How to customize permissions
I am trying to find a way to restrict the permissions a team of users has in my Azure Board in order for them to only be able to: Create new work items Write comments in the discussion Add/delete attachments I want no moving of the cards/rank stack, no assigning, no creating tags, etc. This group right now has Stakeholder access but I usually find them moving cards between swimlanes (even if by mistake) which messes up the rules and automations in place. I've tried some different permissions but can't get to the needed level of restriction. Is there a way to do this? Thank you.
Set permissions for sub team boards
I have sub teams in my project for different projects. I want to be able to invite users to these sub teams and have restricted permissions in these teams: - Be able to create a work item - Unable to edit fields or change state - Be able to use discussion Is this possible please? Many thanks in advanceAzure Virtual Desktop in the "cloud only" variant and what to look for after initial deployment!
Dear Azure Virtual Desktop friends, Imagine the following Szeanrio. You have decided to build Azure Virtual Desktop in the cloud only variant. With all the pros and cons. You have decided to set up a first test environment. Of course, all necessary licenses are also available! The provisioning of resources in Azure is done. For the DAG (Desktop Application Group), you have added a group from Azure Active Directory. There are two persons in this group. You start the Remote Desktop Client and log in as a user who exists in this group (as seen before). Double click on SessionDesktop and you will get an error message. Sorry, this is in German! The login attempt has failed! Why does the connection not work? The group has been added to the DAG what is still missing? What is missing now are the infrastructure permissions. What is not quite obvious, but unfortunately often forgotten. But one after the other. 1. If the host you are using to connect is not Azure AD Joined in the same tenant, the Advanced RDP settings must be extended. With the following value: targetisaadjoined:i:1 Next, other permissions need to be set up. I like to use the resources group for this. You can of course also set this up on the subscription. The following permissions are required: Desktop Virtualization Application Group Reader and Virtual Machine User Login Now back to the Remote Desktop Client and voila, the connection to the session host is now working. I hope this information helps you and you can successfully build an Azure Virtual Desktop "cloud only" infrastructure. The example here is of course not a finished setup, there are still apps, profiles, etc. missing. But it should help you get started. Thank you for taking the time to read the article. Best regards, Tom Wechsler P.S. All scripts (#PowerShell, Azure CLI, #Terraform, #ARM) that I use can be found on github! https://github.com/tomwechsler
Set permissions by team / board
Hello, I currently have 4 different teams and 4 boards (1 for each team) in one Azure DevOps project. Currently, I am able to access all four boards, despite being on 1 team. Is there a way to configure permissions so that I can only see the boards that belong to teams I'm on? Thanks, Al
