Export (0) Print
Expand All

Sid Command

Updated: June 2010

Use Sid to update or list either all or specified registered security identifiers (SIDs).

Required Permissions

To use the Sid command, you must be a member of the Team Foundation Administrators security group on the Team Foundation application-tier computer and a member of the sysadmin security group for SQL Server on the Team Foundation data-tier computer. For more information, see Team Foundation Server Permissions.


Even if you are logged on with administrative credentials, you must open an elevated Command Prompt to perform this function on a server that is running Windows Server 2008. To open an elevated Command Prompt, click Start, right-click Command Prompt, and click Run as Administrator. For more information, see the Microsoft Web site.

TFSAdminUtil Sid [/noprompt | /i] [/Change source target] [account]




Used with /Change option to instruct the Sid command to change the SIDs for users currently in the Team Foundation Server integration database that are in the domain or computer in a work group specified by source.


Used with /Change option to instruct the Sid command to change the SIDs in the Active Directory of the domain or computer in a work group specified by target.


Used with /Change option to instruct the command to update the SIDs for the account specified by account.

The account argument must be in username format. For example domain/username.




Synchronizes the SID in the database for Visual Studio Team System Team Foundation Server with the SID from Windows. If they are different, updates the Team Foundation Server SIDs for all (/All) or a specific user account.

If /Change is not specified Sid command defaults to listing the SIDs.

Important noteImportant Note:

We recommend that you back up the databases in the Team Foundation Server data tier server.

Team Foundation Server uses SIDs for identifying users and associating them to permissions. Team Foundation version control stores the users’ information in the identity table where the user's SID is registered as the authenticationKey.

The TFSAdminUtil Sid command is used by an administrator to update user accounts to respond to renaming users, or reinstalling Team Foundation onto a different computer. For example, if the administrator wants to move the Team Foundation installation to a new computer, the administrator must follow these steps:

  1. Restore the data backups and create the application tier.

  2. Use the TFSAdminUtil Sid command to list all of the accounts.

  3. Use the list generated in step two (2) to create all the user accounts.

  4. Run TFSAdminUtil Sid /Change source target command to update the SIDs of the user accounts in the Team Foundation Server.

    This results in the user accounts retaining all of their previous permissions and ownerships.


    After you use the Sid command, you can expect unpredictable behavior until Team Foundation Server synchronizes with Active Directory. It is recommended that the migrated users do not use the system for at least an hour after the Sid command has been run.

The following example instructs the Sid command of the TFSAdminUtil utility to list three columns of information: Account Name, Found, and Equal to Windows SID. The entries in Found and Equal to Windows SID contain True, if the SIDs are found and match.

>TFSAdminUtil.exe Sid

The following example illustrates how you can use the Sid command to update all user accounts in Team Foundation Server as part of moving your deployment from a workgroup to a domain. The Change option will reconfigure all accounts that existed in the previous workgroup that you specify (OldComputerName) to use SIDs for the new domain that you specify (NewDomain).


When you change a deployment of Team Foundation Server from a workgroup to a domain, you must perform other tasks in addition to updating user accounts. For more information, see How to: Move Your Deployment of Team Foundation Server from One Environment to Another.

>TFSAdminUtil.exe Sid /Change OldComputerName NewDomain




June 2010

Added code example for the /change option of the Sid command.

Customer feedback.

Community Additions

© 2015 Microsoft