The role based security model in Dynamics CRM is a matrix of privileges (actions) and access levels for various entities.

For example consider the default Sales Manager security role. As shown above for the Account entity Read, Wirte, Append, Append To and Share privileges (actions) can be performed at the Organization level. Create,Delete and Assign can be performed at the Business Unit level.

The following tables summarize the various privileges and access levels applicable to Dynamics CRM platform

In addition to the above each Security Role includes miscellaneous privileges that relate to application features globally.

Dynamics CRM platform uses a role-based security model to give users access to records and features. By default there are 15 Security Roles that comes as part of CRM 2013 installation.

Security Role is created in and remains in the Business Unit. Selecting a Business Unit is mandatory while creating a new Security Role. Users and Teams can only be assigned to a Security Role in their own Business Unit.

All of the child Business Units get copy of the parent Business Unit’s Security Role, and the copied roles are referred to as Inherited Roles.

Of the 15 Security Roles that come out-of-box all of the default roles can be modified except for System Administrator role. Some of the properties of System Administrator role include:

• The role provides all privileges (actions) to all entities and features at the Organization level.
• For all of the custom entities added the System Administrator and System Customizer roles are automatically granted privileges.
• There has to at lease one user at the Sys Admin role in CRM organization.

An organization in CRM platform has a root business unit that will have the same name as the organization.

Subsequent Business Units can be created under the root Business Unit as per the following screen snap-shot;

Few characteristics of root Business Unit:

• Only one root Business Unit can exist, it sits at the top-level and hence cannot be assigned a parent Business Unit.
• Created by Dynamics CRM setup or Deployment Manager if another Organization is created.
• The root Business Unit cannot be deleted or disabled.
• All the Business Units under the root Business Unit can be moved/disabled and deleted.

The various actions that can be performed on the Business Units will be available under More Actions drop down menu

When a Business Unit is disabled all child Business Units are disabled and all the Users attached to the Business Units cannot connect to Dynamics CRM.

Within a Dynamics CRM Solution package the major and minor versions are very important. If there is a mismatch in the major and minor version numbers then the solution import will be unsuccessful.

Example: 

Consider a system running CRM Version 6.0.0.786, a customized solution is exported as managed solution and the version number is 6.1.0.0. Given the differences in minor version numbers the import will fail.

CRM 2013 has introduced a new feature called down-leveling that allows import of solution with different minor version numbers.

The Deployment Manager within Dynamics CRM provides an easy to use GUI interface that facilitates creating / importing organizations. The following screen snap shots demonstrate how it can be acheived:

The Deployment Manager provides the following functions:

• Create / Import organizations
• Create Deployment Administrators.
• View Servers that are used to configure the CRM platform

Installing Reporting Extensions:

When the CRM Deployment Manager console is up and running one of the messages you will notice is that Reporting extensions is not being configured / installed.

In order to install Reporting Extensions, go to the SQL server and run the Dynamics CRM 2013 set up splash screen the following will be screen snap shots:

Default Solution is created for an organization and contains all of the components in system. Difficult to manage and work with Default Solution when customized functionality needs to be implemented. Best practice approach is to create Custom Solution.

Create New Solution Screen:

Display Name and Name: Used to identify the solution.

Version: Contains version information similar to .NET assembilies major.minor.build.revision example: 2.1.10.3

Description: Information about the summary of functionality the Solution package is to provide. Character limit is set to 2000.

Publisher: Indicates who created the Solution. An important field while importing a Managed Solution. There is the capability to attach an exisiting publisher or create a new one.

The Test Lab Guides (TLG’s) are the best source to start setting up COTS platforms in a multi-server environments. The SharePoint 2013 TLG guide can be used to set up Dynamics 2013 platform

http://social.technet.microsoft.com/wiki/contents/articles/1262.test-lab-guides.aspx