Condividi tramite


To RBS or Not to RBS?

There can be confusion among those deploying Project Server about if they need to define and use an RBS as part of their security structure. There is lots of information and a lot of opinions. Here is more information and one more opinion. Hopefully one that rings true in your experience.

When you Need RBS

In my experience the use of an RBS is only needed if you need to limit access to project or resource data based on some kind of structure. This structure is almost always an organizational structure.

  • Organization 1
    • 1.1
      • 1.1.1
      • 1.1.2
    • 1.2
      • 1.2.1
  • Organization 2
    • 2.1
      • 2.1.1
    • 2.2
      • 2.2.1

For example if you need to make sure that a Project Server user who sits at 1.2 on the org structure can ONLY see Projects that are managed by or worked on by users at or below 1.2 or a user who sits at Organization 2 cannot see Projects inside Organization 1 then you need to have an RBS in place.

When you Don’t Need RBS

If your security needs are based on role rather than on organization then your don’t need RBS. An example of this is when Project Managers need Write access to their own projects and read access to all other projects and other roles such as managers need read access to all projects. So if the organization a user is in does not have a direct impact on the projects or resources they can see then you don’t need an RBS.

 

For sure there are shades of several colors here but this is the gist. I look forward to your comments.