web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

Welcome to the Power Platform Communities
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Apps / Business units/record ...
Power Apps
Answered

Business units/record owners when in multiple AAD teams

(0) ShareShare
ReportReport
Posted on by HFG 522

Hi all, 

 

Once again I turn to this wonderful community for some advice.

I am modelling the security for our solution. We have various locations and in all of those locations multiple roles (the same in all locations). Users should only have access to the tables for their role and data from their location. We would like to control access through AAD Security Groups. I have come up with the following:

 

Teams linked to AAD groups: one team for each location and role ie. UK, USA, France, CEO, CTO, Manager

Each user will be a member of 2 teams: Location + Role

The location teams will have the business unit for their location, the role team will have the main BU

The role teams will be linked to security roles to manage the access to the tables

I would like to put the access at user level so that we can assign records to the location team and restrict access only to records from the correct location. 

 

My questions are:

1) If a user is in multiple teams, how do you assign a record to their team? Which team is considered their main team?

2) If the user is in two AAD teams which both have different BUs, which is considered the users business unit? 

3) Does the order in which a team is created/the order a user is added to an AAD group affect which BU/team is considered their BU/team? 

 

Anything else I haven't thought about? 

 

Thanks in advance.

Categories:
Microsoft Dataverse with Power Apps
I have the same question (0)
  • Verified answer
    Drew Poggemann Profile Picture
    Drew Poggemann 9,287 Most Valuable Professional on at

    Hi @HFG ,

     

    1.  The User has a business unit assigned outside of the teams.  This is their primary business unit and when you setup security roles it will look at this business unit when the record is owned by the user.

    2.  User can be in multiple teams and these can be across business units which would give users in BU A access to records in BU B if the record is owned by a team they belong to.  There is no "primary" team, whatever team you set ownership on the record is what is utilized for security.

    3. This question is answered by #1 and #2.

     

    Note, new functionality is in preview around Modern Business Units.  Please check out Scott Durow's video here https://youtu.be/dVGklfmVr6s around this capability.

     

    Also, you are setting up teams by position as well, you might want to look at the following (which might be useful) where you can have hierarchical security of records based on manager or position:  https://docs.microsoft.com/en-us/power-platform/admin/hierarchy-security

      

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities

Quick Links

Introducing the 2026 Season 1 community Super Users

Congratulations to our 2026 Super Users!

Kudos to our 2025 Community Spotlight Honorees

Congratulations to our 2025 community superstars!

Congratulations to the February Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Apps

#1
WarrenBelz Profile Picture

WarrenBelz 525 Most Valuable Professional

#2
Haque Profile Picture

Haque 273

#3
Kalathiya Profile Picture

Kalathiya 232 Super User 2026 Season 1

Last 30 days Overall leaderboard

Featured topics

Auto-Populate field Power Pages
Gallery Tabs - Show or Hide Tabs based on Field Value
How to patch multiple records at once
Enable Copilot for end users in model-driven apps
Question for everyone : How are you using Create Text GPT in AI Builder?
Community content - sample components, blogs etc. - Link to this page (http://aka.ms/PCFdemos)
Welcome to the Power Apps forum!

Product updates

Microsoft Power Platform Community release plans