CRM security model should be the first step.
The security model configuration is often complex and time consuming to debug. Do you have a faster way to determine if it's the culprit?
Yes, there is a way to determine if you have a CRM security issue. I recommend that the administrator keep a Test User account so that the administrator can research the issue without disrupting the user. They would:
- Assign the problem user roles to the Test Account and attempt to log-in.
- If they recreate the error the next step is to assign the User to the Admin Privilege, otherwise the problem is not with CRM User Security.
- If the problem persist with the Admin Privilege, then the issue is with the User Security role.
Well that's a quick test. Why does it work?
When you add the Admin Privilege it bypasses all other User Security Roles, effectively removing CRM security from the equation. Just be sure to remove the Admin Privilege from the affected user afterwards.
There you have it folks, a simple way to determine if your CRM security roles are blocking users' access to data. Based on this information, the help desk can better focus their triage efforts and get the user up and running faster.