![\"image\"](\"https:\/\/license.citruslime.com\/cs\/blogs\/crmcs\/image_06513C08.png\" "\\"image\\"")
<\/a><\/figure>\n\n\n\nIf you have access to our Demo Environment, <\/em><\/strong>click here to see this rule<\/em><\/strong><\/a>.<\/em><\/strong><\/p>\n\n\n\n This leads to a new SharePoint Site for each Business Unit we add to Dynamics:<\/p>\n\n\n\n As we switched the [Inherit Permissions] to \u2018Unique Permissions\u2019, this means that each SharePoint created for a BU has its own set of permissions \u2013 rather than simply defaulting to the permissions of the Parent Site.<\/p>\n\n\n\n This allows us to start defining the permissions we want in SharePoint to match those we define for Dynamics.<\/p>\n\n\n\n If we want to model a simple security system where each Business Unit Site is only available to the Users in that Business Unit, we can do this in a simple set of steps.<\/p>\n\n\n\n If you have access to our Demo Environment for this scenario, <\/em><\/strong>click here to see this rule<\/em><\/a><\/strong>.<\/em><\/strong><\/p>\n\n\n\n The addition of the Security Rule connected to the Lookup field to the Team will then set the Security Permissions in each SharePoint Site created for each Business Unit.<\/p>\n\n\n\n We can see this in the SharePoint Site for either of our Business Units \u2013 most notably by clicking into Site Settings and into Permissions:<\/p>\n\n\n\n The SharePoint Site is shared with the France BU Group in SharePoint which is being synchronised with the France BU Team in Dynamics \u2013 this means that any Users added to removed to the France Business Unit will automatically be granted or removed from accessing the corresponding SharePoint Site here.<\/p>\n\n\n\n We can control the security from the Business Unit or Team in Dynamics:<\/p>\n\n\n\n And know this is fully integrated into SharePoint:<\/p>\n\n\n\n By default this means that each Business Unit has its own set of \u2018Chinese Walls\u2019 to prevent a User in Romania from being able to access Documents only intended for the French Business Unit and vice versa.<\/p>\n\n\n\n That sets up for the Sites approach to SharePoint \u2013 we can now look at how we put this to use.<\/p>\n\n\n\n In our next step, we will see this in action for Company Accounts in these Business Units, and then look at sharing for when we might want to share Documents by Account for the BUs.<\/p>\n\n\n\n We can start by defining what type of Document Storage we want for each Company we add to Dynamics.<\/p>\n\n\n\n In this case, we can setup a simple set of Rules that:<\/p>\n\n\n\n NOTE: <\/strong>For more information on these types of rules, this article on our site may be useful<\/a> to explain how the Rules Engine in DocDrive365 is configured.<\/p><\/blockquote>\n\n\n\n This gives us the following Account Entity Definition in DocDrive:<\/p>\n\n\n\n If you have access to our Demo Environment for this scenario, <\/em><\/strong>click here to see this rule<\/a><\/em><\/strong>.<\/em><\/strong><\/p>\n\n\n\n This set of rules starts adding Folders to our SharePoint Sites on the basis of one Folder per Account Record in Dynamics.<\/p>\n\n\n\n Initially each Folder inherits the permissions defined for that SharePoint Site \u2013 and so grants access on the same basis:<\/p>\n\n\n\n Assuming we are logged in as a User in the Parent Business Unit who can see both BUs, we can see this from Dynamics to SharePoint:<\/p>\n\n\n\n The top 5 Accounts sitting under our France BU, and so appearing as Folders in the French SharePoint Site:<\/p>\n\n\n\n This gives us the basic level of dividing Documents by Business Unit so our SharePoint Security works in the same way as the Security we have in Dynamics.<\/p>\n\n\n\n Currently our Company Accounts are split 5 and 5 between our Business Units in a consistent model.<\/p>\n\n\n\n But, what if we want so share a Company between both Business Units? Or we want to limit a particular Company to a smaller subset of Users?<\/p>\n\n\n\n We can do this by opening the Company in Dynamics and amending its sharing \/ permissions.<\/p>\n\n\n\n DocDrive provides a Grid control where this can be done manually, or we can build this into our Workflow for how User\u2019s use Dynamics \u2013 in my case here, I\u2019ve built a simple Workflow that changes the permissions for this particular Company.<\/p>\n\n\n\n <\/em><\/strong><\/a><\/p>\n\n\n\n Using the DocDrive Grid to share an Account in the French BU with both the French BU Team and the Romanian BU Team<\/em><\/strong><\/p>\n\n\n\n We may not want our Users to have access to this type of sharing, so we may build this into our Workflow to trigger the sharing within our Solution\u2019s Business Logic.<\/p>\n\n\n\n This can be done in Dynamic\u2019s Workflow or using the DocDrive Custom Connector in Power Automate.<\/p>\n\n\n\n Either way \u2013 this setting of permissions via DocDrive triggers the following in SharePoint:<\/p>\n\n\n\n This gives us certain Account Folders that are only visible to ROM, and other Account Folders that are only visible to FRA \u2013 but this Account Folder is in the middle of the Venn Diagram in being available to both Business Units. (but not to any other BUs that we may add, as its just the two initially)<\/p>\n\n\n\n We can see this in action by logging into Dynamics as an Example Romanian User \u2013 they now see their 5 Accounts + the 1 French Account that is now shared:<\/p>\n\n\n\n Our ROM User then also has limited rights within the France SharePoint Site \u2013 as per our rules, they do not have any rights over the Site or the Library, but they do now have rights to that particular Folder for that particular Account.<\/p>\n\n\n\n<\/a><\/figure>\n\n\n\n<\/a><\/figure>\n\n\n\nSTEP 2 \u2013 Define the Security<\/h3>\n\n\n\n
<\/a><\/figure>\n\n\n\n<\/a><\/figure>\n\n\n\n<\/a><\/figure>\n\n\n\n<\/a><\/figure>\n\n\n\nSTEP 3 \u2013 Model the SharePoint Structure for how we will handle Company Accounts<\/strong><\/h3>\n\n\n\n
<\/a><\/figure>\n\n\n\n<\/a><\/figure>\n\n\n\n<\/a><\/figure>\n\n\n\nSTEP 4 \u2013 Share a Company with both France and Romania<\/h3>\n\n\n\n
<\/figure>\n\n\n\n<\/a><\/figure>\n\n\n\n<\/a><\/figure>\n\n\n\n<\/a><\/figure>\n\n\n\n