I am trying to grant a user access to view the User column information underneath of Usage inside of Organization Settings, but that specific column is grayed out unless I elevate their permissions to Project Collection Administrator. Where is this permission controlled and can access to this information be granted without elevating the user to Project Collection Administrator?
I am able to see these options under Column Options:
The user can only see these options under Column Options:
Project Collection Administrator permission is required to view User Column. When the User column is available, it means that the member is able to investigate the usage of other users. This is currently designed to PCA only. Refer to this link for details.
For members of the project collection administrators group, this same
page can be used to investigate the usage of other users.
Related
Is there a possibility where I can share the configuration of my boards and backlogs with the others in my team?
This way they all have the same columns and order columns that I have.
To configure (add, remove and order) columns in the "Boards/Backlogs" page, the users do not need any additional permission, as long as the users at least have the Reader permission in the project.
Each user can configure the columns on the "Boards/Backlogs" page on his own side. All the changes each user does for columns can only be applied to the "Boards/Backlogs" page on his own side, and not affect on other users' sides.
So, if you want your other team members have the same columns and columns order with that of you on the "Boards/Backlogs" page, you can ask the members to add, remove and order the columns on their own side following the style on your side. For more details, you can see "Change column options".
To configure the "Boards/Boards" page, you need the permissions for configuring team settings. To configure team settings, you must be added to the team administrator role or be a member of the Project Administrators security group.
Only the Administrator users can configure the "Boards/Boards" page. The style configured by the Administrator users is applied to the whole team. That means all the members in your team will see the same things on the "Boards/Boards" page. So, you do not need to grant every team member the permissions to configure the "Boards/Boards" page. Just you Administrator users have the related permissions is OK.
We want some users of one of our SharePoint site to manage permissions on their site but do not want them to give the permission called "Manage Permissions". Because if we do so, the users start assigning the built in permission level “Full Control” to themselves. How can we achieve this?
Please note that the users with the permission level "Manage Permissions" can create and change permission levels on the Web site [Ref: Microsoft]. What we want for them to only be able to create users, groups, and assign certain permissions on the site to those users and groups.
"we want for them ... and assign permissions"
you DO realize that they can just as easily be assigning Full Control to these groups? isn't that what you say you want to AVOID?
manage the permissions for them, and allow them to self manage the GROUP MEMBERS. that way they can add people to the "publishers" group... and net result is that the user has "publish" permissions.
solution 2 can be extrapolated for some very granular needs, but I don't explain how because I wouldn't recommend it.
I have a requirement to deactivate a user for a particular organization.In liferay we deactivate the user directly by control panel under users tool.if i deactivate,The user will deactivate in portal level so it is applicable to all organizations not to particular organization.so can i do manual code for this or is there any alternative by default?
User Management in Liferay is global - to the whole portal. You authenticate to the portal, thus a deactivated user can't be authenticated to the portal.
You can make users members of Organizations or site - and this membership (or other organization- or site-level roles) can be used to provide them with permissions.
If you want them to be able to sign in, don't deactivate them. If you don't want them to access a certain organization, make the content of that organization available to members only - and exclude the user from the members of that organization.
OK you could do this in code level ,
User singleUser=UserLocalServiceUtil.getUser(userId)
singleUser.setStatus(WorkflowConstants.STATUS_DENIED);
UserLocalServiceUtil.updateUser(singleUser);
So basically setting User Status to either WorkflowConstants.STATUS_DENIED, WorkflowConstants.STATUS_EXPIRED or WorkflowConstants.STATUS_INACTIVE will do the work of deactivating particular User.
But you need to research on the aftermath effect of these status field.
I am getting a problem in implementing Field Level Security in CRM 2011. I am very new to this technology hence not able to resolve this problem.
This is the steps i have done -
1.Created an Entity names Inquiry.
2.On Form Under Entity created a field named 'Password' with EnableSecurity set to 'true'.
3.Then Moved to Administration -> Field Security Profiles -> Created a Profile named 'Inquiry'. Under Users Tab selected a User(Mike) and kept the Field Permissions as it is i.e 'No'.
4.Now on Login for User(Mike) the 'Password' should be seen encrypted. but it does not display as encrypted.
Steps used to Create User -
1.Under Users & groups created new user and assigned 'Service administrator'.
Please tell me if i missed out sum step or if i have done something wrong.
I think user Mike has System Administrator security role.
This security gives always full access to all secured fields, you can find more information here:
How Field Security Can Be Used to Control Access to Field Values in Microsoft Dynamics CRM
section Which Security Roles Allow You to See Secured Fields?
Hey i got the solution to my question.Posting it so that it may help the beginners like me.
All i did was -
Steps used to Create User -
1.Under Users & groups created new user and did not give the user administrator permissions.
2.Then Under Settings->Administration-> Users -> Selected the user and opened the Form.
3.Then choose Manage Roles from Ribbon menus and selected 'System Customizer' as the Security Role.
Rest process same for applying field security.
5.In the end logged in as a System Customizer and was able to see the changes.
Thank you #Guido Preito for the help.
Im trying to run a command on the AddUserToGroup method via webservices (UserGroup.asmx).
I set up the code as follows.
//set up the user group
userGroup = new UserGroup.UserGroup();
userGroup.Url = vtiBin + "/UserGroup.asmx";
userGroup.Credentials = CredentialCache.DefaultCredentials;
So I have my credentials being passed to the webserive. Now I run the following
userGroup.AddUserToGroup("System Group", preferedName, userLogin, email, "");
this throws an exception, my account does not have permission. however if I run this code under a different user with GOD access it works
What is the minimum required permission??
I have given my account
Full Access to the User Information List (on the sharepoint site)
Manage Analytics, Manage Audiences, Manage User Profiles, Personal Features, Personal Site, Set Permissions (sharedServices Admin, Personalization services permissions )
Couldn't this also have more to do with the permission to manage the group rather than permission to use the web service? I know I've run into similar situations via the UI before, and it turned out that I didn't have permissions to edit the group's membership. I believe there are a few situations in which you have permission to edit a group's membership:
You are the creator of the group
The creator of the group (or a site collection administrator) designated you as an owner of the group
The group was configured to allow all group members to edit its membership, and you are a member of the group
You are a site collection administrator
Is it possible that none of those conditions fit for you?
There is a permission in SharePoint to allow for web service calls. It's called "Use Remote Interfaces". Your user should have this permission to make changes via web services.