We are having our tech support group administer Vault. The developers are divided into teams. Tech support will setup users and grant access according to team requests. How can we get a listing of users with their repository and folder access so that we can verify that Vault is configured the way we want?
Tom
List of Users Report
Moderator: SourceGear
We would not want regular users to modify security, that of course makes no sense. There would be no point in using any kind of security.
Our shop is divided into 4 teams. Each team wants there code separate from the others. Within some teams they want some folders to be accessed by just a few developers. Each team wants to be able to verify that the tech support group administering Vault has set it up according to our needs. Since there is no way to delegate administration of individual repositories or folders we have to put it into the hands of a central group.
SQL server has something like what I was hoping for. Using enterprise manager you can modify security. Using stored procedures you can view security. This allows us to make sure that the DBAs have configured security according to user and development specifications.
Thanks for your replies
Tom
Our shop is divided into 4 teams. Each team wants there code separate from the others. Within some teams they want some folders to be accessed by just a few developers. Each team wants to be able to verify that the tech support group administering Vault has set it up according to our needs. Since there is no way to delegate administration of individual repositories or folders we have to put it into the hands of a central group.
SQL server has something like what I was hoping for. Using enterprise manager you can modify security. Using stored procedures you can view security. This allows us to make sure that the DBAs have configured security according to user and development specifications.
Thanks for your replies
Tom
Tom:
Are all 4 teams isolated from each other? No need to share files/folders? No need to retrieve files from other teams for a Get operation?
If so, I would recommend creating 4 different repositories (no folder security required), and assigning repository access to the respective users.
Then an administrator can use a simple database query to verify users have accessto their corresponding repositories.
Are all 4 teams isolated from each other? No need to share files/folders? No need to retrieve files from other teams for a Get operation?
If so, I would recommend creating 4 different repositories (no folder security required), and assigning repository access to the respective users.
Then an administrator can use a simple database query to verify users have accessto their corresponding repositories.
Jeff Clausius
SourceGear
SourceGear
Yes, the teams are separate and we have decided to create 4 repositories.
It sounds like there is no way for the teams to verify that the administrator has correctly set up security. The one situation that I am most fearful of is creating a new user. By default a new user is granted access to all repositories. It will require the administrator removing access where appropriate.
Except for standing behind the administrator from time to time and asking them to let us review their settings we would have to convince our DBA to create a view in the sgvault database to some of the tables. I don't know if that will be received very well. Anyway, I guess that's our problem now. Thanks for the responses.
Tom
It sounds like there is no way for the teams to verify that the administrator has correctly set up security. The one situation that I am most fearful of is creating a new user. By default a new user is granted access to all repositories. It will require the administrator removing access where appropriate.
Except for standing behind the administrator from time to time and asking them to let us review their settings we would have to convince our DBA to create a view in the sgvault database to some of the tables. I don't know if that will be received very well. Anyway, I guess that's our problem now. Thanks for the responses.
Tom
For verification purposes, if someone logs in, and they see only their designated repository in the Choose Repository dialog, then it is set up correctly. If they see a different repository, or do not see their designated repository, then it is set up incorrectly.Tom.Wells wrote:Yes, the teams are separate and we have decided to create 4 repositories.
It sounds like there is no way for the teams to verify that the administrator has correctly set up security.
Jeff Clausius
SourceGear
SourceGear
Yes I can verify that I am set up correctly. I can also ask everyone on my team to do the same thing. Asking all of the other team's members to do the same thing is less likely to be successful. That's why I wish I could check up on the security settings for my team's repository. I really only want to make sure that no one else from outside of my team can get to our repository.
Tom
Tom