When I create a new environment in Microsoft Dataverse, a new Business Unit (Root) is automatically created. Initially, the only user in this Business Unit is the one who created the environment-me. However, after a few minutes, several other users inexplicably become part of this Business Unit. These users don't have any Security Roles assigned in this environment, which leaves me confused as to why this happens.
If you have no environment group on the environment then all users in your organization will be created as users. If you have an environment group then only users in that group and global admins will automatically be added. Good luck!
I want to create 2 apps for 2 different set of people in the same environment but they should not access other's app in any case. How do we manage security roles or business units in this case, please give me an example.
You can share each model driven app with a specific security role so I would encourage you to have separate roles for each group. The rest of the security should be based on how the data needs to be separated. They cannot access the same apps but do these apps share data? Can some of it be shared? If no data is being shared, you should put the groups in separate business units and set up access as business unit level. Or you could consider separate environments. Check out the other videos in this series for more information.
