Entity Ownership in D365 CE

When it comes to Ownership of the entities and records, there are lot of scenarios.

What is the relation between the entity ownership and the actual record owner? Would the records be accessible to all users or a set of users. How can I restrict some users from accessing data from the entities? What happens if I share the record with someone? How ownership affects the related entities/records? What is Access team vs Owner Team? when to use which type of team? See these are so many questions, let us try to find answers to these questions

Let us go by the definition – The type of ownership defines some of the operations that can be performed on a record.  Ownership for an entity is defined in the metadata property OwnershipType. Here are the four types of Owneship types used in D365. You can refer to Microsoft Docs for more information

Ownership TypeDescription
Organization OwnedContains data involving something that belongs to or that can be viewed by the whole organization. Organization-owned entities cannot be assigned or shared. For example, products are owned by the organization. These entities have an attribute named organizationid.
Business OwnedEntities that belong to a business unit. These entities have an attribute named owningbusinessunit.
User or Team OwnedAssigned to a user or to a team. These entities contain data that relates to customers, such as accounts or contacts. Security can be defined according to the business unit for the user or team. These entities have attributes named owningteam and owninguser.
NoneThese entities are not owned by another entity.

Let us understand the fact that None and Business Unit type of Ownership is available for any custom entities. There are some out of box entities which have these ownership types such as Attachments or Business Unit entities

Attachment has None Ownership
Business Unit has Business Unit Ownership

When we create custom entities we can chose either “User or team” or “Organization”. We get the same options in both, our classic Dynamics solution and Data verse where Entity is called as table.

When we have above options to chose as Ownershiptype, the entity can be either owned by a user, team or organization. If we want everyone in the organization should have access to the entity records, then we should chose the ownertype as organization. For Organization owned entities, the two types of security access levels as Global and None. Oranisation owned entity records can not be shared or assigned.

If we want to restrict the access to the entity records to authorized users, then we should select the user or team as owner type. In case we need to expand the access, we can share the entity record with other teams or users. The record even can be assigned to another team or user. When we look at the security roles for user or team owned entities, we can go to five access levels such as : Global, Deep, Local, Basic, and None.

As we have understood user or team owned entities are more restricted than the organization owned ones. Hence when requirements are not clear then to be on the safer side, make the entity as user or team owned instead of organization. We can not change the ownership once the entity is created.

In this post we have seen how to define the ownership of the entity and what is impact of it. Let us see how records sharing and assigning works in next post.