Add Users to Team Projects

You can control the level of access that various members of your team have to team projects by assigning each member to groups for each project. To provide team members with full access to all the functionality of your project, you might also have to add them to groups in SQL Server Reporting Services and SharePoint Products.

Important

Even after you configure your users with the permissions that they need, your users might not have access to certain features in Team Foundation Server. To enable those features, you might need to Change access levels.

By default, Visual Studio Team Foundation Server creates several groups for each project, and each group has its own level of permissions and rights for that project. You can use these default groups or create custom groups that have specific permissions. For example, you can add users to the Readers group so that they can view work items for a project but not create, modify, or delete work items. You can also allow other users to update work items but not to perform administrative tasks, such as deleting projects and publishing test results. For more information about the default user groups in Team Foundation Server, see Team Foundation Server Permissions.

If your project uses resources on SharePoint Products and Reporting Services, you must add users who require those resources to groups that have appropriate permissions to those programs. To grant users full access to all functionality for your project, you must add them to the default groups in the following table:

Software

Readers

Contributors

Project Leads

Team Foundation Server

Readers

Contributors

Project Administrators

SharePoint Products

Visitors

Members

Owners

SQL Server Reporting Services

Browser

Browser

Team Foundation Content Manager

Tip

Unlike Team Foundation Server and SharePoint Foundation 2010, SQL Server Reporting Services does not distinguish between projects. Therefore, if you add a group to Reporting Services, that group will have the same permissions for reports across all the projects in the collection, regardless of their permissions in individual projects. Keep this in mind when choosing what groups to add.

For information about how to set permissions for administrators in Team Foundation, see Set Administrator Permissions for Team Project Collections and Set Administrator Permissions for Team Foundation Server.

Required permissions

To perform these procedures, you must be a member of the following groups:

  • the Project Administrators group or your Edit Server-Level Information permission must be set to Allow in Team Foundation Server

  • the Site Administrators group or Site Collection Administrators group in SharePoint Products

  • Content Managers group or the Project Content Managers group in SQL Server Reporting Services

  • To verify or change a user's membership in a licensing group, you must be a member of the Team Foundation Server Administrators group.

For more information about permissions, see Team Foundation Server Permissions.

To add users or groups in Team Foundation Server

  1. In Team Explorer, open the team project to which you want to add users, and then choose Settings.

    The Settings menu appears.

  2. In the Settings menu, in Team Project, choose Group Membership.

    Team Web Access opens in the administration context for the team project, on the security tab.

  3. On the groups tab, choose one of the following:

    • To add users who will require minimal access to the project, choose Readers.

    • To add users who will contribute fully to this project, choose Contributors.

    • To add users who will act as project leads, choose Project Administrators.

    Once you have chosen one of those groups, on the members tab, choose Add, and then choose Add user.

    The ADD A WINDOWS USER OR GROUP window opens.

  4. In Identities, specify the name of the user or group you want to add.

    Tip

    The first time you add a user or group to Team Foundation Server, you cannot browse to it or check the name. After the identity has been added anywhere in Team Foundation Server, you will be able to use those functions to quickly find the name.

  5. When you have finished adding the groups or users you want to add, choose Save Changes.

  6. Depending on the user, you might want to customize their permissions for other functionality in the project, such as areas and iterations or shared queries. You can also control access to projects, version control, build, and work items; learn how in Restrict access in TFS.

To add users or groups in SharePoint Foundation 2010

  1. In Team Explorer, on the Team menu, choose Show Project Portal.

    The portal for the team project opens in a separate window.

    Tip

    If your deployment uses a different version of SharePoint Products, consult the guidance for your version to get the current steps for managing users in SharePoint.

  2. Choose Site Actions, and then choose Site Permissions.

    The browser window changes to Permissions Tools.

  3. Choose Grant Permissions.

    The Grant Permissions window opens.

  4. In Users/Groups, specify the name of the group that you want to add. In Grant Permissions, choose Grant users permission directly, and then select one of the following check boxes:

    • To add users who will require minimal access to the project, select the Readers check box.

    • To add users who will contribute fully to this project, select the Contributors check box.

    • To add users who will act as project leads, select the Full Control check box.

  5. When you have finished adding the groups or users you want to add, choose OK.

To add users or groups in SQL Server Reporting Services

  1. Open Internet Explorer or another browser compatible with Reporting Services administration.

  2. Type the following into the address bar, where ReportServer represents the name of the server that is running SQL Server Reporting Services:

    http://ReportServer/Reports/Pages/Folder.aspx

  3. On the Home page, choose Folder Settings.

  4. On the Security page, choose New Role Assignment.

  5. On the New Role Assignment page, in Group or use name, specify the name of the group you want to add, and then select one of the following check boxes:

    • To add users who can act as readers of or contributors to the project, select the Browsers check box.

    • To add users who will act as project leads, select the Team Foundation Content Manager check box.

    Once you have finished adding the user or group and selected the appropriate check box, choose OK.

To verify features available for a user

  1. Open Team Web Access in administration mode, and choose Control Panel to navigate to the top-level administration context.

  2. Choose the web access tab.

  3. In Web Access Permissions, choose the name of each license group in turn, and review the following information:

    1. Which licensing group is set as the default group for the deployment. That group name will be followed by (Default). This is the group that all users of your deployment of Team Foundation Server will be assigned to by default.

      Tip

      The default group is set to Standard.

  4. Whether the user for whom you are determining licensing levels is a member of a different licensing group than the default group. If so, review the description of the features of that licensing group to better understand what features are and are not available to that user.

  5. To review the licensing group membership of all users in the deployment at once, choose Export Audit Log. The membership information will be exported to a comma-delimited file. Save or open the file.

    For more information about licensing levels and the features available in Team Foundation Server, see the Team Foundation Server Licensing White Paper.

See Also

Tasks

Set Administrator Permissions for Team Foundation Server

Set Administrator Permissions for Team Project Collections

Concepts

Team Foundation Server Permissions

Team Foundation Server Default Groups, Permissions, and Roles

Configuring Users, Groups, and Permissions

Other Resources

Server-Level Groups