Skip to main content
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Apps - Power Apps Governance and Administ... / How Parent Business Un...
Power Apps - Power Apps Governance and Administ...
Answered

How Parent Business Unit works?

(0) ShareShare
ReportReport
Posted on by Dave Wi

Hello,

 

As per my understanding, users in Parent BU will have access on every child BUs resources that comes under that parent BU.

 

Please find the setup as follows:

 

BUParent BUTeamTeam Security RoleUser
IT001 Admin BUOrgBUIT001 Group TeamApp Security RoleIT001U1
IT002 BUIT001 Admin BUIT002 Group TeamApp Security RoleIT002U1
IT003 BUIT001 Admin BUIT003 Group TeamApp Security RoleIT003U1
IT004 BUIT001 Admin BUIT004 Group TeamApp Security RoleIT004U1

Security Role is scoped at BU level for write and delete operations while rest of the operations are at org level.

 

Now, as per the above setup, I assume, user IT001U1 can have access on everything created under IT001 Admin BU, however records are still behaving as per the assigned security role to IT001U1.

 

Can you please clarify, what access level users get when added into the Parent BU? What is the importance of adding user into Parent BU?

 

Thanks and Regards,

Categories:
Management
Environment
  • Dave Wi Profile Picture
    Dave Wi on at
    Re: How Parent Business Unit works?

    Thank you for your time on this! Awesome you!

     

    Regards,

  • Mira Ghaly Profile Picture
    Mira Ghaly 11,409 Super User 2025 Season 1 on at
    Re: How Parent Business Unit works?

    @dave8 

    Exactly for the Model Driven app it is all dependent on the Security Role.

  • Dave Wi Profile Picture
    Dave Wi on at
    Re: How Parent Business Unit works?

    Yes, this information I am aware of, however does it mean that user from parent BU must have security role assigned to the app, even if the app is shared with parent-child BU scope role to user from child BU in order to see app created in D365 ?

     

    Meaning, there is nothing like an Admin rights on group of teams - but it's all about "Security Role" assignment to the user/app?

     

    Thanks and Regards,

  • Mira Ghaly Profile Picture
    Mira Ghaly 11,409 Super User 2025 Season 1 on at
    Re: How Parent Business Unit works?

    @dave8 

    When a Model Driven App is created , the users accessing the app will be dependent on the Security Role assigned to the App, So any user with the same security role assigned to the APP can access the Model Driven Apps.

     

    For Canvas app , any user whom the canvas app is shared with can access the App.

     

    Of course this is based on the Assigned Licenses to the users.

     

    If this post helps you with your problem, please mark your as Accepted solution.

    If you like my response, please give it a Thumbs Up.

    MG (Naturally Curious)

     

     

  • Dave Wi Profile Picture
    Dave Wi on at
    Re: How Parent Business Unit works?

    anything created by user from child BU under D365, so Model driven App.

     

    How to make user from Parent BU to see everything (App,entity,records - anything in D365) done by user from Child BU?

     

    Thanks and Regards,

  • Mira Ghaly Profile Picture
    Mira Ghaly 11,409 Super User 2025 Season 1 on at
    Re: How Parent Business Unit works?

    @dave8 

    What type of app you are referring to?

  • Dave Wi Profile Picture
    Dave Wi on at
    Re: How Parent Business Unit works?

    Hi @Mira_Ghaly 

     

    Thank you for your response, it was very helpful.I see after changing the BUs of users and Security role  with Child-Parent BU scope, users from parent BU can work on records created by users from child BU - If both the users have same security role assigned and hence app.

     

    so, this is about the CDS records impact with parent-child BUs, however how about the app.

     

    Let's assume that user from child BU has created an app, then will this app be visible by user from parent BU? or it can only be visible if user is assigned with the app's security role?

     

    How to make user from Parent BU to see everything (App,entity,records - anything in D365) done by user from Child BU?

     

    Thanks,

     

  • Verified answer
    Mira Ghaly Profile Picture
    Mira Ghaly 11,409 Super User 2025 Season 1 on at
    Re: How Parent Business Unit works?

    Hi @dave8 

    It depends on how you configure your security role , so if the User in Parent Organization and needs to access records in the Child organization so the access should be as below:

    Mira_Ghaly_0-1597136553511.png

     

     

    If this post helps you with your problem, please mark your as Accepted solution.

    If you like my response, please give it a Thumbs Up.

    MG (Naturally Curious)

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities

Quick Links

Paul Stork – Community Spotlight

We are honored to recognize Paul Stork as our July 2025 Community…

Congratulations to the June Top 10 Community Leaders!

These are the community rock stars!

Announcing the Engage with the Community forum!

This forum is your space to connect, share, and grow!

Leaderboard > Power Apps

#1
WarrenBelz Profile Picture

WarrenBelz 791 Most Valuable Professional

#2
MS.Ragavendar Profile Picture

MS.Ragavendar 410

#3
mmbr1606 Profile Picture

mmbr1606 275 Super User 2025 Season 1

Last month Overall leaderboard

Featured topics

Product updates

Microsoft Power Platform Community release plans