Home Dashboard Directory Help
Search

major issue in security/members management - cannot retrieve from AD by Dan Morgenstern


Status: 

Closed
 as By Design Help for as By Design


1
0
Sign in
to vote
Type: Bug
ID: 779137
Opened: 2/13/2013 7:08:49 AM
Access Restriction: Public
1
Workaround(s)
view
0
User(s) can reproduce this bug

Description

After migrating 2010 to 2012 update 1, we tried to build new teams for project.

However, there the list of users (using browse) was partial, and when we tried to add a valid user from AD – the web interface could not find it.
We checked sync last date: 50 min , while this user exist for much longer….

Of course trying to bypass it from VS2012 did not help.

also tried fully qualified names:

Tried user@companydomain.com, tried companydomain.com\user

Nothing.


Details
Sign in to post a comment.
Posted by Microsoft on 2/20/2013 at 6:28 AM
Hi Dan - the expected behavior is for TFS to only show AD users that have been added at some point into TFS. So, if for example, you add a new member to a project and click the Browse button, you will not necessarily see all AD users, just those that TFS is aware of. If you type in a name and click the Check Name link, TFS will go to AD and look for that user.

If the behavior that I described above is what you're seeing, this is working as designed. If you are seeing something different, please let us know. We are working to close down Update 2, so please respond to us quickly either way.

Thanks,
Will Smythe
Program Manager on Team Foundation Server
Posted by Dan Morgenstern on 2/19/2013 at 1:47 PM
Hi

QU1 patch is installed and does not help

the bugs happens *ALWAYS* - happened on new collections, or on attached ones. it doesn't matter

The issue is that web access retrieves a PARTIAL active directory user list from TFS application tier

TFS is synchronized with AD. web access does not get all info
Posted by Microsoft on 2/19/2013 at 1:18 PM
Hi Dan,

I am currently investigating your problem and would like to get some clarification. So to be clear, You're seeing this problem after upgrading a TFS instance from 2010 to 2012 QU1 ? Did you install the QU1 patch available at (http://support.microsoft.com/kb/2803625). Also, did you upgrade the whole server or did you detach collections before the upgrade and then attached them after the upgrade? Those are all questions that would help us investigate your problem. Also, can you please further clarify what the problem is. Are you trying to add domain users from the Web Admin Security page and you're getting an error message saying "unable to resolve the identity ... " ? Thanks for reporting this and waiting for your reply.
Posted by Microsoft on 2/19/2013 at 1:18 PM
Hi Dan,

I am currently investigating your problem and would like to get some clarification. So to be clear, You're seeing this problem after upgrading a TFS instance from 2010 to 2012 QU1 ? Did you install the QU1 patch available at (http://support.microsoft.com/kb/2803625). Also, did you upgrade the whole server or did you detach collections before the upgrade and then attached them after the upgrade? Those are all questions that would help us investigate your problem. Also, can you please further clarify what the problem is. Are you trying to add domain users from the Web Admin Security page and you're getting an error message saying "unable to resolve the identity ... " ? Thanks for reporting this and waiting for your reply.
Posted by Microsoft on 2/13/2013 at 9:33 PM
Thanks for your feedback.

We are rerouting this issue to the appropriate group within the Visual Studio Product Team for triage and resolution. These specialized experts will follow-up with your issue.
Posted by Microsoft on 2/13/2013 at 7:50 AM
Thank you for your feedback, we are currently reviewing the issue you have submitted. If this issue is urgent, please contact support directly(http://support.microsoft.com)
Sign in to post a workaround.
Posted by Dan Morgenstern on 2/19/2013 at 8:02 AM
found workaround.

Even if TFS shows me error (unable to find or resolve the identity {of a valid user of course})
Just click Save Changes, then TFS web access will really find the user