create a central place to manage rights for TFS, Sharepoint and Reporting Services
Currently, I can only manage TFS rights from Visual Studio/Team Explorer. It would be very nice to have a central place, to not only manage TFS rights, but Sharepoint and Reporting Services as well.
Thanks for all the feedback. We know this is a pain point for customers, and we are looking at ways to improve the management.
David Olson commented
I'm with Paul, integrating SharePoint, TFS Online, etc. would be ideal.
Completely agree on the importance of the request!
Paul Hester commented
Would be great if Office 365 (SharePoint Online, Lync Online, etc) and TFSPreview whould integrate and share users, and both provide for administration those users. If this is already there, would someone please enlighten me. Maybe I'm missing something.
I agree. Given the distributed nature of developers and the fact that they may NOT be regular domain users I'd suggest divorcing the user requirements from windows completely.
All of this should be managed through a web interface.
As it stands now, I can give remote access to my respositories, but I have yet to figure out how exactly they get access to the Reports and Document libraries. PITA.
This is really important. 2010 went some way towards this but with the push to Windows Server Core being the preferred server environment this really is the only way forward. Also this support should make Fully Qualified Domain Name installs more of a first class citizen especially as TFS/SharePoint/Reporting Services need to be be exposed publically. Currently it's possible but a very painful & brittle experience.
Visual Studio ALM Team commented
We do want to do something here as this is a very common customer request. Until then, Neno is correct that the best practice we recommend is to create some groups in AD that can be granted permissions in TFS, Sharepoint, and SQL Reporting Services.
Don't forget Lab Mgmt rights!!!
That place exists already, it’s called Active Directory.
So all you need is once set up groups and reference them in all three security subsystems (TFS, SQL Server Reporting Services, SharePoint) and you’re done.
You have to do this once per team project (however a team project should be large container and new team projects should be created sparingly)
Jeff Bramwell commented
For others reading this that aren't aware, you can do this now with the Team Foundation Server Administration Tool (http://tfsadmin.codeplex.com/). However, I'd like to see an integrated solution as well.
I would add that this should be a web based interface and ideally be pluggable in some way to allow for other Project permission areas to be added - for example adding an extension so that it could manage drop location permissions etc...