Hi All,
Im starting to get abit ticked off with microsoft and its over complicated nature.
Im creating an application in a dev environment and im deploying it to a prod environment.. ive skipped the test environment because this is a very small app and its somewhat of a learning curve for me.
I want to start setting up security roles and privileges but im not sure if its something is should be doing in the dev environment? my understanding is that you deploy a solution to an production environment.. but security roles are set at the environment level? so if i set security roles in the dev environment in the admin center, when i deploy the app.. its only going to deploy the solution right? not copy the security roles across as well, or am i wrong?
so i don't understand any of it tbh, and thats not even asking about whats the difference with privileges' even how to share the app with people
does anybody have a link to a good video that explains all this stuff?
Thanks,
Dan
-
@danny90 -
Should i be creating teams in my dev too?
There is nothing preventing from you doing from this, but this is not needed because as you're likely aware, Business Units and Teams must be set up and maintained in each environment independently. You cannot for example package Teams into a Solution like you would for a Custom Security Role or Column Security Profile. This is because in principle, environments should always act as a security layer to allow for different levels of access based on the security needs for each environment.
Every time i deploy the app i have to reshare with users.. even though I have a team set up with users in the prod environment i have to right click the app and re add them.
Not an issue I have come across before. @dpoggemann over at the Dataverse forum might have some insight on this behaviour.
okay thankyou @Amik im sure ill wrap my head around this one day!
i am aware of some of the content creators you mentioned on YouTube! they're great and have helped a lot to date.
just out of interest.. should i be creating teams in my dev too? it seems every time i deploy the app i have to reshare with users.. even though I have a team set up with users in the prod environment i have to right click the app and re add them. interestingly the team is in the share options already but users (albeit just 1 atm) keep getting prompted to request access. is this a propagation sort of thing where if i left it long enough, eventually access would be allowed. 🤔
Thanks for all your help though! its much appreciated!
@danny90 -
Would Custom Security Profiles also work?
You must include the any Column Security Profiles in the Solution.
I just feel that there must be a more intuitive way to pass security settings between environments.
You are leveraging Solutions to pass security settings between Environments. If you make a change or create a new custom security role in your Developer environment, any changes made to that component in the Developer environment will be updated in the Production environment once the Solution has been imported.
It seems daft to have to setup the security roles once deployed.
Security roles should be set up and configured in your Developer environment, not retrospectively after the Solution has already been deployed into Production.
Do you have any links to any guidance on including them as components?
No but I am sure even a simple Google search will return guidance. Lisa Crosbie, Reza Dorrani and Shane Young all have useful videos on this topic on YouTube.
Including a Security Role or a Custom Security Profile is as simple as opening your Solution and then selecting "Add Existing":
Thank @Amik
That's really helpful, especially the part about including the custom role as a component... would this also work for secured columns?
do you have any links to any guidance on including them as components?
I just feel that there must be a more intuitive way to pass security settings between environments.. if I deploy an app with basic functionality that grows over time.. it seems daft to have to setup the security roles once deployed.
Thanks,
Dan
@danny90 -
I want to start setting up security roles and privileges but im not sure if its something is should be doing in the dev environment?
Assuming we are not talking about Dataverse for Teams (which applies security differently), each Environment in your tenant will share the same predefined security roles (e.g. Basic User, System Administrator, Environment Maker).
Custom security roles on the other hand will set at the Environment Level. Assuming you know what a Custom Security Role is, best practice would be to include the Custom Security Role as a component inside your Unmanaged Solution in your Developer Environment prior to exporting that Solution as Managed in your Production environment.
When i deploy the app.. its only going to deploy the solution right? not copy the security roles across as well, or am i wrong?
Correct, unless you also include any Custom Security Roles in your Solution as described above.
MS.Ragavendar
32
Rajkumar_M
16
Super User 2025 Season 1
mmbr1606
16
Super User 2025 Season 1