Working out what permissions you need to merge records can be difficult. There is a privilege you can include in the security role editor called “Merge Records” so you include that, but still get an error when merging records.
As well as that permission you also need specific privileges on the records you’re merging, and on any record that’s associated with them so your activities etc. can all be moved over to the master record.
I wrote a blog post detailing all the privileges you need for merging to work correctly, but it’s difficult to work out manually. So enter my Merge Permissions tool for XrmToolBox to do the working out for you!
On the left hand side of the tool you have a list of all the tables that support merging in your environment. The standard ones are account, contact, lead and incident (case), but you’ll only have lead and incident for Dynamics 365 environments, not basic Dataverse-only ones. Tick the tables you want to be able to merge.
On the right hand side are a list of the existing security roles. Either tick the roles that should be able to merge these tables and click “Update Roles”, or click “New Role” to create a merging-only role.
Whether you’re updating existing roles or creating a new one, the tool will add the privileges that you need to merge the selected tables. No privileges will be removed from an existing role, it will only add extra ones.
Permission Level
There are two extra options in the toolbar – Record Permissions and Related Record Permissions.
To merge two records you need permissions on those records themselves. The “Record Permissions” option determines which records you’ll have those permissions on:
- User – the user can only merge records they own themselves
- Business Unit – the user can only merge records owned by users in the same business unit
- Parent: Child Business Unit – the user can only merge records owned by users in the same business unit or any sub-business unit
- Organisation – the user can merge any records
You also need permissions to update any records that are associated with the records you are merging in order to move them to the master record – things like activities, quotes etc. The “Related Record Permissions” option covers which of these records you’ll be allowed to move in the same way.
I’d recommend leaving at least the “Related Record Permissions” option set to “Organisation”. If you restrict this further there’s a good chance that there will be a related record that you won’t have permissions to move to the master record and the merge process will fail with a rather cryptic error message.
Plugins and Workflows
This tool discovers what permissions you need to merge records based on the relationships between the different entities. For example, it knows that to merge accounts you need to have the Write permission on activities because activities can be related to accounts.
If you have other processes doing work in the background when records are modified, such as plugins or real-time workflows, these may affect other records that aren’t related in the metadata. In these cases you might need to add extra privileges to the security roles as well.