This is a few different questions.
First one is how do you delete a user group? I've seen the option for removing a group from another group, but I haven't been able to find an option for completely deleting the group.
Second is how do I set security so that users in a specific group can only view and run reports? So far, I've gone into User Security on the group, disabled inheriting from the parent group and folder, and set "View" and "View On Demand" in basic settings and "View objects" and "View objects that the user owns" in advanced. But regardless of what they have, either they can still move and delete reports or can't view anything at all depending on whether they're under the Administrators group.
Related to that last part of the second question, when the user group is a subgroup of Adminsitrators they can see all the tabs, but if I move them to the Everyone group, then they can't see anything when logged in when I set the Folders view on Configure CMC Tabs. Ideally, I'd like the users to be under a different group entirely for clarity, but then they can't seem to do anything, which definitely won't work.
Finally figured this out.
For the first one, I couldn't delete the group because it had customized security settings. After resetting those to the default inheritance and removing it from all other groups, I was able to delete it fine.
For the folders and running the reports, the security has to be set on the folder structure, not on the user group.
Related
I am trying to edit my branch security policies, but nothing ever seems to save. I've tried editing permissions, adding groups, removing groups and nothing seems to happen.
Is there supposed to be save button? This interface is new and appears not to be working.
I am an admin on this Azure account.
To the above question you posted in comment, here is the answer for that:
The groups listed below are inbuilt groups. You will not be able to delete those inbuilt groups.
And if you would like to add any groups, you would need to first create that group in Project Settings and then come back to Branch Security and Add that group here :
Go to Project Settings --> Security --> Create Group
Once you Create the group, go back to Repos --> Branches --> Branch Security --> Click on Add Group and search for the group you created earlier.
You should be able to delete the groups that you have created, But keep one thing in mind that if you delete a group that you created all the users in the group will loose permissions as well.
Yes this is a New UI and it is automatic save when you change the permissions.
Have you tried changing the selection in the dropdown and see if it works?
Once you change the selection in dropdown there will be an indication that the value is changed.
There is no Save Button in the new UI.
The Green tick indicates that the value is changed.
Please take a look at the screenshot below.
As a DevOps administrator I want to give restricted access to the backlog of our project to a user.
I want to limit his access. Meaning that the user can only see Work Items he has created in the backlog, nothing else.
Is their a way of doing this?
the user can only see Work Items he has created in the backlog,
nothing else
I am afraid that this feature you want is not feasible.Boards is visible to all members of your organization.
You can only set the member to Project Readers at most, so that members only have read permissions but no modified permissions.
You can set the Assign to filter condition in the Filter of the backlogs to see the work items assigned to a specific person, but it can't prevent the user from viewing the work items assigned to others. In addition, there is no filter condition to see who created the work items.
When I create a new Simple Project in AEM 6.1 in the project view (/projects.html). I then add users to the projects groups (editors, owners, observers). But when I reload the page that shows the users and groups I can see all users are observers, no other groups are used, no matter what I configured.
What am I doing wrong here?
That's simply a bug in the UI. AFAIK it is fixed with 6.2.
Every project user is member of the observers group. If you put a user for example in the editors group, he will also be member of the observers group ad the UI is showing only one group per user and bad enough it's always the observers group that is shown, all the others are hidden.
Take a look at the useradmin and you will see that the users are in the correct groups.
I added a group to a site. The users were then added to the All Users group. I then removed the group, but the users remained.
Is there anyway to clean this up so that the users get deleted?
Thanks
To be clear, you want to delete the users that were in the group?
Creating and deleting groups does not create or delete users. To delete users you need to go to the users tab and select the users you want to delete.
Also, keep in mind that if the user owns content you will get a message saying:
"[user] was unlicensed" instead of the expected “[user] was deleted”
message.
The “unlicensed” message displays because the user who you want to
delete is a workbook or project owner and therefore cannot be deleted.
In other words, a user can only be permanently deleted from Tableau
Server if he or she no longer owns a workbook or project.
See more here: http://kb.tableau.com/articles/knowledgebase/deleting-user-from-tableau-server
Tableau is not good with Active Directory when it comes to removing users. If you ADD Active Directory account and set up sync, it will add a new user who will be added in AD group but once you remove AD group it will not remove any users who were in AD group.
In order to remove those users, you need to go to all users and delete the Users manually which defeats the purpose of using AD groups.
I currently have a user whose Access Rights are messed up and I'd like to reset them. I could be blind but does anyone know of a way to do this?
I am not aware of a way to reset the user rights.
The only way I can think of is deleting the user and create a new one, or write a script that loops to the tree or retrieves al items that the current user has rights on and resets the rights for this user.
Security of an item is stored within the __security field on the item itself. Furthermore, security is stored by the name of the user or role, not by an ID. Deleting a user/role will not modify any item that references that user/role so you effectively get orphaned access rights.
I had created a script years ago that will report on (and reset) the security of items. It is available from my blog post and I referenced it within this similar question. You should be able to modify that script to remove a single user's rights.
So far, the only way I've been able to do this is to go into the Security Editor, select the user, then open every item in the tree and unset every access right manually to the default setting of Inherited.
For instance, there are at least a Read/Write/Rename/Create/Delete/Administer/Inheritance permission on just the Home item alone. Each permission has one of the following states: Inherited/Allowed/Denied/Item vs. Descendant Right/Protected/Not Applicable. If any of those are set, manually unset it. So, if it were set to Allowed, you'd click the green check mark which would unset it from Allowed (I guess you could argue I'm setting it to Inherited).
To get back to square one, everything should be set back to Inherited.