An essential step in securing and managing the accessibility of a business’s data, you’re dealing with a significant element in the PL-200 Microsoft Power Platform Functional Consultant exam. This article will guide you through the process of setting up hierarchy security in Microsoft Power Platform and the accompanying scenarios in which different setup variations might be advantageous for your business.

Table of Contents

I. Understanding Hierarchy Security

Hierarchy security provides an additional layer of security to secure and manage data visibility in line with the structure of your business. It offers row-level security in Microsoft Power Platform by enabling managers higher up in the hierarchical structure to access the records owned by the individuals that report to them.

An important thing to note is that Hierarchy Security is not exclusive; it can work in conjunction with Owner Teams, Business Units, and other security operations already existing in your system.

II. Configuring Hierarchy Security

To configure hierarchy security, first, navigate to the security settings.

  • Step 1: Go to settings -> Security -> Hierarchy Security and switch the Hierarchy Model to “On”.
  • Step 2: Determine the Hierarchy Depth. This specifies how far vertically the manager can see the records. If you set it to 3, a manager can see her direct reports, her report’s reports, and one level further.
  • Step 3: Create and manage the Managers hierarchy. You will need to manually set each manager’s direct reports.

III. Role-Based Hierarchy Model and Managers Hierarchy Model

You have the option of implementing either a Managers Hierarchy Model or a Role-Based Hierarchy model in Power Platform. Here is how they differ:

  • Managers Hierarchy: This model is built on the pre-defined Manager field inside the system user record. If you choose this model, you must manually set each manager’s direct reports.
  • Role-Based Hierarchy: This model simplifies the hierarchy maintenance process by automatically using any security roles that are common between security groups.

Here’s a comparison:

Managers Hierarchy Model Role-Based Hierarchy model
Manual, more time-consuming Automatic, saves time
Limitless, can be specified until Nth level Only one level hierarchy
Manager field on system user record Uses common between security groups

IV. Hierarchy Security Performance Considerations

Please note that hierarchy security can significantly impact your system performance, especially when running complex queries with multiple tables. Therefore, it’s important to be cautious when implementing multi-level hierarchy security and only dedicate sufficient hierarchy levels as necessary.

A well-configured hierarchy security model guarantees that managers (or higher roles) can access records owned by their subordinates. This crucial security management aspect should never be overlooked during the PL-200 Microsoft Power Platform Functional Consultant exam.

Every organization is unique, and what might work for one may not work for another. Take the time to assess the structure of your business or the entity you’re consulting for, and implement a hierarchy security model that appropriately caters to your needs.

Practice Test

Hierarchy security provides another layer to record-level security in Microsoft Power Platform.

  • True
  • False

Answer: True

Explanation: Hierarchy security models the manager and subordinate business structure, and can be used in combination with other security methods to help control the data that is accessible to users.

Hierarchy security is managed using a system-wide setting rather than on individual user accounts.

  • True
  • False

Answer: False

Explanation: Hierarchy security is applied to individual users. Each user would be assigned into a hierarchy.

Multiple Managers can be assigned to a subordinate in a hierarchy model.

  • True
  • False

Answer: False

Explanation: Only one manager can be assigned to a subordinate in a hierarchy but a manager can have multiple subordinates.

A depth of 4 in hierarchy security means:

  • A user can access data up to four levels above them in the hierarchy.
  • A user can access data up to four levels below them in the hierarchy.

Answer: A user can access data up to four levels below them in the hierarchy.

Explanation: In hierarchy security, the depth indicates how many layers down the hierarchy a user can access data.

Users below a certain user in the hierarchy can see records that the user owns.

  • True
  • False

Answer: False

Explanation: Users above in the hierarchy can see the records that a user owns, not the users below.

Configuring hierarchy security changes the user’s base security role.

  • True
  • False

Answer: False

Explanation: Configuring hierarchy security doesn’t change a user’s base security role. It just provides an additional layer of privileges.

The main purpose of hierarchy security is to give specific users access to records based on their position in the hierarchy.

  • True
  • False

Answer: True

Explanation: Yes, hierarchy security is used to grant access to records based on positions in the hierarchy rather than individual record ownership.

You can configure security roles in the hierarchy.

  • True
  • False

Answer: False

Explanation: In hierarchy security only user position is configured, not security roles.

Hierarchy security applies to custom entities.

  • True
  • False

Answer: True

Explanation: Hierarchy security applies to all custom entities that are owned by a user or team, including cases, opportunities, leads, activities, and custom entities.

To use hierarchy security, it must be enabled at the system level.

  • True
  • False

Answer: True

Explanation: Yes, to use hierarchy security, first, it must be enabled at the system level.

What security model in Microsoft Power Platform allows a manager to view the records of their subordinates?

  • Role-based security
  • Record-based security
  • Field-level security
  • Hierarchy security

Answer: Hierarchy security

Explanation: Hierarchy security allows a manager to see the records owned by or shared directly with the subordinate user.

Sharing can be disabled in hierarchy security.

  • True
  • False

Answer: False

Explanation: In hierarchy security you can’t disable sharing, it occurs automatically when a user is added to a hierarchy model.

The position of a user in the hierarchy affects which records the user sees.

  • True
  • False

Answer: True

Explanation: Higher level users in the hierarchy can see the records of users lower in the hierarchy.

Hierarchy Security is intended to reflect the reporting structure within an organization.

  • True
  • False

Answer: True

Explanation: Hierarchy security models the manager and subordinate relationships which reflect the reporting structure within an organization.

You can assign multiple hierarchy security models to the same user.

  • True
  • False

Answer: True

Explanation: A user can be included in multiple different hierarchy security models. However, a user can only have one manager in each hierarchy security model.

Interview Questions

What is hierarchy security in Microsoft Power Platform?

Hierarchy security is a more granular security model that gives access to records based on a user’s position in the company’s organization hierarchy.

What types of access does a user have in hierarchy security?

The user has basic access rights on the specific records that they own and also additional rights on records owned by subordinate users in the organization hierarchy.

How many hierarchy models can you define in Microsoft Dynamics 365?

You can define up to four separate hierarchy security models.

Are there any limitations on the depth of the hierarchy security model hierarchy?

No, there are no limitations on the depth of hierarchy.

How does Hierarchy Security Model differs from the existing Security Model in Microsoft Platform?

While basic security roles provide a horizontal restriction of access rights based on users with the same security role, the Hierarchy Security offers a vertical extension of access rights based on the reporting structure of the organization, providing multiple levels of record access.

How can you activate hierarchy security?

You go to Settings, click on Security, and click on Hierarchy Security. Once the setup box opens, click the ‘Enable Hierarchy Modeling’ checkbox and make the needed configurations.

How many levels can be maintained in the hierarchy structure?

In the hierarchy security model, you can maintain up to a thousand levels.

What is the use of a position entity in the hierarchy security model?

The “Position” entity helps structure the organization’s hierarchy. A record in the Position entity represents a job function within a branch or department.

Can the Manager (non-admin user) access the records of his/her subordinates?

Yes, the Manager can access the records of his/her subordinates based on the hierarchical security model.

What are the key elements to setting up hierarchy security?

The key elements for setting up hierarchy security are defining hierarchy depth, enabling hierarchy security, setting up the manager and position hierarchy, and assigning it to security roles.

What happens when a user has multiple managers in the hierarchy security model?

If a user has multiple managers holding the same position, the user will inherit the highest level of rights from both managers.

How can I view the Hierarchy of an individual record?

You can view the Hierarchy of an individual record by opening the record and navigating to the hierarchical chart.

Can we Disable Hierarchy Security in the Power Platform?

Yes, Hierarchy Security can be disabled. If it is disabled, the system will revert to using the basic security model.

Can hierarchy security and business units work together?

Yes, hierarchy security can be used in conjunction with business units and other security models.

When the hierarchy security is enabled, does it overwrite the existing security model?

No, the foundational security model still applies when hierarchy security is enabled. Hierarchy security just extends access levels vertically in an organization.

Leave a Reply

Your email address will not be published. Required fields are marked *