Field Level Security in Dynamics CRM 2011

Prerequisites

Field level security can only be applied to custom fields. The custom field can exist on one of the out of the box entities or any field on a custom entity that was not generated when the entity was created (e.g. the primary field, id, etc…).

Setup

The first step will be to identify a field that will be used and enable the Field Security property. Navigate to the properties of the field on the given entity and set the option to Enable.

Make sure and publish changes for this to take effect.

The next step is to set up a profile to set access privileges.

Navigate to: Settings -> Administration -> Field Security Profiles

Create a new profile by assigning a name and optionally a description.

From the left navigation select Field Permissions and select the field(s) you wish to add to the profile.

Here you can use the Edit option to change the Read, Update, and Create permissions for the field.

Finally User and Team records can be assigned to the profile.

Benefits

Users who have a Field Security Profile assigned will be limited to the access that profile allows.

Records with secured fields can be shared, the recipient can only receive a permission on a given field if the sharing user has it available.

Views, Advanced Find’s and Reports (using Filtered Views) all take into account Field Security Profiles and display results only when appropriate.

Any offline data synchronization will also be effected, only data a user has access to be synced the local machine.