Microsoft Azure DevOps: Grant user in one project RW permission to Boards in another group?

0
votes

Context: I have recently been given the role as Azure Devops administrator in the small company I work in. I have no previous experience with this role, and I am currently reading through the extensive documentation on the topic.

What I've got: An azure organization with several users, groups, permissions, and projects, some of which are up to 6-7 years old. Responsibility for the organization has been passed along several times without any clear plan or consequence, and I am attempting to get an overview and clean up the structure.

What I want to do: I want to grant all users in the entire organization permission to read, comment on, tag people, and create new work items in Boards (especially backlog and sprint) in all projects, including the ones they are not a team member or user of themselves. I have tried several permission group setups, but I can't get anything to work. Suggestions are welcome.

1
azureazure-devopspermissions

1 Answers

0
votes

Sorry but I'm afraid we don't support this feature.

We can't do this if the user is not a member of the project. (Unless he's a PCA, but it's not recommended to grant users as a PCA cause it'll make much risk).

So you need to add all users to projects first to give their permisions to boards. Here are detailed steps.

  1. Create a new group Group1 in Organization Settings -> Security/Permissions. Add all users in the organization to this group.
  2. Go to Project Settings -> General/Permissions and create a new group Group2. Set the Group1 as members of Group2.
  3. Go to Project Settings -> Boards/Project configuration -> Areas. Choose the ... context menu for the node you want to manage and select Security.
  4. Search Group2 and set 'Edit work items in this node' to Allow. Note that some important permissions should be set to Deny.

This solution needs you to add groups and set permissions in projects one by one.