index > Team Foundation Server - Administration > Help needed to resolve a Windows Group/User when trying to add th...

Help needed to resolve a Windows Group/User when trying to add th...

Hello All,

When I try to add a Group or User from the domain, I get an error message that Team Foundation Server can't resolve the group or user name. The Virtual Server where the Team Foundation server resides, is on the domain so I am not sure where I need to make a change.

Thanks in advance :)

Bob Hanson

BobH

I did find the Thread regarding Re: Add Users to Global Group AND/OR Porject level groups CAN NOT find DOMAIN outside build server

BobH

I believe that the necessary Active Directory permission is "Read". In a Domain Controller/DNS machine I've been using for some of my local testing, the Domain Users group has the following effective permissions. My service account is only in this group:

Read
Create All Child Objects
Delete All Child Objects
Send To
Read Phone and Mail Options
Write Phone and Mail Options

The two "Child Objects" permissions are so my domain users can add and remove machines from the domain. The rest of the permissions were set for Domain Users by default when I created the DC/DNS.

Hope this helps-

Cheers,
Adam

This posting is provided "AS IS" with no warranties, and confers no rights.

Adam Singer MSFT

Adam is correct that the required permission is read. The App Tier Service user needs to be able to read the active directory user/group object for every user and group referenced by TFS. The place where this often causes problems in when a one way trust is involved. If the Service user is not able to read AD objects in one of the domains, you will not be able to add users and groups from that domain.

--Matt Hoover

Matthew Hoover - MSFT

reply 4

You can use google to search for other answers

More Articles

·Symbolic name does not apply everywhere

·Project Alert doesn't work after office is isntalled

·Where do the web parts like Remaining Work come from?

·Adding a node to the Team Explorer

·Project Portal bug? Cannot get Discussions onto Quick Launch Bar

·permissions to users in VSTS

·The first window before to create the project

·Adding web part on Home page Team foundation sever

·Manage projects on Team System

Welcome to Bokebb New Update Joins the collection

New Articles

·Team foundation Server
·disk space
·Problems when moving from Beta3 refresh ��
·Removing project files from source contr��
·Contributors can edit TFS Project Group ��
·permission problem ..
·Adding Web Parts to WSS Project Portal
·GroupsandPermissions - I could have sworn
·Work Item Entry from Project Portal
·MS Project file in Sharepoint marked as ��
·Unable to connect to Team Foudation Serv��
·view tasks from team explorer at the pro��
·Retrieving everyone group members
·Why there're always errors on "Repo��
·How to record the process of examini��

Hot Articles

·SQL Maintenance on TFS
·Team foundation Server
·TFS authentication issue after server is��
·Symbolic name does not apply everywhere
·Team Server security and VPN
·Project Portal Sharepoint Search is slow
·Migrate Team System Data Base
·Renames my projects
·Tfs 31001
·Security behaving strange when adding us��
·Changes in behavior of the DomainProject��
·Contributors can edit TFS Project Group ��
·Sharepoint project lost
·Where i can see about what TFS Version i��
·Problem running TFSDeleteProejct

Recommend Articles

·TF53011 But not after een upgrade to wor��
·Setting up Web Site on Different Server
·Failed to create team project
·about project alert
·Converting tasks from one project to ano��
·Add/Change graphic on Project Portal
·Proxy only connection
·Two dialogs for users management in Team��
·Migrate to another server
·RESTORING TFS FROM A BOX ON ONE DOMAIN T��
·How to Export Team Project
·Event log error
·Help needed to resolve a Windows Group/U��
·TF31002 unable to connect on 2 different��
·tfssecurity syntax question