Friday, 27 July 2018

Finding Membership Information of a User/Group/Team in VSTS/TFS

Managing permissions of a VSTS/TFS sometimes become a nightmare specially if you have many teams groups etc. created in your account and in team projects. It is important to have a way to find group membership of an individual or group, so that you can analyze where the memberships are assigned in order to make required maintenance or change permission activities. Lets look at a command which can help you find that information quickly.

tfssecurity is a command line tool made available to you if you have Visual Studio team explorer installed (default path C:\Program Files (x86)\Microsoft Visual Studio\2017\Enterprise\Common7\IDE\CommonExtensions\Microsoft\TeamFoundation\Team Explorer) or in on-premises TFS server Application Tier. You can read documentation about various types of usages of tfssecurity command line from here.

For our problem of finding which groups or teams a user if member of in VSTS/TFS we can utilize this command with /imx which will list all group membership. To use this command you need View collection-level information or the View instance-level information permission set to Allow. You can use developer command prompt of Visual Studio in administrator mode or normal command prompt in admin command prompt and change directory to the path where tfssecurity is or add tit to path variable, in order to use the command below.

tfssecurity /imx Identity [/collection:CollectionURL] [/server:ServerURL]

For VSTS you can provide the VSTS account url for collection url parameter. and for identity you have to use something similar to “” to pass the user identity you want to evaluate for permissions. It can even be VSTS group or team name.

Using with a user of VSTS

tfssecurity /imx "" /collection:

When you execute command it will list the user details and his membership information in the account.image

You can execute this command with a team or a group of VSTS/TFS to see the member list of the group and which groups this group/team is member of.

tfssecurity /imx "[teamproject]\ABC Team" /collection:

It will display information about the group or team.image

List of Members.image

Other groups membership.image

No comments:

Popular Posts