MOPPS 2007 Group Administration question

[TBurkhead]

Hello,
I am experiencing an issue with security when setting multiple user group
assignments/roles where the system does not recognize the highest level of
access granted. In that same area, I am granting approved status for certain
functions like exporting; reporting, etc... but the users are reporting that
the functions are not available. Any information will be appreciated.

 

[Dale Howard [MVP]]

Tom --

If a user is a member of multiple security Groups in Project Server 2007,
the system calculates the cumulative security state for each permission as
follows:

1. Denied trumps both Allowed and Not Allowed.
2. Allowed trumps Not Allowed.
3. Not Allowed is like a "soft" Denied permission. If Not Allowed is
specifed for a permission in every Group to which a user belongs, then the
user is not allowed to do what the permission states.

Given this brief explanation, could you answer the following questions:

1. Are your user accounts in multiple user Groups in PWA?
2. If so, have you set any permission to the Denied state?

Let us know.

 

[TBurkhead]

DH,
Thank you, I will explore and answer your questions, but to clarify, I'm
assuming that since these accounts are configured in Portfolio Server 2007
(MOPPS), that PWA rights do not come into play. AM I assuming incorrectly? TB

 

[Dale Howard [MVP]]

Tom --

My bad. I assumed your question was about permissions for Project Server
2007.

 

[Paul Conroy]

The same concept applies in MOPPS
--
Please rate this post if it has helped

http://www.fundraiseonline.co.nz/TheProjectServerGuru/

http://theprojectserverguru.spaces.live.com