I have exported a solution from one of my existing CRM Online instance, and imported to another new instance which is also CRM Online 2016.
The solution contains customized Opportunity entity (forms, views, fields, processes, etc), and a custom Security role.
The solution contains one custom field "Follow up Contact" which is of lookup type and referencing to Users entity.
After importing the solution, I have assigned one of the user to the custom security role in new instance.
Now, when I try to create a new opportunity, and try selecting "Follow up Contact", I am seeing no user in the list, whereas the associated view is expected to display at least 5 users. Also, when I try clicking on "Look for more records", I get following error -
"You do not have sufficient privileges to open this Lookup dialog box."
Whereas, users with same security role in the source solution can see the items in the "Follow up Contact" dropdown, and also that "Look for more records", work fine for them.
Any idea what could be the possible reason? Are there any changes in terms of security roles in latest upgrade of CRM Online?
Well strange things do happen!!
I opened the form in designer mode.. disabled the execution of the particular method which contains scripts for setting default value to the lookup control.
Published the solution.
Then again, enabled the script execution...
and to my surprise, the lookup field started working...
Just had this problem and here is what worked for us.
We had a custom entity that was related to the out-of-the-box Account entity. We had 3 lookups on that custom entity to Account. Even with System Administrator role, none of our users could get any records to return from the lookup search and we got the error message specified in the title.
We ended up deleting ONE of the lookup fields (picked the one with least dependencies). We added that field and its dependencies back in. It was annoying manual process, but after this all THREE of our lookup fields were fixed.
I'm guessing the Account-Custom Entity relationship XML behind the scenes was corrupted somehow, and deleting/recreating cleaned it up.
Related
I have imported users from AD and keep syncing them for a while. Today two of users' display names have been changed on AD and SharePoint synced them correctly. Just to be sure, I checked users from User Profile Service App which looks OK. New names are appearing correctly.
Yet when I try to add a list item and select user from people picker, I get old user info. This also happens when I try to insert a list item programmatically.
Tried to delete users from SharePoint, however I still get same old users. Do you have any idea for solving this situation?
Thanks in advance.
I found the solution. There was an another User Profile Service Application which was not used and not properly configured. Weird point is, that malconfigured app was not listed on service applications. I found it by using Get-SPServiceApplication cmdlet and removed it. After removal, did a full synchronization and voila! Now I can get current information.
This is may be because entry in SharePoint's hidden user-list - User Information List.
Browse to this list - http://{SiteCollectionURL}/_catalogs/users/detail.aspx
Check for the display name of the users you have updated. If you see old user name instead of new/updated, delete these users from this list.
After this ask user to login to the same site again.
I'm customizing some NetSuite objects (forms, etc) including the Employee Centre's Time Tracking form. We want the people recording time (external contractors) to be able to enter time only against the projects and project tasks they have been explicitly assigned to.
So far it's going well, the only major problem is how to restrict what Customers they can see.
Currently the Customer field is where the system expects them to enter the name of the project, however that field will try to be "helpful" by listing/searching across the names of our customers as well. I'm using a customized version of the OOTB Time Tracking form.
How can I restrict the system so that the user can only see the projects they have been assigned? Or in other words, not see the entire customer base.
It's ok if they can also see the customer to whom the project belongs, and I'm open to solutions that are based on user access in the back-end (member for a group/role whatever, or, changing the way the Customer field works on the custom Time Tracking form.
We have one list in sharepoint in which users can add their record.
There is one column which should default to a value,but should not be visible to the user.
Admins should be able to see it and edit it.
I edited the original view to hide that column. But on edinting the hidden column is still available for editing.
Created a new view with different URL for admins with that column as well.
Is the approach correct?
How can I default value of the column when user adds a record.
How can I different permissions for different view?
From this article:
Once a user has access to an item or document, it is not possible to
restrict their access at a column level. The permission the user has
to the item (view, edit, delete, create) is the permission the user
has to all columns in the item.
Microsoft product group members have said, repeatedly and in all kinds
of forums, that column-level security is not supported and, when asked
about future versions of SharePoint, have said (in effect) “over our
dead bodies.”
The issue seems to be performance. Column-level security would put
such a burden on every activity that SharePoint and (more
specifically) SQL would not be able to scale in the near-infinite
manner that Microsoft requires in order to support a feature.
The article also elaborates on approaches you can use to secure SharePoint at the column level but warns that:
Make sure that you test any approaches against your workloads and
content, to be sure that the impact on performance is understood and
acceptable.
There's a project on CodePlex - SharePoint Column & View Permission - which also might be able to help you out.
Business Case :
Every time Permission Inheritance is broken, I need certain custom things (through code) to happen on my SharePoint environment.
Details: If user clicks on Site Settings -> Site Permissions -> "Stop Inheriting Permissions", I need a custom code called so that certain actions can be performed like changing the group name, make an entry in the global list etc...
Image : http://i.stack.imgur.com/z2eo6.png
Even Receivers are not new in SharePoint 2013. They did exist in previous versions of SharePoint. But they are still limited and I could not see one which gets triggered with users' action of clicking that button i.e. Stop Inheriting Permissions. I can capture "Updated" event and check programmatically if permission inheritance was broken but that will fire every time which to me is dirty solution.
If above is not possible then what are other possible alternatives ?
One I know is - Hide "Stop Inheriting Permissions" and create a custom one which will let me achieve above Business Case. But I want to minimize custom coding as much as possible.
Found out an answer the same day I posted the question.
SharePoint does offer class SPSecurityEventReceiver which has required Event Receivers.
(1) InheritanceBreaking (2) InheritanceBroken (3) InheritanceReset in my case.
Hope that helps someone !
We have created some views that show activities assigned either to the current user OR any of the user's teams. The filtering was fairly simple:
Related Activity Parties
- Party equals current user
OR
- Party equals current user's teams
This works great if the user is a member of any team that's not the default. However, if the user is not a member of any team, the view throws an ugly error and doesn't show anything. The error log says "user is not a member of any teams".
I've been playing around with filters, and there seem to be alternative ways to get something similar, but nothing is quite exactly the same. If only there was more flexibility to use the OR and AND groupings.
So, has anyone run into similar issues? I'm thinking about editing the view XML directly, because then I can or/and filters freely and I'd be able to get exactly what I want. However, I'm not sure how well that all works and how would it look if you tried to edit the view in CRM after it was changed directly in XML.
I can confirm for you that this is an issue in CRM 2011 (still an issue as of Rollup 14.) Wish I had an easy solution. Lazy way around it is to create a do-nothing team, with no security role assigned, and just put every user in it. This is a work-around, not a solution, but it will make the issue go away. Not 'elegant' but it works.
The alternative, as you suggest in your post, is writing custom FetchXML for each query you need this on but that defeats much of the benefit of the Advanced Find Query tool and makes long term maintenance and administration more difficult.