Error ‘Principal user is missing prvReadAccount privilege’ resolved

By | February 19, 2016


Data migration needs to carried out carefully when you are adopting a new system. If it doesn’t get the attention it deserves, then it can increase the exposure to several risks.

During data migration, you might probably face various errors while transferring data. ‘Principal user is missing prvReadAccount privilege’ being one of the most common of them. This error is not really restricted to Data migration and can be observed in other normal operations of Dynamics CRM as well if not correctly configured.

Let’s look at the reason behind this error.

The main cause of the error is that the owner is assigned with a security role other than System Administrator and has not been given the read-write privileges for the particular entity.


While migrating data from one system to the other, ensure that the Security role of the users is set as ‘System Administrator’ or one that provides enough privileges to the user to own the data that the migration process is trying to assign. If you don’t set the appropriate security role, you may face an error Principal user (Id=52660a18-e5c8-4a92-aabc-477b887e2612, type=8) is missing prvReadAccount privilege (Id=886b280c-6396-4d56-a0a3-2c1b0a50ceb0)’ or a similar error with respect to missing privileges for other entities.

But, this isn’t enough to eliminate the error. In one of our scenarios we noticed that even after the user was assigned the ‘System Administrator’ security role, we were receiving the above error. Further investigation led to the discovery that the user was not given the read-write permissions. This could be done through the read-write access mode.

Let’s take a look at how this could be done.

As shown in the screenshot below, you see that the access mode is set as ‘Administrative’

CRM Data Migration

With “Administrative” access mode, a license is not assigned to this user. This mode provides restricted access to the users and they cannot use CRM to perform normal CRM operations like create/update CRM records.

This usually happens when a new user has been added through the Online Portal but no license had been assigned. To change the access mode, you need to assign a license from the CRM Online portal. Follow the steps below to assign a license.

· Login to Office 365 Portal and go to “USERS” in the left pane:

Dynamics CRM Data Migration

· Click on Assign user Licenses.

· Once you click on this, you should be able to see the below screen.

Now go to Active Users and select the user to whom you want to assign the license.

Migrate crm data

· As you can see in the above screenshot, the user “Test User” has no license assigned.

So click on “Edit” and fill the necessary information and click on “Save.

CRM Data migration

This way the license has been assigned to the user “Test User”.

Once you assign the license for the user it will change the access mode for that user to “Read-Write” and now you should be able to migrate the records which are owned by the user without any error.

migrate from crm on premises to online


While shifting from a legacy system to a new system, it is important to manage the user roles prudently. Besides, you can decide on which users should be given the privilege to access the data. After all, data consistency and sanctity is of paramount importance to you as a business owner.

No need to purchase Bing Maps Licenses for Dynamics CRM. Read more here

Leave a Reply