With the Directory Security Feature of DocumentsCorePack for MS CRM 2011, you can prevent users to see certain files from CRM records. Users will not be able to navigate to the associated directory within the file share or SharePoint because DocumentsCorePack will overtake the security for you. In short words: when a user is not able to see the CRM record, he/she will also not be able to see the documents.
For a detailed description, please have a look at the documentation.
However, you have to do additional steps for the Directory Security.
Each time a user accesses the documents through DocumentsCorePack, the user will be granted for this specific directory. Because it is possible that user privileges are changed, the user will not have permissions to see the CRM record anymore.
But the permissions are already granted. That is the reason why DocumentsCorePack resets the permission every night at 11pm (server time). But you have to specify a user under which the task should run. You have to do this manually.
To do so, please open the Windows Task Scheduler
Figure 1: Windows Task Scheduler
You'll see two tasks, the DCP FX-SPS Directory Security Resetter which is for FileExplorer and the DCP FX-SPS Directory Security Resetter sps, which resets the SharePoint Directory Security.
Per default, the tasks are running under the SYSTEM account which has not enough privileges to connect to CRM.
You need to specify a user which is able to read all organizations.
To do so, double-click the tasks and click on Change User or Group and specify a user which is able to connect to CRM.
Figure 2: Change user group
Now the directory security will be resetted every night to the default permissions.
That’s it! We appreciate your feedback! Please share your thoughts by sending an email to firstname.lastname@example.org.