PS 2007 Security Explained

J

Jonathan H

Hello,

I hope you all had a nice weekend!

Can anyone point me at a decent explanation of the security concepts at work
within PS 2007? In particular I'm wondering what part Categories play and if
the RBS influences anything.

I've seen the Technet article 'Plan groups, permissions and categories for
Project Server 2007' and quite frankly found it lacking.

It was explained to me once as 'groups control what you can do, and
categories control what you can see' - and while this is a nice tag-line it
doesn't really help without some quality examples of what changes when I move
people around between groups and categories.

Any help much appreciated, as ever.

Regards,

Jonathan
 
D

Dave

'groups control what you can do, and categories control what you can see' is
not just a tag line, it summarizes the idea behind groups and categories in
a single line, but I know security can be a pretty daunting component. So
let me see if I can help you understand the idea behind the security set up
in PS 2007.

Categories define what projects/resources/views a user can see. So for
example if an user belongs to a category A that has the "All current and
future projects" option selected then they can see ALL the projects in
project server.

Groups define what a user can do on the system. For example if the user
belongs to a group A that has permissions to "Save Protected baseline" they
can save baselines 0-5.

So if Person A belongs to group A and is assigned to category A, then they
can save protected baselines on all the projects (This is a very simplistic
example, in real life a users access to a Project will be defined by
multiple permissions but for the sake of this example let us assume that
there are no other permissions and that the user can access and edit all the
projects he can see)

If Person B belongs to a group B that does not have the "Save Protected
baseline" permission, but belongs to Category A, although he can see all the
projects he cannot save the protected baselines on any of the projects.

The RBS plays a role on security depending on how you set it up. In the
category page under the Project and Resources section, you will see five
options with with check boxes, the last three define if you want to use the
RBS to control permissions, you can find the definitions of the permissions
on technet.

Now this is a very simplistic example, you might want to look at Garry &
Dales book Implementing and Administering Microsoft Office Project Server
2007 for a more detailed explanation on security, they have done a pretty
good job of explaining security in PS 2007 and if memory serves me right
they took around 100 pages to explain the security setup, so it would be
pretty difficult explaining security at that level here.

Hope that helps
Dave
 
D

Dale Howard [MVP]

Jonathan --

For a thorough and understandable explanation of the Project Server 2007
security model, you might want to consider purchasing our "Implementing and
Administering Microsoft Office Project Server 2007" book at:

http://www.projectserverbooks.com

Hope this helps.
 
J

Jonathan H

Thanks for that Dave - I appreciate the effort it must have taken to type all
that in.

It certainly does help to explain a few things, though like any good answer
it spawns another 10 questions...

Jonathan
 
J

Jonathan H

Can I swap it for the Managing Enterprise Projects one that I bought? I
think I purchased the wrong one ;-)
 
D

Dale Howard [MVP]

Jonathan H --

If you are the Project Server administrator for your organization, you
really need BOTH books. You need to know how to administer and configure
the system, and you definitely need to know how everything works from the
project manager's perspective. :)
 
Top