One of the things that we often do as best practice when creating a custom model-driven app for a new Dynamics 365 customer is to “clone” one of the out-of-box forms on the primary tables we’re using in the app. Much like when we do the same thing for security roles, this approach provides a reference point to the original configuration, but it also ensures that if Microsoft makes changes to the default form with an update it doesn’t affect the production environment.
I also like to combine the practice of using a custom main form with the practice of limiting a model-driven app to just that one main form.
One of the reasons for this is that it minimizes the chance that inexperienced, new users get access to the “wrong” form. By default, a user would see a list of all the forms available to them.
But there’s another reason a user would see a list of forms in the custom app, and it has to do with Microsoft defaults and a gotcha if you forget about them.
Forms can be enabled (or limited) to specific security roles which is a great feature. However, when you copy an existing form, the default security setting for the form is that it is just allowed for System Administrator and Customizer security roles.
You need to either allow the “Everyone” setting shown above or select specific security roles that you want to provide access to the custom form.
If you don’t do this, your custom model-driven app – which you think you have limited to just your custom main form—will display all the forms enabled for “Fallback”, and not the form you desire. As a system administrator or customizer, you would not be aware of this unless or until you do user testing with a profile containing the security role(s) of your end user(s).
So, a good procedure to adopt is that when you copy a form, immediately open the form settings and address the security privilege, form order, and fallback forms right away.
If you want to validate you have things set correctly, you can use the Form access checker to enter the security role and app in question and it will tell you what your default form is for that profile.
mikespringer.wordpress.com 