cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Highlighted
Post Prodigy
Post Prodigy

How Parent Business Unit works?

Hello,

 

As per my understanding, users in Parent BU will have access on every child BUs resources that comes under that parent BU.

 

Please find the setup as follows:

 

BUParent BUTeamTeam Security RoleUser
IT001 Admin BUOrgBUIT001 Group TeamApp Security RoleIT001U1
IT002 BUIT001 Admin BUIT002 Group TeamApp Security RoleIT002U1
IT003 BUIT001 Admin BUIT003 Group TeamApp Security RoleIT003U1
IT004 BUIT001 Admin BUIT004 Group TeamApp Security RoleIT004U1

Security Role is scoped at BU level for write and delete operations while rest of the operations are at org level.

 

Now, as per the above setup, I assume, user IT001U1 can have access on everything created under IT001 Admin BU, however records are still behaving as per the assigned security role to IT001U1.

 

Can you please clarify, what access level users get when added into the Parent BU? What is the importance of adding user into Parent BU?

 

Thanks and Regards,

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Resident Rockstar
Resident Rockstar

Re: How Parent Business Unit works?

Hi @dave8 

It depends on how you configure your security role , so if the User in Parent Organization and needs to access records in the Child organization so the access should be as below:

Mira_Ghaly_0-1597136553511.png

 

 

If this post helps you with your problem, please mark your as Accepted solution.

If you like my response, please give it a Thumbs Up.

MG (Naturally Curious)

If this post helps you with your problem, please mark your as Accepted solution.If you like my response, please give it a Thumbs Up.

View solution in original post

8 REPLIES 8
Highlighted
Resident Rockstar
Resident Rockstar

Re: How Parent Business Unit works?

Hi @dave8 

It depends on how you configure your security role , so if the User in Parent Organization and needs to access records in the Child organization so the access should be as below:

Mira_Ghaly_0-1597136553511.png

 

 

If this post helps you with your problem, please mark your as Accepted solution.

If you like my response, please give it a Thumbs Up.

MG (Naturally Curious)

If this post helps you with your problem, please mark your as Accepted solution.If you like my response, please give it a Thumbs Up.

View solution in original post

Highlighted
Post Prodigy
Post Prodigy

Re: How Parent Business Unit works?

Hi @Mira_Ghaly 

 

Thank you for your response, it was very helpful.I see after changing the BUs of users and Security role  with Child-Parent BU scope, users from parent BU can work on records created by users from child BU - If both the users have same security role assigned and hence app.

 

so, this is about the CDS records impact with parent-child BUs, however how about the app.

 

Let's assume that user from child BU has created an app, then will this app be visible by user from parent BU? or it can only be visible if user is assigned with the app's security role?

 

How to make user from Parent BU to see everything (App,entity,records - anything in D365) done by user from Child BU?

 

Thanks,

 

Highlighted
Resident Rockstar
Resident Rockstar

Re: How Parent Business Unit works?

@dave8 

What type of app you are referring to?

If this post helps you with your problem, please mark your as Accepted solution.If you like my response, please give it a Thumbs Up.
Highlighted
Post Prodigy
Post Prodigy

Re: How Parent Business Unit works?

anything created by user from child BU under D365, so Model driven App.

 

How to make user from Parent BU to see everything (App,entity,records - anything in D365) done by user from Child BU?

 

Thanks and Regards,

Highlighted
Resident Rockstar
Resident Rockstar

Re: How Parent Business Unit works?

@dave8 

When a Model Driven App is created , the users accessing the app will be dependent on the Security Role assigned to the App, So any user with the same security role assigned to the APP can access the Model Driven Apps.

 

For Canvas app , any user whom the canvas app is shared with can access the App.

 

Of course this is based on the Assigned Licenses to the users.

 

If this post helps you with your problem, please mark your as Accepted solution.

If you like my response, please give it a Thumbs Up.

MG (Naturally Curious)

 

 

If this post helps you with your problem, please mark your as Accepted solution.If you like my response, please give it a Thumbs Up.
Highlighted
Post Prodigy
Post Prodigy

Re: How Parent Business Unit works?

Yes, this information I am aware of, however does it mean that user from parent BU must have security role assigned to the app, even if the app is shared with parent-child BU scope role to user from child BU in order to see app created in D365 ?

 

Meaning, there is nothing like an Admin rights on group of teams - but it's all about "Security Role" assignment to the user/app?

 

Thanks and Regards,

Highlighted
Resident Rockstar
Resident Rockstar

Re: How Parent Business Unit works?

@dave8 

Exactly for the Model Driven app it is all dependent on the Security Role.

If this post helps you with your problem, please mark your as Accepted solution.If you like my response, please give it a Thumbs Up.
Highlighted
Post Prodigy
Post Prodigy

Re: How Parent Business Unit works?

Thank you for your time on this! Awesome you!

 

Regards,

Helpful resources

Announcements
Community Conference

Power Platform Community Conference

Find your favorite faces from the community presenting at the Power Platform Community Conference!

Watch Now

Experience what’s next for Power Apps

See the latest Power Apps innovations, updates, and demos from the Microsoft Business Applications Launch Event.

Power Platform ISV Studio

Power Platform ISV Studio

ISV Studio is designed to become the go-to Power Platform destination for ISV’s to monitor & manage published applications.

secondImage

Power Platform 2020 release wave 2 plan

Features releasing from October 2020 through March 2021

Users online (5,767)