Need to implement security using Department in project server
Projects are set to the Project Department from the Department lookup.
Resource/user are set to the Resource Department from the Department lookup, Resource can be assigned multiple departments(like IT,HR,Finance)
Resource can only view the projects Based on the department which he has assigned.
How can we implement this security?
An important point to know is that department is NOT a securirty feature. It is just meant to propose dedicated configuration and filter projects and resources, but in no way managing data and feature access with a reliable security.
The security model relies on the groups and categories, but also on the RBS which allows creating a hierachy based on your organization, but resources in this hierachy and configure who could see data and what feature can be used.
Here are a few great articles from Ben Howard about security model and departments:
There are many different way to confgure and double it can be example in a few comments in forum. One design of setting up security is to use the RBS. I would setup RBS based on department
Michael Wharton, MVP, MBA, PMP, MCT, MCTS, MCSD, MCSE+I, MCDBA
Blog http://MyProjectExpert.com contains my field notes and SQL queries
Usually, users belong to one unique department. Then different cases might occur. If it is a single user, you might assign him to a department branch and add him manually to some project teams when applicable. Or you can put him in a high branch. Or you could cross use departments and RBS. As you can see, the security model can be a complex subject depending on your requirements. The first step to taken in my own opinion is to collect the need, then design the model using the various features you have at your disposal (rbs, groups, categories, departments), and finally implement it.