Manage security in Project Server 2007
Updated: December 20, 2007
Topic Last Modified: 2008-04-28
Microsoft Office Project Server 2007 security is based on users and groups. Groups contain sets of users who need to access the same set of data in the same way. For example, every project manager in a particular division within your organization may need to be able to access all of the projects managed within that division and to be able to open and save those projects. You can create a group that includes all of the project managers in that division. After you create groups, you can add users and groups to security categories (including custom security categories) as a means to associate security principals (users and groups) with a specific set of security objects (projects, views, resources, and so on).
Define your groups by identifying common needs based on the areas (objects) of Project Server to which users in your organization need access. After you define your groups, you can add users to the groups and grant permissions to the groups. Permissions assigned to groups apply to all of the users that the group contains. Using groups to control access to Project Server security objects simplifies Project Server security administration. Group memberships can change frequently, but the access requirements for groups change infrequently.
Project Server users can be automatically added or removed from groups based on Active Directory group membership. This can be configured in Project Server 2007 through the Active Directory synchronization feature.
Users can belong to multiple groups according to their role in the organization and their access requirements. Several groups are created by default when Office Project Server 2007 is installed, each of which is assigned a set of predefined categories and permissions. For more information, see Manage groups in Project Server 2007.
Administrators usually assign permissions by adding a user account to one of the built-in groups or by creating a new group and assigning specific permissions to that group.
For complete lists of Project Web Access permissions, see Microsoft Office Project Server 2007 category permissions and Microsoft Office Project Server 2007 global permissions.
The following tasks for managing security in Project Server are performed on these components: