How to synchronize TFS users with AD (Active Directory)?

Article
1/17/2024

Sometimes we need to add users to our AD or Windows so we can add them to the TFS and we need them to appear immediately without needing to wait for the synchronization to happen automatically.

There are many ways that we can do that....I will explain how to do that with different methods.

TFS Job Agent is responsible for running this sync and other jobs, by default this run once an hour, we can run this job using the Web Service "JobWebService" or by using TFS Client Object Model "Microsoft.TeamFoundation.Client".

We can use the Client Object Model with C# Console Application for example or using it with PowerShell script.

Use the JobWebService directly.

We need to call QueueJobs web service but unfortunately we can't call that from the browser, remember that we need also the GUID of the job

Navigate to the TFS admin Web Services.http://mohamedradwan.files.wordpress.com/2013/12/open-webservice.jpg?w=660

Open the JobService Web Services and click on QueueJobs Web Service.http://mohamedradwan.files.wordpress.com/2013/12/queuejobs-webservice.jpg

We can't call it from the browser and we need the GUID of the Job.http://mohamedradwan.files.wordpress.com/2013/12/call-queuejobs.jpg?w=660

Use the WebServiceStudio.

We can use a very smart tool WebServiceStudio that existing on CodePlex, this tool enables us to call the Web Service with GUI and without writing code for the Web Service.
http://mohamedradwan.files.wordpress.com/2013/12/queuejobs-using-webservicestudio1.jpg?w=660

Use a PowerShell Script.

We also can use TFS Client Object Model "Microsoft.TeamFoundation.Client" with PowerShell script.http://mohamedradwan.files.wordpress.com/2013/12/powershell.jpg?w=660
Download the script

I made the demo on Brain Keller VM, here are the steps you need to follow:

Add your user to your AD or Local accounts for work group.http://mohamedradwan.files.wordpress.com/2013/12/add-users-to-windows.jpg

Remember that We adding the Windows Group to the TFS Collection, in our case the Administrators group.http://mohamedradwan.files.wordpress.com/2013/12/administrators-added-to-the-project-collection.jpg

We will run the job using any method and then the users will start to appear immediately.http://mohamedradwan.files.wordpress.com/2013/12/the-user-will-appear-in-tfs.jpg?w=660

To view what is the status of the job, queue time, start time or end time, run the following SQL script on DT (Data Tire) don't confuse with the time because it's UTC

[code language="sql"]
USe tfs_Configuration
SELECT TOP 100 *
FROM [Tfs_Configuration].[dbo].[tbl_JobHistory]
WHERE JobId='544DD581-F72A-45A9-8DE0-8CD3A5F29DFE'
[/code]

http://mohamedradwan.files.wordpress.com/2013/12/tbl_jobhistory.png?w=660
To make sure about job name and other info, run the following script:

[code language="sql"]
use tfs_Configuration
SELECT TOP 100 *
FROM [Tfs_Configuration].[dbo].[tbl_JobDefinition]
WHERE JobId='544DD581-F72A-45A9-8DE0-8CD3A5F29DFE'
[/code]

http://mohamedradwan.files.wordpress.com/2013/12/tbl_jobdefinition.png?w=660

Share via

How to synchronize TFS users with AD (Active Directory)?

Additional resources