Access levels
.gif) |
The access level for a privilege determines for a given entity type at which levels within the organization hierarchy a user can act on that type of entity. Microsoft CRM has the following levels of access, starting with the most access:
.gif) |
Global. This access level exposes to a user all entity instances within the entire organization, regardless of the business unit hierarchical level to which the instance or the user belongs. Users with Global access automatically have Deep, Local and Basic access as well.
Because this access level gives access to information throughout the entire organization, it should be restricted to match the organization's data security plan. This level of access is usually reserved for managers with authority over the organization. Note The application refers to this access level as Organization. |
.gif) |
Deep. This access level exposes to a user entity instances in the user's business unit and all business units subordinate to the user's business unit.
Users with Deep access automatically have Local and Basic access as well. Because this access level gives access to information throughout the entire business unit and subordinate business units, it should be restricted to match the organization's data security plan. This level of access is usually reserved for managers with authority over the business units. Note The application refers to this access level as Parent: Child Business Units. |
.gif) |
Local. This access level exposes to a user entity instances in the user's business unit.
Users with Local access automatically have Basic access as well. Because this access level gives access to information throughout the entire business unit, it should be restricted to match the organization's data security plan. This level of access is usually reserved for managers with authority over the business unit. Note The application refers to this access level as Business Unit. |
.gif) |
Basic. This access level exposes to a user entity instances he or she owns, objects that are shared with the user, and objects that are shared with a team of which the user is a member.
This is the typical level of access for sales and service representatives. Note The application refers to this access level as User. |
.gif) |
None Selected. None. |
Examples
If a user has Deep Read Account privileges, this user can read all accounts in his or her business unit, as well as all accounts in any child business unit of that business unit.
If a user has Local Read Account privileges, this user can read all accounts in the local business unit.
If a user is assigned the Basic Read Account privilege, this user can read only the accounts that he or she owns or the accounts that are shared with him or her.
A customer service representative with the Basic Read Account privilege can view accounts that he or she owns and to any accounts another user has shared with this user. This makes it possible for the representative to read the account data that is relevant to a service request, but not to change the data.
A data analyst with the Local Read Account privilege can view account data and run account-related reports for all accounts in his or her business unit.
A finance officer for the company with the Deep Read Account privilege can view account data and run account-related reports for all accounts in his or her business unit and as well as accounts in any child business unit.