In VSTS (aka Visual Studio Online, aka Visual Studio Team Services), I'd like to be able to have people other than collection administrators create team projects, but I can't figure out what permissions I need to grant to the VSTS group I created for that purpose. I set "Create new projects" to allow, but users in that group are still unable to create new projects. I've confirmed there are no groups that have 'deny' set for the 'create new projects' permission, but it still doesn't work.
Is there an additional permission I need to grant to that group to let it's members create projects?
The user cannot be specified Stakeholder access level, change to Basic and try again.
Go to Users page http://[account].visualstudio.com/_user
Select the user
Click Edit
Change Access Level to basic
Click Save
More information, you can refer to this article: Manage users and access in Visual Studio Team Services
Related
I want to add a group/user to an Azure DevOps project with just access to repositories and pipelines.
If I deny "View project-level information" they don't have access to the project at all.
If I allow the "View project-level information" it gives them a read-only access to the Project Settings including permissions to see users and members of other groups etc.
It seems unbelievable that such a basic security and privacy hole exists.
Am I missing something in the config because I have never seen this in any other application and I find it hard to believe that everyone else using Azure DevOps finds this acceptable.
The easiest equivalent is GitHub (that Microsoft now owns) and you can't see the project settings if you are just a contributor.
How do I give external contractors access to the project to work but prevent them from viewing the Project Settings?
There is no possibility to restrict access to the Team Project - Project Settings page. The only thing that comes close is the feature that is now in preview: Limit user visibility and collaboration to specific projects, which will enable you to restrict access to the Organization Settings. You could suggest this feature in the Microsoft Developer Community.
I have added multiple team members to two different teams in Azure Devops project. But team members are not able to see organization, project and dashboards when they login to devops account?
team members are not able to see organization, project and dashboards
Users cannot see the organization, you can first check whether these users have been added to the organization in Users of Organization Settings.
Then you can check whether the user has the permission to access the project on the Manage user page.
Regarding that users cannot see the projects, you can check whether the “View project-level information” permission of the team is set to Deny in the Permissions of Projects Settings.
Regarding that the user cannot see the dashboard, there should be no permission to restrict it. All users in the project should be able to see the dashboard. Can you share the screenshots about this issue?
In addition, you can try to let users log in with incognito window to see if the problem exists. Check if your organization is connected to AAD.
This is the answer for my additional questinos.
To get an access to Devops project user must be added in the organization either as stakeholder or owner
Once they are owner or stakeholder they are able to access all the features.
I am currently trying to set up a build through Visual Studio App Center to connect to a VSTS repository.
I have a VSTS account through my works Active Directory and I am also a member of other organizations VSTS instances using the same email. When I connect to configure a build through VSTS, I am only given options to projects that I have access to in only my organization.
I have revoked my initial connection per this, but it is still showing only the projects within my organization when re-authorizing.
Is there a way to connect to projects that are a part of the other organizations I am affiliated with?
Revoke the connection first and then following the steps below:
Switch to VSTS Web Portal.
Click on Personal Settings and click "My profile".
Switch to the Directory which contains the VSTS account you want to connect.
Go back to VSAC and connect to the VSTS. You should see the switched Directory on the OAuth page:
I'm using VSTS on Visualstudio.com to host our Solution. I have one solution with multiple Visual Studio projects, all hosted in a Team Project inside TFS. Now I'll have some one to help me with development, but I don't want him to have access to all the Visual Studio projects, only some of them. How can I give him access to some of the Visual Studio projects while denying access to the other ones?
If you are using TFVC as source control, you can refer to these steps below:
Add the user to your VSTS
Go to the admin page of that team project
Select Security tab
Click Create group to create a new group (e.g. CodeGroup)
Set View project-level information to Allow in Permissions tab
Add the corresponding user to that group in Members tab
Click Version Control tab
Select the folder of the project (one of the project in your solution folder)
Click Add to add CodeGroup (step4)
Set Read and Check in permissions to Allow
If you are using Git as source control, you can’t set the security for an item (project in a solution) in the repository.
On the other hand, If there are some project references that the user can’t access, I recommend that you can package and push the assembly to the feed of your VSTS: Package Management in Team Services and TFS
We are planning to use the Visual Studio Team Service for our DevOps process. But the problem is we can not give restriction in repository level. In Visual Studio Team Service , restriction can be implemented in project level, We want to create all repository in one project so that we can easily manage our scrum board. Now how can we give repository level restriction like GitHub or Bitbucket where only assigned team member can only see the repository ?
You can refer to these steps to set permission:
1.Add users to your VSTS (https://XXX.visualstudio.com/_user) (I turn off the feature of Streamlined User Management)
2.Go to your Git team project admin page and select version control (https://XXX.visualstudio.com/[teamproject]/_admin/_versioncontrol)
3.Select a repository
4.In Security page, click Add > Add user to add members
5.Grant these users Contribute and Read permission
Note: View instance-level information (For connection in Visual Studio) and View project-level information are needed too.
More information about permission, you can refer to this article: Permissions and groups defined for Team Services and TFS
You can set permissions at the repository level. Look at the "Version Control" section of the administration area.