In Microsoft Dynamics CRM the fundamental security model is role-based. Each defined role contains privileges that define a set of actions that can be performed within. A privilege authorizes the user to perform a specific action on a specific entity type.
The Microsoft Dynamics CRM role to permission mapping engine is quite good. But there are a number inefficiencies and gaps that make managing roles difficult. Toolbelt Software’s Role Manager application is designed to improve this experience.