堆栈内存溢出
  简体   繁体   English

无法使用Azure AD组授予VSTS项目访问权限

[英]Unable to grant VSTS project access using Azure AD Groups

 原文  2017-01-05 10:17:13       azure/ active-directory/ azure-devops

问题描述

I have our VSTS set up so that people log in using our Azure AD credentials and this works fine. 我已经设置了VSTS,以便人们使用我们的Azure AD凭据登录,并且工作正常。

What I can't get working is the ability to grant access to projects using an Azure AD group. 我无法使用的是使用Azure AD组授予对项目的访问权限的功能。

Here's what I have done: 这是我所做的:

  • I have created the group (called Developers ) and added all the team members. 我创建了小组(称为Developers )并添加了所有团队成员。
  • I have added the Developers group (called [TEAM FOUNDATION]\\Developers in the autocomplete pick list) to the default project team. 我已经将Developers组(在自动完成选择列表中称为[TEAM FOUNDATION]\\Developers )添加到默认项目团队。
  • The team members card shows that I have 10 team members and shows 9 of them. 团队成员卡片显示我有10位团队成员,并显示其中9位。
  • If I click View all link on this card, the only entry is shows is the Developers group which has the Username Or Scope listed as the name of our Azure AD. 如果单击“ 查看此卡上的所有链接”,则唯一显示的条目是“ Developers组,其中已将“ 用户名或范围”列为我们的Azure AD的名称。 If I click on this group and view the members of the group it shows the 10 people I want to add to the project. 如果我单击该组并查看该组的成员,则会显示我要添加到项目中的10个人。

As far as I can see from the above it should work but it doesn't. 据我从上面看到的,它应该工作,但是没有。 The users are not able to see the project in Visual Studio Team Explorer or in the Visual Studio Team Services web application. 用户无法在Visual Studio Team ExplorerVisual Studio Team Services Web应用程序中看到该项目。

Is there anything that I have missed? 有什么我想念的吗?

2 个解决方案

解决方案1
 0  2017-01-06 05:10:33

You also need to add users to team project(s) in order to they can see corresponding team projects. 您还需要将用户添加到团队项目中,以便他们可以看到相应的团队项目。

  1. Go to a team project admin page (Click Settings Icon) > Security 转到团队项目管理页面(单击设置图标)>安全性
  2. Add that group to a group (eg readers) 将该群组添加到群组中(例如,读者)

Regarding Team Services with Azure AD groups, you can refer to this article: Team Services: Access with Azure Active Directory (Azure AD) groups 关于带有Azure AD组的Team Services,您可以参考本文:团队服务: 使用Azure Active Directory(Azure AD)组的访问

解决方案2
 0 已采纳  2017-01-06 13:39:20

It seems to be an issue of timing: 这似乎是时间问题:

On one day I created the AD group and then added the AD group to the relevant VSTS groups and this half worked (ie it added the names to the team project but didn't allow the team to access the project) 有一天,我创建了广告组,然后将广告组添加到了相关的VSTS组中,这一半工作了(即,将名称添加到了团队项目中,但是不允许团队访问该项目)

On the next day, what I'd set up on the previous day worked fully. 第二天,我在前一天设置的内容完全可以正常运行。 Also, if I removed the AD group from the VSTS groups then access was revoked and re-adding it in granted access immediately. 另外,如果我从VSTS组中删除了AD组,则访问将被撤消,并立即将其重新添加到授予的访问中。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 授予访问权限以使用Azure AD登录 - Grant access to login using Azure AD Azure SQL 使用 PowerShell 和 ServicePrincipal 为 AD 用户授予访问权限 - Azure SQL Grant Access for AD User using PowerShell and ServicePrincipal 从VSTS获取Azure AD访问令牌吗? - Get Azure AD access token from VSTS? 为什么在Azure AD中我的“访问授权格式不正确”? - Why is my “access grant malformed” in Azure AD? 授予Azure AD组访问SQL Server - Grant Azure AD group to access SQL Server 使用 Azure AD 角色或组来限制对某些页面的访问? - Using Azure AD Roles or Groups to restrict access to certain pages? 使用Azure Ad中的服务应用程序限制对组或单个邮箱的访问 - Limit access to groups or individual mailboxes using a service application in Azure Ad 如何使用 python 访问 Azure AD 组列表? - How to access the list of Azure AD Groups using python? 如何使用 Azure AD 访问和过滤 JWT 令牌中的组? - How to access and filter groups in JWT token using Azure AD? Azure AD使用Oauth 2“不支持访问授权authorization_code” - “The access grant authorization_code is not supported” from Azure AD using Oauth 2
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM