There are times when users will not have access to resources in Dynamics 365 when they should. Dynamics 365 will throw an error based on the type of denied access. Generally, these access errors can be resolved by determining what the resource is the user is trying to access and then granting the user access to the resource through an security role.
For example, if a user wants to assign a security role to another user, they click on Manage Roles, and select a role, then click OK. If they do not have permissions to do this, they will get this message below – “Insufficient Permissions – You do not have permission to access these records”:
To determine what the problem is here, click Download Log file.
Search for the ErrorDetails and Message:
In this case, we see:
<ErrorDetails xmlns:d3p1=”http://schemas.datacontract.org/2004/07/System.Collections.Generic” />
<Message>RoleService::VerifyCallerPrivileges failed. User: d80e105b-9115-e711-810d-c4346bac4b68, PrivilegeName: prvAppendmsdyn_PostAlbum, PrivilegeId: 48119620-9202-44fd-b96d-ed6e77cc52c1, Depth: Basic, BusinessUnitId: 7e027aa6-8713-e711-810c-c4346bac6954</Message>
The privilege name is prvAppendmsdyn_PostAlbum.
We can determine what security is required from the Microsoft link below:
Searching for prvAppendmsdyn_PostAlbum we can determine the problem is Append on the ProfileAlbum entity:
In our security role assigned to this user, we can find that entity and assign that privilege:
If a user does not have enough access to log into Dynamics CRM, they will see this message: Microsoft Dynamics 365 : Insufficient Permissions – You do not have permission to access these records. Contact your Microsoft Dynamics 365 administrator.
The user security role will need to be updated to include additional base permissions.