Setting Up and Managing Azure DevOps Organizations

Setting up an Azure DevOps organization is a straightforward process that can be completed in a few clicks. You can create a new organization by going to the Azure DevOps website and clicking on the "Start free" button.

To create a new organization, you'll need to provide a name and a description, as well as choose a pricing tier. The free tier is a great option for small teams and individual developers.

The free tier includes unlimited private repositories, as well as 1,000 build minutes per user per month. This is a great option for teams that need to collaborate on projects but don't require a lot of advanced features.

Once you've created your organization, you can start setting up your teams and projects. This will involve creating new teams and assigning users to them, as well as creating new projects and assigning teams to them.

An organization in Azure DevOps is a mechanism for organizing and connecting groups of related projects.

You can choose one organization for your entire company, one organization for yourself, or separate organizations for specific business units.

Each organization gets its own free tier of services, including unlimited private Git repos.

Here's a breakdown of the free tier services for each organization:

To create a project, consider the specific strategic work scoped to one of the organizations you created previously and who needs access.

You can use this information to name and create a project, which has a URL defined under the organization you created it in.

To configure an organization in Azure DevOps, you may encounter some issues. The user may not be found for one of the following reasons: The user isn't in your organization, or the user doesn't have organization access. You can add a user to your organization to resolve this issue.

As a Project Collection Administrator, you have the necessary permissions to configure an organization. If you're not sure if you have the correct permissions, check with your organization's administrator.

If you recently added a person to your organization, it may take some time for them to appear in the possible organization owners list. Be patient and try again later.

If your organization uses Microsoft Entra ID to control access, directory members won't appear in the possible organization owners list until they meet the requirements. Check the Access Microsoft Entra FAQs for more information.

To create a new organization, you'll need to select the "Create New Organization" option. This will take you through the process of creating a new organization, including setting up Azure Active Directory.

When planning your Azure DevOps organization structure, consider the number of organizations, projects, and teams you need to create. You may want to plan for different scenarios, such as a single organization with many projects and teams or multiple organizations for separate business units.

You can create a team for each distinct product or feature team, and each team owns its own backlog. A team group gets created when you create a team, and you can use this group in queries or to set permissions for your team.

To map organizations to business units, create a separate organization for each business unit within your company, along with its own Microsoft Entra tenant. For example, Fabrikam created three organizations: Fabrikam-Marketing, Fabrikam-Engineering, and Fabrikam-Sales, each with its own URL.

You can use the following table to plan your organization structure:

Remember, you don't need to separate organizations unless it makes sense to your business. You can more easily partition an existing organization with projects than combine different organizations.

When planning your Azure DevOps org structure, it's essential to consider your business structure as a guide. This will help you create the right number of organizations, projects, and teams.

You should have at least one organization, which may represent your company or a larger collection of code projects. Within an organization, you can choose to create a single project with many repos and teams or multiple projects with their own set of teams, repos, builds, work items, and other elements.

To create a team for each distinct product or feature team, you'll need to create a new team for each backlog. This will help program owners track progress across teams and manage portfolios more easily.

You can map your organizations and projects in Azure DevOps to your enterprise, business unit, and team structure. For example, if you have multiple business units, you can create separate organizations for each one, such as Fabrikam-Marketing, Fabrikam-Engineering, and Fabrikam-Sales.

Here are some key factors to consider when deciding whether to have one or many repos within a project:

By considering these factors and your business structure, you can create an org structure that works for your organization and helps you achieve your goals.

In Azure Repos, you have two main options for version control systems: Git and Team Foundation Version Control (TFVC). Git is the default choice for new projects, offering a high degree of flexibility in developer workflows and seamless integration with various tools.

Git enables teams to have multiple repositories within a project, with no limit on the number of Git repos that can be added. This flexibility is a significant advantage for projects with complex codebases or multiple products and services.

TFVC, on the other hand, is a centralized version control system that allows only one repository per project. However, within that repository, folders and branches can be used to organize code for multiple products and services.

Teams can choose to use both Git and TFVC, depending on their specific needs. This flexibility is especially useful for projects that require a mix of centralized and decentralized version control.

Data Storage and Security is a top priority for Azure DevOps organizations. Azure DevOps storage features ensure your data is available in case of hardware failure, service disruption, or datacenter disasters.

Your code and project data is protected from accidental or malicious deletion. We follow industry best practices to safeguard your data.

All communication between your computer and the service takes place over an encrypted HTTPS connection. This provides an added layer of security for your sensitive information.

Authentication for Azure DevOps organizations defaults to Microsoft accounts, which means you'll need to log in to your own Microsoft account to configure account-level security controls.

An Active Directory organization is automatically created for users when they first log on, which you can connect to your organization to support more advanced login restrictions.

Permissions in Azure are determined by both the access level and security group assigned to a user.

If the owner of your organization is no longer active, Azure DevOps Administrators can claim ownership of the organization. They can do this if the current owner and any members of the Project Collection Administrators group are inactive in the Microsoft Entra tenant connected to your organization.

You can change the organization owner if you're a Project Collection Administrator. This can be done in your organization settings.

Having multiple repos within a single project can be beneficial if the products or services work on a coordinated release schedule. This setup ensures shared and consistent processes, making it easier to manage repo access.

Developers frequently working with multiple repos should keep them in a single project for shared access controls and settings. Access controls, case enforcement, and max file size get set at the project level, making management easier.

If products stored in multiple repos work on independent schedules or processes, consider splitting them into multiple projects. Git repo portability makes it easy to move a repo between projects while keeping the full-fidelity commit history.

Here are some factors to consider when deciding between one vs. many repos:

Using a shared repo within a trusted organization is recommended, as it allows developers to use branches for isolation. With a good branching and release strategy, a single repo can scale to support concurrent development for over a thousand developers.

You can select whether a newly added user to your organization will be granted Basic or Stakeholder permissions. The Basic and higher access levels support full access to all Azure Boards features.

Stakeholder access provides partial support to select features, allowing users to view and modify work items without having access to all other features. Stakeholder access is available to support free access to a limited set of features by an unlimited number of stakeholders.

You can configure project permissions, including General, Boards, Analytics, and Test Plans, each section controlling the relative permissions. Permissions are divided into these sections, allowing you to edit the permissions of a user or group of users.

To configure permissions, navigate to the Permissions menu item under the General section. From there, you can find the security groups discussed in the previous section and edit the permissions of a user or group of users.

Azure DevOps storage features help make sure that your data is available in case of hardware failure, service disruption, or datacenter disasters. This means your data is protected from accidental or malicious deletion.

You should always have enabled the policy that prohibits any code changes without first undergoing a review. This policy ensures that every piece of code committed to the main branch is reviewed by at least one other developer.

Reviewing audit events is an essential part of maintaining the security and integrity of your Azure DevOps organization.

You can access audit events within your organization settings. This is where you'll find a record of all activities that have taken place within your organization.

Periodically reviewing these events is crucial to ensure there are no anomalous or suspicious activities. This will help you catch any potential security threats early on.

Visibility and settings are crucial for managing your Azure DevOps organization. You can control project visibility by setting it to public or private through the project settings.

To set project visibility, navigate to the project settings via the Overview menu item under the General section. Here, you can choose between public and private visibility.

You can also disable public projects across the entire organization by navigating to the Organization Settings and toggling the "Allow public projects" button to "Off" in the Policies section under Security. This will disable support for all projects across the organization.

To create an Azure DevOps organization, you'll need to choose your organization administrator account type. This will determine which identity provider your organization uses.

You can create your organization with a Microsoft account or Microsoft Entra instance. You'll sign in with those credentials to access your new organization at dev.azure.com/{YourOrganization}.

Creating a Microsoft account is free and doesn't require a credit card or debit card. You can sign up for a Microsoft account to get started with Azure DevOps.

To create a new organization, select "Create New Organization" on the registration page. You can also rename your organization name if you'd like, but the default value will work just fine.

On the Organization Settings page, navigate to the General section and select Azure Active Directory. This will allow you to connect your Azure AD with your DevOps organization.

To connect your Azure AD, select "Connect Directory" on the Azure Active Directory page. Then, choose the default directory from the drop-down list and click "Connect".