Skip to main content

Project Server 2007 and Unique Workspace Permissions

The scenario:
You have a project workspace linked to a project
That workspace has a custom document library/list or Item that requires limited user access
The permissions for the document library are not inherited from the parent site
Users for this document library/list are added individually

The action
Customer permissions are changed in PWA
User Sync kicks off and re-syncs the users permissions

The outcome
The user permissions are removed and re-added to the site as expected
Any "unique" user level permissions on the site are removed (ie if you have added additional "contributor" access as well as the Microsoft Office Project Server group permissions, etc)
The users permissions on the list/item that do no inherit from the site are also removed but are not re-added

It appears that the user synchronisation can remove all permissions from the site, lists and items including those where permissions are not inherited, but can only add site level and inherited permissions. Therefore
a - all list/item level specific permissions are removed
b - any unique site security for these resources is also removed

Workarounds/Recommendations

1 Create list access GROUPS and grant access to these lists using groups memberships (not assigning individuals)
2 Create a subsite(s) of the parent site wherever permissions on the lists/libraries are required to be different from the parent site
Labels:

Comments

Post a Comment

Popular posts from this blog

SP2 released

Office Project Server 2007 Sp2 has now been released.  see the details here - http://blogs.msdn.com/chrisfie/archive/2009/04/28/announcing-service-pack-2-sp2-for-microsoft-project-2007-and-microsoft-project-server-2007.aspx .  see teh webcast here http://blogs.msdn.com/brismith/archive/2009/04/28/project-server-2007-service-pack-2-sp2-is-now-available.aspx Blogged with the Flock Browser
Post a Comment
Read more

TPG Apps Highlights - Risk Matrix #projectonline #projectserver #risk

This post is the first of a series to highlight the apps available for Project Server and Project Online from the SharePoint store  ( https://store.office.com/search.aspx?productgroup=SharePoint&qu=tpg ) and direct via your local TPG office. The first of this series will look at the s imple plug-and-play apps that all users of Project Online can make use of quickly and easily.   T hese are: Risk Matrix  Milestone Trend Analysis (MTA) WBS Chart viewer Next we will focus on the challenge of  Resource Request Supply and Demand by demonstrating our more recent TeamLink and TeamManager apps. Team Manager App is a Resource Manager/Owner app for allocating resource supply to Projects and BAU activities and monitoring demands against commitments Team Link App is a PM tool for monitoring Project demands vs the supply provided by the Resource Managers  Finally I will highlight some of the benefits of our integration tools when used i...
Post a Comment
Read more

Reporting from Project Server 2016 - multiple sites and userviews

Just a quickie... I've been interested in how MS have handled the "multiple PWA sites in a Content DB" thing since I read that this was their new approach.  Most of my reporting is via SSRS so i am reliant (still... in 2016) on DB queries rather than OData feeds (tsk) and this "querying a PWA DB with more than one PWA site in it is unsupported" quote was worrying me. So it looks like what is happening is this. When you create the first PWA site in a Content DB it hard-codes the SiteID into the _Userview view design elements.  This means that your first PWA Site is the default.  All the data for subsequent sites are still held in the tables against separate SiteID's but you cannot utilise the OOTB _Userview components (see below) SELECT        ProjectFields.... FROM            pjrep.MSP_TVF_EpmProject('FF19B767-CA6D-4C4C-B123-C0B5AE5354D6') AS MSP_EpmProject  LEFT OUTER JOIN         ...
Post a Comment
Read more