TFS 2010: Add to security groups from outside of the current domain

If you’re a SharePoint developer like me, chances are that the dev server you’re working on is joined to a different domain from your corporate identity. Now this makes it tricky to add users to your TFS Security Groups from inside of Visual Studio as you can’t browse the AD users on your corporate domain

Thankfully there is a handy command line tool that you can use called TFSSecurity.exe, by default you can find it in C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE

What you need to run is:

TFSSecurity.exe /collection:http://<serverUri&gt;:<port>/<virtualDirectory>/<collectionName>/g+ “[<projectName>]\<group>” n:”<DOMAIN>\<user>”

Replace everything in angle brackets with the values that match your environment. As a rule of thumb for default install the virtual directory is tfs, the port is 8080 and the collection is default. So to add INTERGEN\Gavinb to project Awesome as a contributor the command looks like this:

TFSSecurity.exe /collection:http://tfsserver:8080/tfs/default /g+ “[Awesome]\Contributors” n:”INTERGEN\gavinb”

This entry was posted in Security, TFS, Visual Studio. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.