Your first step to simplifying your CRM menu for your users should be to configure security roles that grant READ access to only those entities your users will be working with.
e.g.. take away their permissions to the CASE entity and like magic no more CASE menu item…
Now, this approach only gets you so far. For example you will find you have to give users READ permission to Users and Business Units and as a result the Settings and Administration menus remains visible to them. And you might find you don’t want something like Competitors showing on the menu but you do want users to be able to specify against their Opportunities when they are closing them.
Microsoft have given us a a tool that helps us here – in the Sitemap definition we can add privilege checks to individual menu items. The privilege check looks like this:
I have highlighted in yellow the section of the Sitemap that defines the Competitor menu item. Inside the red box is the privilege check. The addition of this line instructs CRM: “hide the above menu item unless the user is assigned a security role that gives them CREATE permission on the COMPETITOR entity”.
So, once you’ve trimmed back security roles have a look at what your users are left with and where you want something visible only to your super users ask yourself “what permission do my super users have that my normal users don’t?” and add the corresponding privilege check.
– If Queues are used for Case assignment by team leaders, and your standard user does not have permission to assign Cases then add a privilege check to the Queues menu item based on the ASSIGN permission to the CASE entity.
– If you don’t want the SETTINGS menu to appear then you can hide it using this approach but you will need to add the privilege check to each menu item that is appearing under the SETTINGS menu. Consider adding a privilege check to each menu item that references the CREATE permission on the USER entity. This will hide the entire Settings area from everyone except those users who are allowed to create new users.
– In the below example Marketing menu items are each given a privilege check:
Now, if you are struggling to pick a permissions test that will work for you, consider creating custom entities just to support this approach. For example, create a new entity called HiddenMenu and ensure the security role your senior management users are assigned includes READ permission to this entity. Then, in your Sitemap file go to each menu item that you want available only to those senior management users and add a privilege check that requires the user has the READ permission to the HiddenMenu entity. Easy 🙂