August 2019 – Learning Refresh

Today I went through an issue where I had a custom security role (Business Admin) having almost the same privilege as system admin user expect the update permission on custom master entities.

Issue: When user having Business Admin role was trying to assign security roles to other users then suddenly a message popped up on screen as permission issue.

RoleService::VerifyCallerPrivileges failed. User: a52a0940-6fde-e811-a96a-000d3af05828, PrivilegeName: prvReadOfficeGraphDocument, PrivilegeId: 39016011-ae1a-41d1-9a22-a2611ad16702, Depth: Global, BusinessUnitId: be4a982d-8cd0-e811-a964-000d3af05df5 If you contact support, please provide the technical details.

Reading the above message it is clearly state that read privilege needs to be provided on OfficeGraphDocument entity. But The entity is not visible on the security role form therefore the system admin user cannot go ahead and provide the permission

While investigating on the issue I found that Office Graph integration for Dynamics 365 for Customer Engagement apps was deprecated on August 31, 2017, at the same time that Office ends GQL query support. Customers can continue to use Office Graph integration through August 31, 2017. After August 31 that date, the Office Graph trending documents component will cease to function, and you’ll see the following error message:

We can’t get to the trending documents. Try again later.

Refer Microsoft site for more details: Click Here

Assuming you people are aware about XRMToolBox and establishing connection with Dynamic CRM Organization.

Resolution: Use XRMToolBox, connect the tool with the organization. Search for Role Updater plugin as shown below:

Figure 1: XRM ToolBox – Plugin Role Updater

Click on Role Updater and hit Load Roles and Privileges button. This will load all the entities and the privilege which are assigned on that entity.