Sometimes you will get a permission failure in CRM where you get a message along the lines of:
<Message>SecLib::AccessCheckEx failed. Returned hr = -2147187962, ObjectID: e858f4f4-1390-e311-9269-00155d4d0104, OwnerId: dac922a4-0e79-de11-88a0-00215aee5698, OwnerIdType: 8 and CallingUser: 733119b8-0698-e011-aacb-00215aeefdba. ObjectTypeCode: 4703, objectBusinessUnitId: 27911e13-1179-de11-88a0-00215aee5698, AccessRights: AppendToAccess </Message>
You can either get this via the standard CRM error dialog where you are able to download the error as a text file or, you may also see this in a platform trace
In this case I’ve highlighted the two parts that will help you solve the issue. With some permission error mesasges CRM will explictly tell you what permission is needed. In cases where CRM is being less helpful you need to combine the two highlighted portions above to see what’s going on.
To convert the ObjectTypeCode in the message to the entity that the permission is required on you need to execute:
SELECT ObjectTypeCode, Name FROM EntityView ORDER BY EntityView.ObjectTypeCode ASC
Then find the entity type in question. In my case the message is telling me that the user is missing the Append To permission on the Workflow (aka Process) entity