CRMAccount.GrantAccess Method

The GrantAccess method grants a user or team access to the specified account. This method also applies to all child objects of the account. For all child objects, if the caller does not have share privileges for those object types or share rights to the objects, the child objects are not shared. As a result, the owner of the object or a user who shares the object with share rights automatically has share rights to all child objects of the account. In this case, only the lack of privileges for a particular object type prevents the child objects from being shared.


[Visual Basic .NET]
Public Sub GrantAccess(
  ByVal Caller As CUserAuth,
  ByVal AccountId As String,
  ByVal Rights As UInt32,
  ByVal Grantee As CSecurityPrincipal
public void GrantAccess(
  CUserAuth  Caller,
  string  AccountId,
  uint  Rights,
  CSecurityPrincipal  Grantee
public: void GrantAccess(
  CUserAuth*  Caller,
  String*  AccountId,
  unsigned long  Rights,
  CSecurityPrincipal*  Grantee



Specifies the identity of the caller. The caller must have the prvShareAccount privilege to perform this action. See CUserAuth.


Specifies the ID of the account in which you are interested.


Specifies the set of rights to be granted. See ACCESSRIGHTS.


Specifies the team or user that will be granted access. See CSecurityPrincipal.

Return Value

No return value.


If there is an error, SOAP throws an exception and the error message is reported in System.Web.Services.Protocols.SoapException.Detail.OuterXml.

All IDs passed to the platform are GUIDs wrapped in braces. For example: {6522D89A-A752-4455-A2B0-51494C6957C3}


// strServer should be set with the name of the platform Web server
string strServer = "myservername";

// virtualDirectory should be set with the name of the Microsoft CRM
// virtual directory on the platform Web server
string virtualDirectory = "mscrmservices";
string strDir = "http://" + strServer + "/" + virtualDirectory + "/";

// BizUser proxy object
Microsoft.CRM.Proxy.BizUser bizUser = new Microsoft.CRM.Proxy.BizUser ();
bizUser.Credentials = System.Net.CredentialCache.DefaultCredentials;
bizUser.Url = strDir + "BizUser.srf";

// CRMAccount proxy object
Microsoft.CRM.Proxy.CRMAccount account = new Microsoft.CRM.Proxy.CRMAccount ();
account.Credentials = System.Net.CredentialCache.DefaultCredentials;
account.Url = strDir + "CRMAccount.srf";

string strErrorMsg;
string strAccountId = "{3E24E79C-7EC5-4473-95FF-7E46FEBB534B}";
string strUserId = "{ECF99EF1-3858-4E06-ABD9-EBFE526BF9FF}";

   Microsoft.CRM.Proxy.CUserAuth userAuth = bizUser.WhoAmI();

   // Intialize the security principal
   Microsoft.CRM.Proxy.CSecurityPrincipal securityPrincipal = new Microsoft.CRM.Proxy.CSecurityPrincipal();
   securityPrincipal.Id = strUserId;
   securityPrincipal.Type = Microsoft.CRM.Proxy.SecurityPrincipalType.sptUser;

   // Set the rights
   uint rights = Microsoft.CRM.Flags.AccessRights.CRM_ACCESS_READ;

   // Grant access to the specified user
   account.GrantAccess(userAuth, strAccountId, rights, securityPrincipal);

catch (System.Web.Services.Protocols.SoapException err)
   // Process the platform error here
   strErrorMsg = ("ErrorMessage: " + err.Message + " " + err.Detail.OuterXml + " Source: " + err.Source );
catch (Exception err)
   // Process other errors here
   strErrorMsg = ("ErrorMessage: " + err.Message );


Namespace: Microsoft.CRM.Proxy

Assembly: microsoft.crm.proxy.dll

See Also

© 2003 Microsoft Corporation. All rights reserved.