none
View only team member experience doesn't allow access to Project Details Page RRS feed

  • Question

  • We are using the default SharePoint Permissions mode in Project Server 2013.

    At the very end of this TechNet article there is a video talking about the new permissions mode. 

    http://technet.microsoft.com/en-us/library/fp161361.aspx

    At 7:10 he starts talking about how SharePoint permissions for project sites interact with PWA.  At 7:55 he starts talking about what each of the 3 SP permissions groups for a project site correspond to in PWA.

    Apparently the Visitors group should correspond to a "read-only team member experience."  The problem I am having is that even when I put a user in the Visitor SP security group for a project site, they still can't access the Project Details Page.  They also can get to the Schedule in PWA, but the left banner says access is denied and some webparts aren't loading.  But the Gantt chart is showing.

    Any suggestions on how to make a view only experience work, or clarifications on something I am misunderstanding?  I have had a hard time finding good detailed documentation around SharePoint Permissions mode for Project Server 2013.

    Thanks,

    Scott

    Wednesday, June 12, 2013 11:45 AM

All replies

  • Scott:

    I think you have basic misunderstanding of how this works. When you are in SharePoint permissions mode, every SharePoint site, including Project Web App, are managed just like every other SharePoint site. That means that assigning permissions in PWA does not interact with Project sites or vice versa. You need to give your users access to each site explicitly, including PWA. To do this, click the Share button in PWA.

    P.S. Build your resource pool before you assign your permissions and then have your users logon for the first time, preferrably using AD sync.


    Gary Chefetz, MCITP, MCP, MVP msProjectExperts
    Project and Project ServerFAQs
    Project Server Help BLOG

    Wednesday, June 12, 2013 2:35 PM
    Moderator
  • Thanks for the reply Gary.  I'm not sure I understand your answer though, because it sounds like my experience has been different from what you describe.

    I have our Everyone AD group in the Team Members security group in PWA.  This just lets them get to the PWA Project Center.  Then to add them to individual projects, I can add them to the project site security groups.  Adding them to Owners gives them PM level control and adding them to Members gives them basic contribute rights.  And that seems to line up with the explanation in the video referenced above.  Adding users to the Visitors security group for a project site though, doesn't give them read only access to the PWA project (like the video suggests).

    My expectation was that PWA was looking to project site permission groups as a way to authenticate someone's access to a particular project.  And for the Owners and Members groups, that seems to work.

    Thanks,

    Scott

    Thursday, June 13, 2013 1:22 PM
  • I haven't watched the video, but if it suggests that there's a synch of permissions from a project site back to PWA, it's not my understanding of how this is supposed to work. It would be unnecessary to the extent that managing access to PWA is very  simple using the SharePoint model as it was intended to be. PWA still looks at a person's association with the project to determine their level of access while enforcing the default Project Server security model that you would have if you were running in Project Server permission mode except for RBS-based security.

    So think about SharePoint permsisions mode as default Project Server pemissions with RBS-related security eliminated and the permissions connection between PWA and Project Sites severed. Of course, there's a little more nuance to it than that but thats the concept in a nutshell.


    Gary Chefetz, MCITP, MCP, MVP msProjectExperts
    Project and Project ServerFAQs
    Project Server Help BLOG

    Friday, June 14, 2013 9:44 PM
    Moderator