If you look at the CMS permissions for CiviCRM, there are 60 or so permissions that you can control, depending upon what CiviCRM components you have enabled. If you are new to CiviCRM, it can be quite a daunting proposition to allocate these permissions correctly. For example, you might want to create a role in your CMS for CiviCRM Admin and let those users the admin CiviCRM. What permissions do you give them in the CMS?
CiviCRM has a preconfigured ACL role called Administrators linked to a CiviCRM group called Administrators. It is already set up with the main permissions to administer CiviCRM. All we need to do is to hook our users up to it and use it for our admin permissions rather than using CMS permissions.
In Drupal, create a role called
CiviCRM Admin
.In your Drupal, disable the CiviCRM: access CiviCRM permission for everyone except the CIVICRM ADMIN role.
In Drupal, ensure that the CiviCRM Group Roles Sync module is enabled.
In Drupal...