[In addition to blogging, I am also now using Twitter for quick updates and to share links. Follow me at: twitter.com/pabloperalta] Error “The signed-in user does not have the appropriate security permissions to view these records or perform the specific action” while setting up dynamics crm outlook client - Pablo Peralta's Blog

Error “The signed-in user does not have the appropriate security permissions to view these records or perform the specific action” while setting up dynamics crm outlook client

Hi,

While setting up CRM 2011 Outlook Client I came across the following error:

“The signed-in user does not have the appropriate security permissions to view these records or perform the specific action..”

image

As I could fine almost no information about this issue I decided to share here the steps I went through to sort this out:

 

  • Downloaded CrmDiagTool 2011 from here.
  • Run the tool and Enable Tracing.

image

  • Tried again Configuration Wizard in order to reproduce the error.
  • Once reproduced, I disabled tracing and then click on “Open Trace Directory” within the CRMDiagTool (usually, it will be folder “C:\Program Files\Microsoft Dynamics CRM\Trace”).
  • Opened last modified file with the name “xxx-CRMWeb-xxx” and search for “Checking Privilege” text.

I got several results similar to:

Checking Privilege for UserId: {FB5B699E-754E-46F2-AAD9-2AA98304ECB7}, PrivilegeId: {94C3AC2C-EB23-41CB-A903-4E2E49E910B4}. Returned hr = 0

  • Copied the PrivilegeId GUID.
  • Then, opened SQL Server Management Studio and run the following query against your Organization DB:

select Name,  * from PrivilegeBase where PrivilegeId = 'privilege id without brackets’ , for instance:

select Name,  * from PrivilegeBase where PrivilegeId = '94C3AC2C-EB23-41CB-A903-4E2E49E910B4'

  • In my case, this query returned the following result:

image

  • So, I could see that what the user needs privileges to read sdk messages. So, I opened the role he belongs to and grant that privilege:

image

  • Saved the role and tried again Configuration Wizard.
  • Unfortunately, it failed again Sad smile.

 

  • So, I decided to go over each result in the log file and find out each privilege the system were checking against. I found out that the privileges that were being checked were the following ones:

 

{94C3AC2C-EB23-41CB-A903-4E2E49E910B4} prvReadSdkMessage: Customization –> Sdk Message

{902D70D3-2FF8-4D93-92F9-8EFDCF889AF8} prvReadQuery: Customization –> View

{B9C59CEF-F5D1-46B4-8C3B-8A38906C8C0E} prvReadSystemForm: Customization –> System Form

{7BB3B531-AC45-4977-89C8-B99768E55AB8} prvReadCustomization: Customization –> Customizations

{B64E92C8-5D2A-4052-A026-1B73EFF9CEBF} prvReadSolution: Customization –> Solution

{8CDEBADE-6187-440D-B041-5B3F3D84DB53} prvReadPublisher: Customization –> Publisher

{DB10A828-EC49-4035-8B7E-C58EFAF169EC} prvReadSdkMessageProcessingStep: Customization –> Sdk Message Processing Step

{122E085F-8C52-47E8-8415-875DEE1C961E} prvReadSdkMessageProcessingStepImage: Customization –> Sdk Message Processing Step Image

{F5B50296-A212-488A-BE92-CBCCA8971717} prvReadPluginAssembly: Customization –> Plug-in Assembly

{76FAAD15-BC44-4F4D-84DC-DD1E1DDA74D9} prvReadUser: Business Management –> User

{DBD3AD17-B6BD-46C8-8DB7-179FEC82C937} prvReadOrganization: Business Management –> Organization

{4156DB68-93E2-4A83-8CBB-5BB344EBAF47} prvReadWebResource: Customization –> Web Resource

{8437FA7C-3681-4FC7-BFD8-53A23FDECD65} prvReadUserSettings: Business Management –> User Settings

{663D1920-56E1-4166-89F0-47F3330923A8} prvReadTeam: Business Management –> Team

{222A920A-2778-4564-85CB-E78DDE8E4276} prvReadRole: Business Management –> Security Role

{6B4A9461-0105-4F4A-A047-FE1B4FEF02E7} prvReadWizardAccessPrivilege: Core Records –> Web Wizard Access Privilege

{D55D6EB9-D1E7-4EE9-A492-775015CF2F1F} prvReadWebWizard: Core Records –> Web Wizard

{024CA4FF-65BD-4381-84A5-A531285E9CE1} prvReadWizardPage: Core Records –> Wizard Page

{BD57CFA5-8495-4B3E-B358-DA246BA797B5} prvCreateWebResource: Customization –> Web Resource – create privileges

 

  • So, after granting ALL of the above privileges, I could finally set up CRM Outlook Client.

TIP: You can also look for the string ‘is missing’ to go straight to the lines where the trace says exactly which privileges are missing and preventing from running the operation. Obviously, I found it a bit later but it’s also useful in other cases where appears the same error :p).

Hope it helps to save you some time ;).

PP [twitter: @pabloperalta]

Published Tuesday, November 1, 2011 9:28 AM by pablop

Comments

# re: Error “The signed-in user does not have the appropriate security permissions to view these records or perform the specific action” while setting up dynamics crm outlook client

Friday, December 2, 2011 3:59 PM by Donna Edwards

Nice write-up Pablo, thanks!

# re: Error “The signed-in user does not have the appropriate security permissions to view these records or perform the specific action” while setting up dynamics crm outlook client

Monday, December 19, 2011 9:30 PM by pablop

Thank YOU dear Donna!

# re: Error “The signed-in user does not have the appropriate security permissions to view these records or perform the specific action” while setting up dynamics crm outlook client

Tuesday, June 12, 2012 11:09 AM by Jan Schwarz

...still not workin for me :-/

# re: Error “The signed-in user does not have the appropriate security permissions to view these records or perform the specific action” while setting up dynamics crm outlook client

Tuesday, June 12, 2012 1:38 PM by pablop

@Jan, if you look for the string ‘is missing’ in the log, do you find some error? If so, you may need to add those privileges to the user as shown above.

If not the case, have you tried with an IIS reset (if possible), just to be sure to remove any potential cached data?

thanks

PP

# re: Error “The signed-in user does not have the appropriate security permissions to view these records or perform the specific action” while setting up dynamics crm outlook client

Friday, June 22, 2012 5:10 AM by Jan Schwarz

atm i got no possibility to debug on our live system cause of sysadmin... im just buildin a test setup, to install debug tool there... can you send me screenshots of a security role, that got minimum rights with possible outlook integration, maybe i can use it as base role.

# re: Error “The signed-in user does not have the appropriate security permissions to view these records or perform the specific action” while setting up dynamics crm outlook client

Thursday, July 26, 2012 12:13 PM by Brad

I actually went as far as adding the user to the System Admin role.  He has all rights.  I still get the same error.  This problem is happening to me on three different machines in my environment.  I've set up all other machine no problem.

# re: Error “The signed-in user does not have the appropriate security permissions to view these records or perform the specific action” while setting up dynamics crm outlook client

Tuesday, November 20, 2012 8:54 AM by MikeL

Great tips, thanks.  Saved me loads of time!

# re: Error “The signed-in user does not have the appropriate security permissions to view these records or perform the specific action” while setting up dynamics crm outlook client

Wednesday, April 10, 2013 11:04 AM by Tim

Thank you for helping, Pablo

# re: Error “The signed-in user does not have the appropriate security permissions to view these records or perform the specific action” while setting up dynamics crm outlook client

Wednesday, September 4, 2013 4:02 PM by Roman

Thank you Pablo for the detailed list of privileges!

Leave a Comment

(required) 
(required) 
(optional)
(required)