A company has two business units: Sales and Marketing.
The Sales department divides its salespeople into East, West, and Central divisions.
The Sales division managers have access to all sales data and need read-only access to the records in a custom table in the Marketing business unit.
What two steps will you advise the company to take for Sales Managers access to the Marketing custom table?
Click on the arrows to vote for the correct answer
A. B. C. D. E. F. G.Correct Answers: A and G
The Business unit security model is the basis for Dataverse security.
The model controls access to the data using security roles, teams, and users.
By linking all of them together, you are getting a role-based security model.
By default, the Organization is a top-level of a business unit hierarchy.
Each business unit has a default team.
You cannot change or delete the default team.
You must assign every user to only one business unit.
The business unit security model uses security roles to assign them to the users or teams.
A team also can consist of users from different business units.
The most effective way to manage security is to provide access to the teams instead of individual users.
In this case, you do not need to change any user's settings.
You just add the new user to the team.
To provide access to the data in another business unit, you need to create a new team in that business unit, like the Marketing team in a Marketing business unit.
Then you can add sales managers to this team.
If needed, you can create a specific security role to access the data in this business unit and assign this role to the new team.
All other options are incorrect.
For more information about Dataverse security teams management, please visit the below URLs:
To allow Sales division managers to access the records in a custom table in the Marketing business unit, the company can take the following steps:
Create a new Marketing Team in a Marketing business unit: The first step is to create a new Marketing Team in the Marketing business unit where the custom table exists. This team will serve as a container for the Sales division managers who need access to the custom table. The team can be created by a user with appropriate security roles and permissions.
Share custom table with each Sales manager: The next step is to share the custom table with each Sales division manager individually. This can be done by granting them read-only access to the custom table. The access can be granted through security roles or by adding them to a team with appropriate security roles.
Alternatively, the following steps can be taken:
Create a new SalesMarketing Team in a Sales business unit: Instead of creating a Marketing Team, a new SalesMarketing Team can be created in the Sales business unit. This team will serve as a container for the Sales division managers who need access to the custom table.
Add Sales managers to the SalesMarketing team: The Sales division managers who need access to the custom table can be added to the SalesMarketing Team. This team can then be granted read-only access to the custom table.
It is important to note that adding Sales division managers to the MarketingAD group (option C) or creating a new Azure AD MarketingAD group (option F) is not a recommended solution for this scenario. This is because the MarketingAD group is not specific to the custom table and may grant access to other records in the Marketing business unit that the Sales division managers do not need to access.