Complaint assignement of user licenses RRS feed

  • Question

  • Hi folks,

    I am hoping to provide clients some concrete/ "black & white" guidance regarding licenses (i.e., Essentials, Professional, Premium) that they can use in order to assign the right license to their users with confidence.  Links from Microsoft such this (Project Online Service Description), although good for describing features/ licenses for marketing purposes, etc., does not provide a clear-cut/ one-to-one guidance on which security group "permissions" settings call for which license to be used if enabled.

    What someone from Microsoft once told me was that if you assign the same security group permissions (or less) than that which are set/ enabled in the default Team Member's security group, then the Essential license will suffice (regardless of what resources, projects, and/ or views access is granted to the user because the user owns such data [which we define via the Categories]).

    However, if a user is assigned the same security group permissions found in the default Project Manger's security group permissions (i.e., the default Project Manager's global permissions and it's respective "My Project" category permissions [or less]) then the Professional license is required. 

    If a user has permissions enabled that amount to more than these default permissions provided by the default Project Mangers security group, then the users will need a Premium license.

    Do you folks agree that what I have outlined above is correct, and more importantly, does it respect and is it compliant with the user license agreement for these 3 license types?  Or, is there such a document that already exists from Microsoft that I have yet to find that essentially and clearly outlines what I have tried to described above with regards to which permission settings is supported by which license?

    Thanks in advance,

    \Spiro Theopoulos, Montreal, QC (Canada)

    Sunday, March 17, 2019 4:35 PM


All replies

  • Hi Spiro,

    There are no Microsoft links for this other than the service description details that you mentioned:



    As the Project Permission model is configurable you would just need to make sure you give the users the correct license based on the 2 links above.


    Paul Mather | Twitter | http://pwmather.wordpress.com | CPS | MVP | Downloads

    Sunday, March 17, 2019 7:34 PM
  • Yes, permissions are configurable.

    The features listed in theses URLs are not clear-cut though in that they are not mapped to a level of detail that can help, eg., to provide a one-to-one mapping with respect to the security permissions.  Eg. some features require one or more options to be selected in order to enable it, etc. 

    Someone who may be attempting to embark on a Project implementation for the first time, or is looking for guidance in this regard does not have such a straight forward checklist.  Ultimately the features outlined in these URLs do or should map to some set of security permission options.  Agreed?  I think what I tried to outlined should be consistent and useable/ workable.  Would you agree?

    \Spiro Theopoulos, Montreal, QC (Canada)

    Sunday, March 17, 2019 7:55 PM
  • Hi Spiro, I globally agree with your comment.

    Indeed this is a hard job to have a clear view of the licensing model versus the security model. As far as I know, there is no place (neither by MS or on consultant blogs) with the correspondance between permissions and licence level required. This would be a consequent job and maybe one of us will start soon.

    But basically it can be simplied like this:

    1. ESSENTIAL licence is for team members and only allows accessing the web application and basic features: timesheets, tasks, assignments, sharepoint sites, etc...
    2. PREMIUM licence is required for administrators (MS Project, PWA, PowerBI) and advanced features (portfolio, resource engagements creation/update).
    3. PROFESSIONAL licence for all the rest.

    Hope this helps,

    Guillaume Rouyre, MBA, MVP, P-Seller

    Monday, March 18, 2019 2:03 PM
  • Hi Guillaume,

    Thanks to you and Paul for contributing here.

    I agree that this is the only documentation that is available and that we have to live with it for now. What I maintain and feel that is missing is a good map between what these licenses just "say" which features you can use, and what it takes to actually enable that functionality with the actual security permissions settings. 

    The documents for providing guidance on licenses that are being referred to here are vague, especially when not all the "target users" are listed; only Team Members, Project Mangers, Portfolio and Resource Managers are listed as "Target Users"; e.g., the default Team Leaders is not there, so where does that fit in terms of license type?

    I would think/ say that for :

    #2. PREMIUM, this particular license, I would "think" (maybe I am wrong; so do correct me if so), is more than just for those who are assigned to, e.g., the "default" Administrator security group (i.e., all permissions/ features).  PREMIUM, I would think, is also intended for those who are assigned the default Resource Manger,  Portfolio Manger and Portfolio Viewer security groups.  And I would have to say that the default Team Leader security group calls for PREMIUM, because it has permissions that the default Team Member does not have and is not configured to use Project Professional.  Make sense?

    #3 PROFESSIONAL, I would say is for those who have the equivalent default Project Manger security permissions.

    This URL, even though it refers to the 2013 (which is close enough for our discussion), we can easily see and compare the different default security profiles to see what they give permissions to: https://docs.microsoft.com/en-us/project/default-group-permissions-in-project-server-2013

    Ideally, what I would like or expect to see is a list of all the permissions and if you set/ use this, then you need Essentials, if you set/ use that you need Professional, and if you set/ use that you need Premium.

    forgive me... Maybe I am too much of a dreamer : (


    \Spiro Theopoulos, Montreal, QC (Canada)

    Monday, March 18, 2019 5:25 PM
  • Hi Spiro,

    Your description is quite good. I would add that PREMIUM is required for resource managers only if you use the resource engagement feature.

    The list you're dreaming of indeed doesn't exist. I guess this is too much work and in addition to the group permissions, you have to consider category permissions also. I also believe that the security model is meant to be simplified in the coming year, so it might be a wast of time to work on such a list.

    Hope this helps,

    Guillaume Rouyre, MBA, MVP, P-Seller

    Wednesday, March 20, 2019 4:11 PM