TFS User Added to Windows Group Unable to Login
In our Team Foundation Server environment we decided to have our TFS users in a local Windows group and have that group added to a Team Foundation Server group. After installing Team System Web Access I naturally had to grant some users access. As per our configuration, I promptly added the user to the local Windows group and expected the user to be able to login. Ideally, of course.
“TF50309: You do not have sufficient permissions to perform this operation.”. Great.
After checking everything, I remembered that TFS does not update its own cache straight away. That is what the Team Foundation Server Task Scheduler is for. But, I want to have access right now!
In that case, you have two choices to get it refreshed immediately:
- Remove the local Windows group from the TFS server group and re-add it. This will force the web services to refresh the cache with the new security configuration. Note: This might be a problem in a high traffic production environment.
- Recycle the TFS AppPool, found in Internet Information Services > Application Pools. This is the more acceptable way of forcing the refresh.
leave a comment