Work Item Only View Users cannot create work items


  • So, I've found numerous articles about this, but none that seem to resolve the particular issue I'm having. I have a project collection in TFS 2010, that I would like to allow non-cal users to submit work items to. I've placed some accounts in the Server Group "[Team Foundation]Work Item Only View Users". After that step, if I attempt to go to Team Foundation Web Access URL, it complains about them not being able to see the information necessary to see the individual team projects. I then found this article, which instructed me to add the "[Team Foundation]Work Item Only View Users" group to the Team Project Contributors Group. After I do that, when the user visits the Team Foundation Web Access URL, they are able to connect to a team project, and view work items (which is naturally empty since they haven't entered any). The issue is, they can't see the create new work item button.

    Full Disclosure, I had to migrate and restore this Team Project Collection because it was not properly deactivated, one of the things I noticed, is that the existing team projects were missing certain groups that come by default, like the Team Project Contributors Group. I recreated the group by making a test Team Project, opening the Team Project Contributors Group and checking the same boxes.

    Any thoughts on some ways to go about troubleshooting this? Any SQL Queries or TFSSecurity commands that might cut to the heart of this issue?

    01 Mei 2012 16:48

Semua Balasan

  • Hi nickpeterson,

    Thank you for your post.

    By default, Work Item Only View group is server level group, it is one member of Team Foundation Valid Users group. Besed on the team project collection missing certain groups for properly deactivated, i suggest try to edit the group membership and permission refering to the default settings.

    Is there any event log relate to this issue?

    Best regards,

    Lily Wu [MSFT]
    MSDN Community Support | Feedback to us

    02 Mei 2012 6:49
  • Thanks for the reply, I've looked at my security setup for the Work Item Only View Users and the Team Foundation Valid Users, and I've seen that they're the same. I don't see an event logged when a Work Item Only View User tries to access the Web Interface, they're simply presented with a work item screen without the button to make a new work item. Is there a specific log I should be enabling/checking (for instance, IIS, or TFS?).
    08 Mei 2012 13:33
  • Hi nickpeterson,

    To access WIOV, you must be assigned to the Work Item Only View Users group for the server that hosts the team projects and team project collections that you want to access.

    To create and modify work items that are assigned to you, you must be a member of the Contributors group or your View work items in this node and Edit work items in this node permissions must be set toAllow. For more information, see Team Foundation Server Permissions.

    Try to use TFSSecurity /imx list the user contained in which groups. If user donot just contained in WIOV group, other group's security may deny some permission.

    Lily Wu [MSFT]
    MSDN Community Support | Feedback to us

    09 Mei 2012 9:46