Is there an available powershell command for handling security roles?
Here is a sample security roles:
Security Role: Sample Standard User
Entity: Contact
Privilege: Read, Append, and Append To
Security Role: Sample Advance User
Entity: Contact
Privilege: Create, Read, Write, Append, and Append to
Security Role: Sample Admin User
Entity: Contact
Privilege: Create, Read, Write, Delete, Append, and Append to
Configuration for security roles in microsoft dynamics is tedious right? Using this example, the goal is to replicate a specific security role then apply additional privileges.
Now using the example given above, if we can replicate "Sample Standard User" using powershell to create "Sample Advance User" then add "Create and Read" privilege (again using powershell), we can skip the tedious part of the configuration and create a them programmatically instead.
If i have understood correctly, you can utilize the following code piece that i used for dynamics roles creation assignment and expiration.
Install-Module -Name Microsoft.Xrm.Data.PowerShell -AllowClobber -Scope CurrentUser
Import-Module Microsoft.Xrm.Data.PowerShell
$connection = Get-CrmConnection -InteractiveMode
Retrieve the Original Security Role:
$originalRole = Get-CrmSecurityRole -conn $connection -RoleName "Sample Standard User"
Clone the Security Role:
$newRole = New-CrmSecurityRole -conn $connection -OriginalRole $originalRole -NewRoleName "Sample Advance User"
Add Privileges to the New Role:
$entityName = "contact"
$privileges = @("Create", "Write")
foreach ($privilege in $privileges) {
Set-CrmSecurityRolePrivilege -conn $connection -RoleId $newRole.RoleId -EntityName $entityName -PrivilegeName $privilege -AccessLevel "Organization"
}
to Verify the Changes:
$updatedRole = Get-CrmSecurityRole -conn $connection -RoleName "Sample Advance User"