There is an issue with my Sandbox after it was refreshed from Production. All solutions are successfully copied over. However, fields that had Field Level Security do not show up under Field Permissions even though they have Field Level Security Enabled.
I can add and remove Field Level Security on fields that previously did not have it but am unable to do so with fields that previously had Field Level Security. The error I get, even as a System Administrator (same as in our Production environment), states that I do not have permission to modify those fields.
Next, I was able to add the Field Permissions in Test for the entity fields I wasn't able to previously by adding a Field Security Profile in Production containing the fields. I had hoped that I'd also be able to bring over which users were members after importing the Solution. Unfortunately, they weren’t and when I tried to add them again in Test, I got
Unhandled Exception: System.ServiceModel.FaultException`1 [[Microsoft.Xrm.Sdk.OrganizationServiceFault, Microsoft.Xrm.Sdk, Version=6.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]]: Caller [MY GUID] doesn't have privilege for attribute [ATTRIBUTE WITH THE FIELD LEVEL SECURITY] of entity [ENTITY WITH THE ATTRIBUTE]Detail:
<OrganizationServiceFault xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.microsoft.com/xrm/2011/Contracts">
<ErrorCode>-2147220906</ErrorCode>
<ErrorDetails xmlns:d2p1="http://schemas.datacontract.org/2004/07/System.Collections.Generic" />
<Message>Caller [MY GUID] doesn't have privilege for attribute [ATTRIBUTE WITH THE FIELD LEVEL SECURITY] of entity [ENTITY WITH THE ATTRIBUTE]</Message>
<Timestamp>2014-07-30T16:55:44.9611645Z</Timestamp>
<InnerFault i:nil="true" />
<TraceText i:nil="true" />
</OrganizationServiceFault>
The added Fields are still not visible under System Administrator. Even removing the fields and then trying to add myself as a member still gives me this error. Looking at the XML, even though I removed field level security from the fields (confirmed they did not show in the Field Permissions list), they are not actually removed. I compared it with the XML I saw previously which had no field level security on any fields (this was before I tried making any changes)
Is this a bug? Is there a possible step that was missed?
I've seen others with similar issues, but they were for 2011 and the suggested answers of publishing twice didn't help.
tldr; Field Level Security issues when refreshing Sandbox from Production. Cannot disable and re-enable Field Level Security on fields that had Field Level Security enabled in Production.
This issue was resolved after CRM Support fixed this. It was an unintended bug on their end.
This issue doesn't exist for CRM 2015