The "User Management" section of the "Configuration" tab allows you to assign specific roles to your Timetracker users. The "User Management" section features two panels:
- The left "Users" panel lists all valid users in your Team Services account, with a "Search" text field at the top.
- The right "Roles" panel displays the various "Roles" with access descriptions of the Timetracker tabs/pages that are accessible to each role.
Important: When you select a user in the left panel and then click on a corresponding "Role" in the right panel, the role that you assign to that user is immediately effective without having to "save" anything.
Note: The screenshots in this article depict Timetracker for VSTS. Timetracker for TFS has an additional "License" section that doesn't exist in the cloud-based Timetracker for VSTS extension. 7pace does not handle the licensing or Marketplace for VSTS; everything is done by Microsoft.
Understanding User Roles
Below are are a few things to keep in mind when assigning permissions/user roles to your team members:
- Assignment of user roles determines the information and pages accessible to the user.
- All users who have access to 7pace Timetracker can create time records.
- Users have full control over their time tracking.
- If a time record has been added by someone on behalf of a user (e.g. by a manager for a developer), both the manager and developer can alter that record the first time, however, as soon as the developer makes any changes, it can be altered only by that developer going forward. Not even an administrator can change it at that point.
- A user assigned the "NONE" role has no access to 7pace Timetracker.
- Changes made on TFS' own time management field "Remaining Time" are not restricted by Timetracker, even if these fields are set to be under the control of Timetracker.
Below, you will find each role on the "User Management" page defined in greater detail:
The "Default" role is automatically assigned to all new users of Timetracker with a Team Services account until you change it to another role on the "User Management" page.
As an admin, if you decide to change the role/permissions of the "Default" role, all users assigned to that role inherit those permissions immediately. See "Setting the Default Role", below, for more information.
The "Team" role is assigned to users who should only have access to the "Monthly", "Timesheet", and the "Times Explorer" (Personal Data Only) pages.
|Product||The "Product" role is assigned to users who should only have access to the "Monthly", "Timesheet", "Times Explorer" and "Iterations" pages. Users belonging to this role can use all the features on these pages, except the assignment of budgets.|
|Budget||The "Budget" role is assigned to users who should only have access to the "Monthly", "Timesheet", "Times Explorer", "Iterations" and "Budgets" pages.|
|Administrator||The "Administrator" role is assigned to users who should have unlimited access to and permissions in Timetracker.|
|None||You can use this role to restrict access to Timetracker for certain users.|
Setting the "Default" Role
As an administrator, you can select the "Default" role that is automatically assigned to new users of Timetracker. You can choose any one of the "Roles" on the "User Management" page to be the "Default". Simply click on the "Set Default Role" link, highlighted in yellow on the screen shot, below, and the "Roles" panel to the right refreshes. Click the role in the right panel that best suits the desired permission level for your "Default" role. As a friendly reminder, if you change the role/permissions of your "Default" role (to give more or less access), all users assigned to the "Default" role, now or in the future, will instantaneously inherit those new permissions.
All Timetracker users, including TFS Administrators, must be set with the appropriate role to properly access Timetracker. The first person on a team to download and access Timetracker, is assigned the the admin role by the system. You can then access the "Configuration" tab and assign appropriate roles for all of your team members in the "User Management" section.
Important: You must set at least one user with an Administrator role. Timetracker displays an error message when you try to change the role of the last administrator, except when all administrator users associated with your account are directly removed from Active Directory.
Accidentally Deleting All Timetracker Administrators
Timetracker supports the active directory configuration, therefore, it is possible that you could potentially delete certain users from Active Directory who are actually Timetracker administrators. We strongly recommend that there be at least one user in Timetracker with an administrator role.
Caution: If you accidentally delete all administrator users or you do not have access to the Timetracker administrator account, you cannot perform any administrator functions in Timetracker. The only way to get back your administrator role and the permissions associated with it is to contact the 7pace Timetracker support team (see Help and Support: How to Get It, Where to Find It).