SharePoint Security Sync replicates the security privileges assigned to users in CRM in SharePoint to allow control and secure access of files and folders in SharePoint to only authorized users.
SharePoint Security Sync works off the security roles defined in Dynamics 365 CRM. The depth of the privilege assigned within a security role in synced to ensure that only users that have access to records in Dynamics 365 are allowed access to the folders related to these records in SharePoint.
Let us check this with an example.
In the above example, the sales person only have access to records owned by them while Sales Manager has access to all accounts in the organization.
This is the view when a Sales Manager looks up the accounts in CRM
The Sales Manager will have access to the folders of all of the above CRM records as can be seen in the screenshot below
However due to the restricted privilege assigned to a Sales Person, they are only able to see a handful of the records in CRM.
With SharePoint Security Sync syncing the privileges to control user access to authorized folders only, the sales person will only have access to the following folders in SharePoint