2
Suggest the url addressable link e.g. https://
.crm11.dynamics.com/main.aspx?appid=XXXXX&pagetype=advancefind needs to be blocked as it is currently a workaround. We have built a restricted app and locked down access as much as possible and control data access via Containers in a custom page; but if a user know this workaround, they get into the database via a backdoor method.Locking down via a security role wont work in our scenario.
As designers, we need to be able to decide what features are provided to a user app-by-app.
While it may not be possible or desirable to lock this page down fully, another option would be to only allow access to it if you have this 'system administrator' security role assigned as it could be handy to have this feature as a system admin.
STATUS DETAILS
New