We recommend using Visual Studio 2017
This documentation is archived and is not being maintained.

Version Control [Team Foundation Server]

The version control plug-in defines a team project's initial version control security permissions, check-in notes, and whether exclusive check out is required. The plug-in name is Microsoft.ProjectCreationWizard.VersionControl. The version control XML file is named VersionControl.xml and is located in the Version Control folder in the process template folder hierarchy. You can change the XML file and folder name if it is required.

In the XML file, specify one or more tasks and their dependencies. Generally, you need only one task to configure version control settings. For an example of a task specifying version control settings, see the VersionControl.xml file in the MSF for Agile Software Development process template.


Team Foundation Server does not include a mechanism for the deployment of client-side plug-ins, policies, or other modifications. If you want to deploy plug-ins, policies, or other modifications to Team Explorer, you must use your own distribution and installation program.

Check-in Notes

Check-in notes are provided by the developer when code is checked in to describe how, or if, the code changes are related to team processes. For example, a check-in note can indicate if the change was part of a security review, and include details about the changes relative to the security review.

Use the checkin_note element to define a check-in note.

<checkin_note label="" required="" order=""/>

The following table describes the attributes for the checkin_note element.

Attribute Description


The label that describes the check-in note. The label is displayed to the user on the Pending Check-ins dialog box when they perform a check-in.


Specifies if the check-in note is required to have a value. If set to true, the check-in note must have a value. If set to false, a value is optional.


Specifies an ordinal number to indicate what order to display the check-in notes. This attribute is optional.

The following example shows how to customize the MSF for Agile Software Development check-in notes to provide an additional check-in note named "Documentation Impact" that is not required to have a value.

   <checkin_note label="Code Reviewer" required="false" order="1"/>
   <checkin_note label="Security Reviewer" required="false" order="2"/>
   <checkin_note label="Performance Reviewer" required="false" order="3"/> 
   <checkin_note label="Documentation Impact" required="false"/>

Exclusive Check Out

You can control whether multiple people can check out a file at the same time. Use the exclusive_checkout element to specify the check out properties.

<exclusive_checkout required=""/>

If the required attribute is set to true, only one person can check out a file at a time. If set to false, multiple people can check out a file at the same time, and they must reconcile changes when they check in the file.

The following example shows how to specify that exclusive check-out is required.

<exclusive_checkout required="true"/>


Version control has a specific set of permissions that you can configure for a process template. Specifying permissions will define what actions security groups and individuals can perform on items under version control.

Use the permission element to allow, deny, or allow and deny permissions for an identity.

<permission allow="" identity=""/>
<permission deny="" identity=""/>
<permission allow="" deny="" identity=""/>

The following table describes the attributes for the permission element.

Attribute Description


Identifies the permissions being granted. The permissions are specified as comma-delimited text.


Identifies the permissions being revoked. The permissions are specified as comma-delimited text.


Denied permissions take precedence over allowed permissions.


Specifies the Team Foundation Server security group, Windows group, or Windows identity to which this permission is applied.

The following table describes the permissions you can specify for version control.

Permission Description


Can read the contents of a file or folder.


Can check out, add, delete, branch, merge, undelete, and perform other activities associated with a changeset.


Can check in changes.


Can apply a label to items.


Can lock an item so that others cannot update it.


Can change the contents of someone else’s changeset comments and check-in notes.


Can remove someone else’s lock.


Can undo someone else’s pending changes.


Can modify someone else’s label.


Can configure security settings for version control.


Can perform a check in as another user. This permission is required for conversion utilities.


During runtime, if a permission cannot be found for an identity, the permission is searched for in any other groups the identity belongs to. If the permission cannot be found, the default action is to deny the permission.

The following example shows how to grant permissions to allow the Contributors group to modify files under version control.

   <permission allow="Read, PendChange, Checkin, Label, Lock"

See Also