We have a project administrator for a collection of projects on TFS Online. We recently hired so he had to add the guy as a new member into the team.
However he cannot see one specific project we have, even with identical permissions as the other users. His account was created in the same way as the others.
Trying to help the guy out here I offered to try a few things and noticed, If I create a new project as a test. "Test1", and add him as a member, he can see this account fine when he logs in to TFS Online/Connects on Visual Studio.
Which leads me to believe that it's based on some visibility setting within TFS, even though the other members linked to the project can see it fine.
Any possible ideas for me to try?
You need to try and trace his effective permissions. It sounds like there is a denied somewhere.
If you open the admin for that team project and goto the security tab there is a box to add the users account. You should then see the effective permission on the right and he should have and Alowed in the "View project level information" permission.
If he does bot you can roll your mouse over it and click the "why" button and you will see where the overide is coming from.
Related
So I've got both Project Admin and Project Collection Admin rights within ADO, but I'm unable to change any of the Cards settings for my project's sprint board. In the imgur link, you can see the error I'm still getting, and the permissions that have been setup for both groups: https://imgur.com/a/kniFdZI
There's not been anything so far that seems like a dead obvious reason for why I wouldn't be able to amend these things, so basically wondering if anyone has seen this before, or if any helpful MS folk happen to know exactly what the fix would be.
It can be due to devops access level permissions.
Check your access level under the devops Organization Settings -> Users
Make sure you have "Basic" access instead of "Stakeholder".
See access levels : https://learn.microsoft.com/en-us/azure/devops/organizations/security/access-levels?view=azure-devops
We are running permissions re-ordering. Moving teams to smaller groups in order to achieve it, and I created three groups as well:
Reporter
Developer
Maintainer
For users under developer rank, the button Clear Runner Caches has gone missing. How can I allow every user to execute this option?
Screenshot:
It's currently available only for maintainers and owners roles.
Nevertheless, there's an open ticket to allow developers to execute this command as well.
Refer: GitLab Issue
In gitlab, I have a team member who has the general role of developer. I'd need to make him a maintainer for a specific project. I've looked through the documentation but I'm not finding a strait forward answer on how to upgrade his role in the specific project.
I suggest you have to remove the member from group and add him/her to individual projects with a role(maintainer for "Specific project" and developer for other projects in your case).
Thats the temporary solution I found
I am trying to implement a single Team Project with multiple sub-projects as recommended by this guy and this guy. I can control visibility of work items and source control folders but I cannot control visibility of iterations, teams, groups, and members. Say I have Team Project as the parent project of several sub-projects. Project1_Group has permissions only for accessing Project1_Area and Project1_Foler etc.
I place User1 in Project1_Team and Project1_Group and as expected that user can only see work items within that area. But User1 can go to their Administration page and see all iterations, teams and groups defined for the top level Team Project. User1 can even see groups that exist outside the Team Project by viewing the membership of each user within the current Team Project.
This is a lot of information. As far as I can tell, the minimum PROJECT-LEVEL permission I can give to a user is "View project-level information" (or GENERIC_READ at command line). Without this a user gets a 500 error. With it they get access to all information above. Is there some lesser Project-level permission that will allow full access to the relevant Area but deny read access to high level Team Project information?
No I don't think its possible. Iterations, teams and groups will be visible if you have access to the team project. If you want to permission everything in your project group I think creating separate Team Project is the only solution.
I'm getting an issue with TFS where the documents folder is marked with a red cross. As far as I can tell, this seems to be a security issue, however, I am set-up as project admin on the relevant projects.
I’ve come to the conclusion that it’s a security issue from running the TFS Project Admin tool (available here). When I run this, it tells me that I don’t have sufficient access rights to open the project. I’ve checked, and I’m not included in any groups that are denied access.
Please can anyone shed any light as to why I may not have sufficient access to these projects?
I finally got to the bottom of this. The security for SharePoint is set-up independently, and it's this that controls the access to the Documents folder