Matrix data access in Dynamics 365
Microsoft introduced record ownership across business units in Dynamics 365 as a preview feature on the Microsoft docs website.
I think this a cool new feature for organizations that have a matrix organizational structure and are struggling to fit this in their CRM system. For example, they have a product sales specialist that works with customers across different sales departments. And you don't want to grant them access to customers of all the sales teams.
There already are a lot of possibilities around this in Dynamics 365 at the moment. For example, record sharing, hierarchy security, business unit hierarchy and team ownership. Each solution has its advantages and disadvantages. Compared the current solutions, the modernized business units structure Microsoft introduced now, brings manageable nonhierarchic security that maintains natural ownership to the table.
With this new feature you can add security roles from other business units to a user besides the user's standard business unit. The result is that users have the privileges from their own security roles in their own business unit as well as the privileges from the other security roles in the other business units. In this case the sales specialist is able to work with customers that are owned by users from other teams.
This preview feature is not automatically enabled and is not yet recommended for production environments. A system administrator can enable this feature and configure user privileges in the Power Platform admin center. Here's how you do it.
Go to the environment - Settings - Features and turn Record ownership across business units (Preview) on.
领英推荐
After about a couple of minutes the feature is enabled. Then you go to back to the environment settings and go to Users. There you select the user and press the button Manage security roles. You are only able to select and configure security roles one user at the time.
In the side panel you can now change business units of the other teams and add the security roles needed. For example, assign a security role that gives privileges on business unit level for accounts. Also think about to include other related records such as contacts and opportunities.
The user is now able to work with all the customers that are owned by users in the other teams, without having to share each record separately or to implement a rigid security hierarchy.