This topic has not yet been rated - Rate this topic

/g+ Command

Visual Studio 2010

Use /g+ to add a user or another group to an existing group.

Required Permissions

To use the /g+ command, you must have the View collection-level information and Edit collection-level information or the View instance-level information and Edit instance-level information permissions set to Allow, depending on whether you are using the /collection or /server parameter, respectively. For more information, see Team Foundation Server Permissions.

Copy

TFSSecurity /g+ groupIdentity memberIdentity [/collection:CollectionURL] [/server:ServerURL]

Parameters

Argument	Description
groupIdentity	Specifies the group identity. For more information on valid identity specifiers, see TFSSecurity Identity and Output Specifiers.
memberIdentity	Specifies the member identity. For more information on valid identity specifiers, see TFSSecurity Identity and Output Specifiers.
/collection :CollectionURL	Required if /server is not used. Specifies the URL of a team project collection in the following format: http://ServerName:Port/VirtualDirectoryName/CollectionName
/server :ServerURL	Required if /collection is not used. Specifies the URL of an application-tier server in the following format: http://ServerName:Port/VirtualDirectoryName

Remarks

Run this command on an application-tier server for Team Foundation.

You can also add users and groups to an existing group using Team Explorer. For more information, see Add Users to a Collection-Level Group.

Examples

The following example adds the Datum1 domain user John Peoples (Datum1\jpeoples) to the Team Foundation Administrators group.

Note
The example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious. No association with any real company, organization, product, domain name, email address, logo, person, places, or events is intended or should be inferred.

Copy

>tfssecurity /g+ "Team Foundation Administrators" n:Datum1\jpeoples ALLOW /server:http://ADatumCorporation:8080

Sample output:

Copy

TFSSecurity - Team Foundation Server Security Tool
Copyright (c) Microsoft Corporation.  All rights reserved.

The target Team Foundation Server is http://ADatumCorporation:8080/.
Resolving identity "Team Foundation Administrators"...
a [A] [INSTANCE]\Team Foundation Administrators
Resolving identity "n:Datum1\jpeoples"...
  [U] DATUM1\jpeoples (John Peoples)
Adding John Peoples to [INSTANCE]\Team Foundation Administrators...
Verifying...

SID: S-1-9-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX-0-0-0-0-1

DN:

Identity type: Team Foundation Server application group
   Group type: AdministrativeApplicationGroup
Project scope: Server scope
 Display name: [INSTANCE]\Team Foundation Administrators
  Description: Members of this group can perform all operations on the Team Foundation Application Instance.

4 member(s):
  [U] Datum1\hholt (Holly Holt)
  [U] Datum1\jpeoples (John Peoples)
  [G] BUILTIN\Administrators (BUILTIN\Administrators)
s [A] [INSTANCE]\Team Foundation Service Accounts

Member of 2 group(s):
a [A] [Collection0]\Project Collection Administrators
e [A] [INSTANCE]\Team Foundation Valid Users

Done.

Tasks

Create a Collection-Level Group

Other Resources

Changing Groups and Permissions with TFSSecurity

Project-Level Groups

Default Groups

Did you find this helpful? Yes No

Not accurate

Not enough depth

Need more code examples

(1500 characters remaining)

Community Content Add

FAQ

Does not work for AD groups

Works well for individual users or groups that have been setup at server/collection level. Doesn't work so well for AD.

For those whom would recommend the TFS Administration tool, there's a reason to create a script instead of manually updating 400+ team projects.

For those whom would recommend C#, there's a reason why I don't code.

History

9/21/2011
KMA42

11/3/2011
Thomas Lee