Contents

Tamarac Security Roles for Required Permissions

Tamarac Security Roles for Elevated Permissions

Tamarac Security Roles for Dashboard Access

Optional Microsoft Roles

 

Security roles in Dynamics 365 control a user's ability to view and interact with data through a set of access levels and permissions. Tamarac Security Roles help assign both essential and more advanced privileges across Tamarac CRM.

The following page is a reference for Tamarac Security Roles and the associated permissions. Consult Support for additional guidance on how and when to assign roles or request for them to be assigned.

Tamarac Security Roles for Required Permissions

The following chart details the required Tamarac Security Roles for all users:

Tamarac Security Role Permissions Who Needs It
Tamarac User (Managed)

  • Log into Tamarac CRM.

  • Create and update records.

 All users
Tamarac Exchange Server-Side Sync (Managed)

Sync data between Dynamics 365 and the Outlook App for Dynamics 365.

 All users
Tamarac Dynamics 365 App for Outlook (Unmanaged) Access the Outlook App for Dynamics 365. All users
Sales, Enterprise App Access

Use the Outlook App for Dynamics 365.

 All users

Tamarac Security Roles for Elevated Permissions

The following chart details the optional Tamarac Security Roles that provide elevated access and privileges:

Tamarac Security Role Permissions Who needs it
Tamarac Report Creator (Managed) Create and edit reports on the Reports page in Dynamics 365. Users who need to be able to create or edit reports. This role is not needed to run reports.
Tamarac Workflow User (Managed)

Create, activate or deactivate, and reassign processes in Dynamics 365.

 Users who need to manage Dynamics 365 workflows. This role is not needed to run workflows.
Tamarac Bulk Edit (Managed) Edit multiple records at once on a page. Users who need to be able to edit records in bulk.
Tamarac Bulk Import (Managed) Create or update records via bulk import in Dynamics 365. Users who need to be able to create or edit records in bulk.
Tamarac Data Manager (Managed)

  • Access the full Advanced Settings and Tamarac Settings areas.

  • Merge records.

  • Request permission changes for themselves and other users in CRM.

  • Approve customization requests.

  • Request backups and restores of data.

  • Request to create sandbox sites for testing.

 Only select users should have this permission. This is the equivalent to being an administrator in CRM.
Tamarac Delete (Managed) Delete records in CRM. Only one or two select users should have this permission to reduce the risk of records erroneously getting deleted from the system.

Tamarac Security Roles for Dashboard Access

The following chart details the optional Tamarac Security Roles that provide access to additional system dashboards:

Tamarac Security Role Permissions Who needs it More Information
Tamarac Firm Record Audit Dashboard (Managed)  Access to view the Firm Record Audit Dashboard.  Users auditing data at the firm level, including compliance officers. Audit Dashboards
Tamarac RMD Planning (Managed) Access to view the RMD Planning Dashboard. Users managing the RMD process for the firm. RMD Planning Dashboard
Tamarac Schwab Alerts & Status Dashboard User (Managed) Access to view the Schwab Alerts & Status Dashboard. Users who need to review all Alert and Status records for the firm, including those not linked directly to particular financial accounts. See Schwab Alerts and Statuses in Tamarac CRM
Tamarac Compliance Dashboards (Managed)

Access to view the following dashboards:

  • Compliance – Leads & Accounts Dashboard

  • Compliance - Activities Dashboard

 Users performing compliance reviews at the firm level, in particular, compliance officers. Compliance Dashboards

Optional Microsoft Roles

The highest level of privileges and customization access is reserved for Microsoft system administrator roles, designed for only a select group of users in your organization.

The following table outlines the Microsoft roles that provide varying levels of system administrator privileges:

Microsoft Security Role Permissions Who Needs It
System Administrator

With Dynamics 365 license: Access all areas and unrestricted permissions across Dynamics 365.

Without Dynamics 365 license: Access only limited areas in the system.

Tamarac Support does not recommend assigning users this role due to the potential of erroneously changing and deleting information across CRM and Dynamics 365. This role should only be assigned to the CRM Org Creator, which is the Tamarac Support user.

A user is automatically assigned the System Administrator role in the following scenarios:

  • Newly created users who are Global Admins in the Microsoft 365 tenant.

  • Certain application users as needed. For example, a Laserfiche application user.

System Customizer

Customize the Dynamics 365 system, including:

  • Create and edit fields, forms, and tables.

  • Customize service requests in CRM.

  • Delete certain fields, forms, tables, and data in CRM.

This role should only be assigned to users who need to make updates to the system and are familiar with how to do so.

A Tamarac Data Manager can request this role by emailing Tamarac Support.