Releasing Field Level Security Profiles

Field Level Security (FLS) is a great feature which allows you to lock down certain fields to specific users or teams. You can control who can read the data, create the data and edit the data. This allows administrators to account for many security needs. For more detailed information on Field Level Security review this TechNet documentation.

It is also a good idea to use solutions when moving customizations and this includes customizations to your security model and security settings. These are areas that can greatly impact users so they always should be tested in a development environment if possible.

Here are some things to keep in mind when moving Field Level Security Profiles between environments:

1. The field must have FLS enabled before the FLS Profile can be updated. This means your release process must be a 2 step process: (1) Import a solution containing the field and publish, then (2) Import a solution containing the FLS profile and publish. If all is contained in one solution you will get a warning on the FLS profile but not an error. Then all permissions for the field (with FLS freshly enabled) will be set to No. This means that only Administrators can view and edit the field.
2. When creating a new FLS profile, members must be added in each environment. The linked teams and users are not included in the solution and must be added manually.
3. Test thoroughly in each environment. Remember Administrators will always have access to any field with FLS enabled so other users need to be involved in testing. If one users is doing the testing for multiple roles, double check your changes and have them clear their cache between test cases. This will ensure any issues from items 1 and 2 do not occur.

How have you used Field Level Security? Any other tips for Administrators to keep in mind?

Two Year Blogaversary!

Today, May 3^rd, is my Two Year Blogaversary! I am so happy for this opportunity to have a small voice in the CRM Community. Over the past few years I have come a long way. I have gone from no certifications to five with another one in the works. I used to just attend CRMUG Chapter meetings and now I lead the meeting in Washington, DC (so save the date for May 13). Before, I did not know what a CRM MVP was and now some of them know my name!

In this short time frame I have created 96 blog posts (this will be 97) and had over 16 thousand page views. This may not be a whole lot in the grand scheme of things but it is far from nothing! I am so thankful to all of you for following and reading each week. I couldn’t have done any of this without the great CRM and CRMUG Communities!

I wanted to take this opportunity to review some of my top posts.

#1 – Tools for your CRM Success – This walks you through how to prepare to take your Microsoft CRM certifications. It discusses the resources to use and how to really learn the material.

#2 – Field Level Security vs. Not Searchable – A common point of confusion I run into is the difference between removing a field from the form while also making it Not Searchable and using Field Level Security. This has a handy chart to explain the differences. Even though this is an older post the material applies to all versions.

#3 – Real Life CRM – This is more of a funny post describing how I would use CRM if I had it for my regular life.

Finally, my Summit takeaway blogs have also been fairly popular. Check out Summit 2013 and Summit 2014. I look forward to being at Summit in Reno this year and continuing the tradition!

That’s all I have for you tonight. Thank you again for all your support that got me here!

November 21 Blog Review

It was a fairly quiet week in the CRM world. Everyone is busy working to be done before the holidays. Let’s take a look at some of the top posts.

PowerObjects taught us about Calculated Fields in Dynamics CRM 2015. This walks through an example to show you how to set up Calculated Fields.

Adam Vero posted a blog about his experience as a CRMUG member. Take a look if you are interested in what it means to be involved with CRMUG, lead a chapter meeting, and be an MVP at Summit.

CRM Tip of the Day also posted several helpful tips:

• Beware of the implications of “non searchable” fields – this discusses the implications and considerations to keep in mind when setting a field to searchable = no (also check out my blog on the topic comparing non searchable to field level security)
• Server Side Sync and View in CRM – there is a known issue that the View in CRM button does not work when using Server Side Sync
• Close Appointments from Outlook – It is easy to use Outlook to close CRM tasks but the same thing does not exist for appointments. Check out this tip to learn a potential workaround.

That’s all I have for today. Have a great weekend!

Webinar: Best Practices in Leveraging Extensibility Options for Dynamics CRM

Today, I attended a webinar about extending CRM featuring @MitchMilam hosted by CRMUG. Mitch discussed the extension options, their features and limitations as well as some examples with possible solutions. I wanted to review the main takeaways here.

Always remember there is not one correct answer but many different options. Depending on your situation and requirements, one of the options may be more correct than another.

There are 3 main questions to ask when looking at a project: immediacy, available resources, and Budget.

Immediacy: Does the user need to see what’s happening (JavaScript)? Can it be done on the Save (Plugin, Workflow)? Think about Asynchronous operations versus Synchronous operations.

Available Resources: Do you have someone who can do what you need? Can you hire a programmer?

Budget: Not just money budget (hiring developer, consultant, purchasing a tool) but also time budget. Do you have time to hire someone new or learn a new skill?

I compiled some notes on the tools along with my knowledge of the matter.

Feature	Type	Skill Set	Pros	Cons	Notes
Bulk Import	Built-in	Customizer	Allows you to quickly create records from a file	Limited duplicate checking against only one entity, cannot create additional records	Consider instead writing a custom App that can do exactly what you need
Bulk Edit	Built-in	Power User	Quickly update a set of records	Same edit to all, no logic
Advanced Find	Built-in	Power User	Find specific groups of records for other operations (Marketing Lists, etc.)	Limitations	This came up in the context of deleting E-mail Attachments - you can find E-mails with Attachments by using Advanced Find but you can only delete the whole message not just the Attachment.
Workflows	Built-in	Customizer	Quick, no developer necessary, can create/update records, send e-mails, etc.	Limited processing options but can be extended with Custom Workflow Activities, all run asynchronously
Dialogs	Built-in	Customizer	Allows for user interaction	Requires user interaction, cannot be run on multiple records, runs as the user	Note: if a Dialog calls a child workflow it runs with similar access to an on-demand workflow, as the user.
Field Level Security	Built-in	Customizer	Can allow user to see/update the data only if they are included on the FLS Profile	Based on User/Team membership not security roles	See more information in my earlier post
Role Based Forms	Built-in	Customizer	Can hide data from the form but expose to other users, based on Security roles	Data is only not visible on the form, users would still have access in Advanced Find	This could be combined with FLS for more granular permissions
JavaScript	Extension	Customizer	Can run whenever the form is loaded, saved or a field is changed; does not necessarily require a developer	Performance (form load time) can become an issue
Plugins	Extension	Developer	Can be asynchronous or synchronous; can run as the user or as another user	Runs on the save, user will not see the change unless they refresh; requires a developer
External Applications	Extension	Developer	Can be designed to fit any business need; many options	Requires a developer and time to design/write.

 If you are a CRMUG Collaborate user, you can watch the recording and download the slides.