Read and understand the Microsoft Project Server 2003 Administrator's Guide.
Security is most easily managed through security templates than any other method.
Never assign a resource to a Category without a justifiable cause.
Categories should only serve a single finite purpose.
Security Design Recommendations
Security should be established in the following order:
Set universal Allow/Deny in Server Configuration, Features.
Review the Microsoft Project security template defaults to determine the role-based name for each template.
Determine necessary roles and permissions. Review "Project Server Permissions" in Appendix C of the Microsoft Project Server 2003 Administrator's Guide, if necessary.
Define a security template for each role and assign permissions.
Define Groups using Add/Modify Group and assign permissions from the Set Permissions with Template button by selecting from the security templates previously defined. Each Group should have a predefined security template of the same name.
Assign the appropriate role-based Group to Category.
Set permissions and data restrictors for each Category.