Managing User Group effectively

[aSoundMind]

Hello,

I am having Project server 2003 and there are 14 user groups, 7
standard (admin, Project Manager, Team Member and so on) + 7
customized (comp admin, comp Project manager, comp team member, etc).
The system administrator assigns the user based on the role. For
example if John is a project manager and also a team member, then he
gets 4 roles: project manager, comp project manager, team member, and
comp team member.

I don't think this is effective, especially when I assign a security
custom permission (e.g. user defined 1, user defined 2) and it's
getting harder to track which user belongs to which group. Which user
is only the project manager and so on.

My questions are:
1.How to assign the group correctly so it is more effective for
maintenance and tracking?
2. If a user is a project manager but also can be given a task by
other project manager. Is it enough just to give him project manager
role? Or must be both Project Manager and Team member?

Thanks in advance.

Regards,
Jack

 

[Gary L. Chefetz [MVP]]

Jack:

If you do a good job designing your groups, you shouldn't have to assign
them to more than one, or very rarely. There's no need to assign a PM to the
Team Member role as they already have all the rights as a team member
included in their PM group. Likewise, an Administrator has all rights, so
there's no need to assign an administrator to any other group. In fact, when
you do this you run the risk of reducing their permissions.

I suggest that you order a copy of our book "Administering Microsoft Office
Project Server 2003" which is the second edition of the book. This contains
a very indepth exploration of user permissions.

--

Gary L. Chefetz, MVP
MSProjectExperts
For Project Server Consulting: http://www.msprojectexperts.com
For Project Server FAQS: http://www.projectserverexperts.com

 

[aSoundMind]

Jack:

If you do a good job designing your groups, you shouldn't have to assign
them to more than one, or very rarely. There's no need to assign a PM to the
Team Member role as they already have all the rights as a team member
included in their PM group. Likewise, an Administrator has all rights, so
there's no need to assign an administrator to any other group. In fact, when
you do this you run the risk of reducing their permissions.

I suggest that you order a copy of our book "Administering Microsoft Office
Project Server 2003" which is the second edition of the book. This contains
a very indepth exploration of user permissions.

--

Gary L. Chefetz, MVP
MSProjectExperts
For Project Server Consulting:http://www.msprojectexperts.com
For Project Server FAQS:http://www.projectserverexperts.com











- Show quoted text -

Ok, Thanks Gary. Is there a way to modify their groups directly from
database? Coz it's tedious to change them one by one in Project web
access. Thanks

//Jack

 

[Gary L. Chefetz [MVP]]

It's not tedious at all if you do it from the group page. Doing it in the
database, well that would be an order of magnitude more tedious than doing
it from the individual user pages.

--

Gary L. Chefetz, MVP
MSProjectExperts
For Project Server Consulting: http://www.msprojectexperts.com
For Project Server FAQS: http://www.projectserverexperts.com