I work with VS2010 and TFS2010. In our team we have some custom Checkin Policies and now I want to give some users (Contributors) the right to add/edit this policies.
I searched in "Team Project Settings-> Security.." but i didn't found a permission like "Manipulate security settings".
Knows somebody where i can grant this permission?
Thanks in advance!
I really really don't think it's a good idea to give Contributors permissions to modify check-in policy (assuming it's possible to do so). Granting them whatever permission grants updating check-in policy will probably allow them to make other changes you wouldn't want them to do. This is effectively elevating all the Contributors to pseudo Project Administrators.
Check-in policies are good and custom ones are interesting but it is still up to the Project Administrator to enable/disable/configure those policies. If "some users" need to be able to do this then perhaps it is more appropriate to put those individuals into the Project Administrators group and leave the rest of the Contributors with their more limited set of permissions.
Related
I have been trying to modify or delete labels from a branch that uses TFVC (Team Foundation Version Control) for source control and is part of a Azure DevOps project.
It seems that it allows me to create, modify or delete labels that were created with my user, but I cannot do that if the creator was another member.
This is error that I'm getting:
I have already set those permissions through TF Command-Line but isn't working. I requested my PM to make member of the Project Administrators group in the ADO Project, but that didn't help either.
There are the permissions that the ADO group currently has:
I should be working but I don't know why it keeps showing me that error.
Any help or guidance woulde be appreciate.
Thank you.
Edit -> 2020-05-19
I checked the individuals permissions from my user as #Levi Lu-MSFT told me, I tried changing it but I can't due to inheritance from another group that I'm member of.
At least, we could finally found the problem but I don't know how to avoid overwriting and proceed.
You can check if your permission settings is overrode for the TFVC repo.
Go the Projecet Settings-->Repositories-->Click the TFVC repo-->Search for your user account-->Check if the permissions are set to Allow
Is it possible for someone with Administrator access to easily create arbitrary files (e.g. text documents) within the C:\Inetpub\wwwroot folder under Windows 8.1?
Normally right-click presents me with many file types I can create; here, I'm only given the option to create a new sub-folder, even though I can (i) edit existing files there or (ii) create files elsewhere and move them there. (Also, gvim running with administrator access can't create a (new) swap file there).
I created a subfolder ("test"), and took ownership of it, but it made no difference. One of my colleagues thought that this was a "special case" overridden by IIS and could be configured by the Group Policy Editor somehow?
I've heard that disabling UAC solves the problem, but I don't want to do that!
Any ways round this? (Reference to an existing discussion I missed would be fine if it covers the same problem). Thanks!
Smychi
Solved this; I added the specific administrative user account I was logged in under ("User") to the list of permissions and granted myself "Full Control".
Not sure why this didn't already work with the existing groups settings, though I'll admit my knowledge of Windows permissions isn't as good as it should be.
Feel free to say whether this is a good or bad way to do it, or add any comment to this anyway, for my benefit or for others who might stumble across this.
Smychi
I am administering Visual Studio Team Services. I have one DefaultCollection, and one project called Smash.
I wish to add project managers to the project. I want them to be able to manage, edit everything that has to do with project management, i.e. PBIs, Sprints, etc
However, I would like to secure the code entirely so that no project manager has access to, also I would like to prevent them from viewing the settings nor permissions used to secure the code.
I'm using a test account as if it was a project manager. I created a group for project managers, I denied them of ALL permissions except view collection-level (which is essential for them to access the project from the first place)
All works fine, i.e. test account can manage PBIs, sprints, etc, However, the test account could still see the settings and permissions. See below
Please help prevent project managers from viewing the settings and permissions used.
Thanks a lot
This is not something that you can do. All users who have access to the project have access to view the permissions and settings. As there is no conceivable security risk from this, as they can't change anything, it is available to all.
If you want to have that feature you should sugest it on http://visualstudio.uservoice.com...
I believe I read there's a way but I can't seem to find it.
I want to see what check-ins and what users have overridden the gated build, or other policies. Where can I look?
The tfs power tools has an alert explorer that you allows you to setup emails if a policy is overridden.
I believe it also allows you to setup a call to a webpage with the information.
Good day
Im trying to implement a read/write privilege in a folder but no delete rights in windows server 2003. Does anyone knows how to set this kind of security? Thanks
"Change" permission is "RXWD" (read, execute, write, delete).
So if you remove the Delete right for that user it should work. Make sure you apply this permission to the folder, subfolders and all files. Also verify effective permissions for that this user (e.g. that this user is not part of some other group where he/she may get extra unwanted permissions)
The answer might be to use "DACL"s.
Had you tried the "Advanced" button?