Hi I'm trying to set up business units and teams with restricted access to read/edit opportunities. What's the correct method to implement?
My sales team users have the same security role with user level read/edit access. I want my sales team users to only be able to view/edit their owned opportunities. Except if they are in a team, I want them to be able to view/edit the other team members owned opportunities.
Example:
Team A has User 1, User 2, User 3
User 1 can view/edit opportunties owned by User 2 & User 3 but not see User 4-10 opportunities
Users 4-10 can only view/edit their owned opportunities
Managers can view all opportunities
I was a little confused by Business units (BU) and teams since each BU creates a default team, since it will give users access to the owned opportunities in the team and business unit they are in. I thought I could just have one business unit with all users, and restrict access by creating a teams within them, but since the default team includes all users in a BU it didn't restrict read/write access.
To get the result I'm looking for should I create a parent business unit (BU) and 2 separate child business units?
BU 1= whole organization, all users
BU 2 (child of BU1) = create owning team A (user 1, user 2, user 3)
BU 3 (child of BU1) = users 4-10 and restrict view/edit access to the user level in security role
Thanks,
Cynthia