User and team entities
Applies To: CRM 2015 on-prem, CRM Online
User and team management is the area of Microsoft Dynamics CRM where you can create and maintain user accounts and profiles.
A user is any person who works for a business unit who uses Microsoft Dynamics CRM. Each user has a user account. All users must be associated with only one business unit. This association controls which customer data the user will have access to. Included in the user's account is information such as the user's telephone numbers, email address, and a link to the user's manager. Each user has privileges and rights to manage their own personal settings. Each user corresponds to a user in the Active Directory for that organization. When you create a user, you must assign the user to at least one security role. Even if the user is part of a team that has assigned roles, the user should be assigned to a role. For more information about access levels and roles, see How role-based security can be used to control access to entities in Microsoft Dynamics CRM.
A team is a group of users. Teams let users across an organization collaborate and share information. For more information about teams, see Use access teams and owner teams to collaborate and share information.
Records can be owned by users or teams. Set the OwnershipType to OwnershipTypes.UserOwned or OwnershipTypes.TeamOwned to enable ownership. You can use the ReassignObjectsOwnerRequest message or the ReassignObjectsSystemUserRequest message to do bulk reassignment of all records for an owner.
The following illustration shows the entity relationships for users and teams.
In Microsoft Dynamics CRM, users can be disabled but they cannot be deleted. To find the user who is currently logged on or who is impersonated, call the WhoAmIRequest message.
The following table provides details about the significant attributes for the system user entity.
Specifies the type of access that this user has to Microsoft Dynamics CRM. This is sometimes referred to as the type of user.
Specifies the user’s license type.
Specifies whether the user is disabled. Only licensed users or users who have an access mode of support or non-interactive can be enabled. Support users cannot be disabled.
Specifies whether the user is licensed. This applies to customers who access Microsoft Dynamics CRM Online through the Microsoft Online Services environment. This attribute is read-only, and is updated by the system.
Specifies whether the user is synchronized with the Office 365 directory. This applies to customers who access Microsoft Dynamics CRM Online through the Microsoft Online Services environment. This attribute can only be set on create and is otherwise read-only.
Specifies the default queue for the user.
Access checks are additive. You can access entities based on the roles assigned to the user plus the roles assigned to the team that a user is a member of. This allows a user to have privileges outside their business unit.
|A user's set of privileges is a union of privileges from the user's roles and privileges from all teams’ roles in which the user is a member.|
For more information about how users are provisioned in and synchronized with Microsoft Office 365, see Synchronized users in Microsoft Dynamics CRM Online and Office 365.
Non-interactive users are often used when writing service-to-service code because they do not use up a license. Microsoft Dynamics CRM Online allows for five free non-interactive users. To disable a non-interactive user, update the user record changing the accessmode value to any other value. The user will be disabled automatically.
ConceptsSynchronized users in Microsoft Dynamics CRM Online and Office 365
Use access teams and owner teams to collaborate and share information
Team entity messages and methods
TeamTemplate entity messages and methods
SystemUser (user) entity messages and methods
UserSettings entity messages and methods
Privilege and role entities
Other ResourcesAdministration and security entities
Sample: Assign a record to a team
Sample: Create an on-premises user
Sample: Disable a user
Sample: Share records using GrantAccess, ModifyAccess and RevokeAccess messages
Sample: Share a record using an access team
Blog: Service Accounts – Non-Interactive Users
Microsoft Dynamics CRM 2015 and Microsoft Dynamics CRM Online
Send comments about this topic to Microsoft.
© 2015 Microsoft. All rights reserved.