However when we login with the user that has ONLY this role assigned to it, we receive the following error
We spent a lot of time trying our various combinations, when finally we found that the problem was with the user settings entity “Write” permission. By default CRM provided the “Read” permission for this entity, but not the write permission.
Once this permission was added. Run iisreset. Login as the user and it should be just fine now.
In the process we also learnt that System Administrator has certain special privileges that are not presented on the Role user interface, so there is no way to can provide these permissions to any other user.
One of the permissions is to allow users to “Bulk Delete” records. Only System Administrator users have the permission to create “Bulk Delete” Jobs. This helped when we were developing one of the add-ons for Bulk Delete Operations. Details of this add-on has been posted on an earlier post
One of the workarounds though, is to Copy the System Administrator Role and create a new Role which will inherit these hidden privileges from the System Administrator Role.