Add AD/Azure AD users or groups to a built-in security group
Azure DevOps Services | Azure DevOps Server 2020 | Azure DevOps Server 2019 | TFS 2018
As described in About security, authentication, and authorization, there are two main types of built-in security groups: project-level and collection-level. In general, you add users and groups to a project-level group such as Contributors and Readers. For users that need to administrate select features and functions, add them or associated groups to the Build Administrators or Project Administrators groups.
Review Default permissions and access to gain insight into the default permissions provided to the built-in, project-level security groups.
Learn how to do the following task:
- Add an Azure AD user or group to a built-in security group
Learn how to do the following task:
- Add an Active Directory user or group to a built-in security group
The method for adding a user or group to a built-in security group is the same, no matter at what level you add them.
Note
If the Limit user visibility and collaboration to specific projects preview feature is enabled for the organization, users added to the Project-Scoped Users group won't be able to access projects that they haven't been added to. To learn more, see Manage your organization, Limit user visibility for projects and more.
Add Azure AD user or group to a built-in security group
Important
If you're adding a user to Azure DevOps for the first time, see Add users for Azure DevOps. To manage the permissions of an Azure AD group in Azure DevOps, you must first add the Azure AD group to a built-in security group. Once you complete this task, you can then manage your Azure AD group permissions throughout Azure DevOps.
Note
To enable the new user interface for the Project Permissions Settings Page, see Enable preview features.
Open the web portal and choose the project where you want to add users or groups. To choose another project, see Switch project, repository, team.
Choose Project settings, and then Permissions.
Open Security and under the Groups section, choose one of the following actions:
- To add users who require read-only access to the project, choose Readers.
- To add users who need to contribute fully to the project or who have been granted Stakeholder access, choose Contributors.
- For users who need to administrate the project, choose Project Administrators.
Next, choose the Members tab.
Here we choose the Contributors group.
By default, the default team group and all other teams you add to the project are included as members of the Contributors group. So, you can choose to add a new user as a member of a team instead, and the user would automatically inherit Contributor permissions.
Choose
Add to add a user or a user group.Enter the name of the user into the text box. You can enter several identities into the text box, separated by commas. The system automatically searches for matches. Choose the match(es) that meets your choice.
Note
The first time you add a user or group, you can't browse to it or check the friendly name. After the identity has been added, you can just enter the friendly name.
Add an Active Directory user or group to a built-in security group
Open the web portal and choose the project where you want to add users or groups. To choose another project, see Switch project, repository, team.
Choose Project Settings, and then Security.
Open Security and under the Groups section, choose one of the following actions:
- To add users who require read-only access to the project, choose Readers.
- To add users who need to contribute fully to the project or who have been granted Stakeholder access, choose Contributors.
- For users who need to administrate the project, choose Project Administrators.
Next, choose the Members tab.
Here we choose the Contributors group.
By default, the default team group and all other teams you add to the project are included as members of the Contributors group. So, you can choose to add a new user as a member of a team instead, and the user would automatically inherit Contributor permissions.
Choose
Add to add a user or a user group.Enter the name of the user into the text box. You can enter several identities into the text box, separated by commas. The system automatically searches for matches. Choose the match(es) that meets your choice.
Note
The first time you add a user or group, you can't browse to it or check the friendly name. After the identity has been added, you can just enter the friendly name.
Open the web portal and choose the project where you want to add users or groups. To choose another project, see Switch project, repository, team.
Choose the
gear icon to open Project Settings.
Open Security and under the Groups section, choose one of the following actions:
- To add users who require read-only access to the project, choose Readers.
- To add users who need to contribute fully to the project or who have been granted Stakeholder access, choose Contributors.
- For users who need to administrate the project, choose Project Administrators.
Next, choose the Members tab.
Here we choose the Contributors group.
By default, the default team group and all other teams you add to the project are included as members of the Contributors group. So, you can choose to add a new user as a member of a team instead, and the user automatically inherits Contributor permissions.
Choose
Add to add a user or a user group.Enter the name of the user into the text box. You can enter several identities into the text box, separated by commas. The system automatically searches for matches. Choose the match(es) that meets your choice.
Note
The first time you add a user or group, you can't browse to it or check the friendly name. After the identity has been added, you can just enter the friendly name.
Next steps
Related articles
الملاحظات
إرسال الملاحظات وعرضها المتعلقة بـ