FYI - if you are opening up TFS to external users, not only do you need to add users to AD you also need to be properly licensed for them. Usually the cheapest way to do this is with an initial investment in an External Connector License. The exclusions in the TFS2008 license that allows people to create/update/view work items belonging to themselves not requiring a CAL only apply to people *inside* the organization.
Still, the licensing implications have been one of the reasons I've seen quite a few people hold off opening up TFS to the outside world so I just thought I'd mention it. M. Martin Woodward. Senior Software Engineer, Microsoft MVP (Team System). Teamprise, a division of SourceGear LLC. US Phone: +1 217-531-7854 UK Phone: +44 (0)2894 335006 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Prior, David Sent: 21 April 2008 07:47 To: [email protected] Subject: RE: [OzTFS] TFS and Forms Based Authentication Sven, That seems to be where I am heading as well. Not my preferred approach but it looks like I'll have to do it that way. I am currently installing VSTS Web Access 2008 as it has some improvements on the web side of things around security and apparently you can point it to a TFS 2005 installation. I'll then just have to write up guidance around how to manage these client accounts in regards to password resets, memberships and permissions in TFS. Cheers, David _____ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Cipido, Sven Sent: Monday, 21 April 2008 4:31 PM To: [email protected] Subject: RE: [OzTFS] TFS and Forms Based Authentication David, Normally all your users need to be in AD. We do the same for our customers who want to access our TFS. What we do is creating the AD users with only the rights for the TFS site. The security in TFS is set so that they can only access the site and can raise defects, view the progress,. For some clients we even create only one or two users which they share across multiple users at their site. Hopes this helps you. Kind regards Sven Cipido .Net Solution Architect, Agile Consultant, Buildserver Consultant ORDINA Belgium Contact Details B-2627 Schelle (Antwerpen), Boomsesteenweg 28 B-3001 Leuven, Interleuvenlaan 15H B-3560 Lummen, Bosstraat 52/2 B-9820 Merelbeke, Guldensporenpark 84/I telephone_icon02 +32 (0)3 866 00 22 +32 (0)3 866 03 01 cid:[email protected] +32 (0)496 122 413 @ <mailto:[EMAIL PROTECTED]> [EMAIL PROTECTED] Blog : http://blog.svencipido.be <http://blog.svencipido.be/> Blog : <http://blog.n-technologies.be/> http://blog.n-technologies.be cid:[email protected] <mailto:[EMAIL PROTECTED]> [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> [EMAIL PROTECTED] <https://212.35.120.78/exchweb/bin/redir.asp?URL=http://www.ordina.be/> www.ordina.be Email Disclaimer The information contained in or with this email, originating from Ordina, is confidential and intended solely for the addressee. If this email has been received in error the receiver is kindly asked to contact the sender via email or telephone. Revelation, reproduction, distribution and/or forwarding of the information contained to third parties is not permitted. Ordina is not responsible for the correct and complete transference of the content of any transmitted email, nor for the timely reception thereof, nor for the correctness of the content. In no case is Ordina liable for any damage, in any form, which may arise as a direct or indirect consequence of acting and/or neglecting and/or deciding anything based wholly or partly on this email. On all activities and offers of Ordina, and in all agreements of which they are directly or indirectly a party, the General Terms and Conditions apply, even if not included. A copy of these Terms and Conditions will be sent to you free of charge on request. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Prior, David Sent: maandag 21 april 2008 7:19 To: [email protected] Subject: [OzTFS] TFS and Forms Based Authentication Hi, I'm playing around with the Microsoft Visual Studio 2005 Team System Web Access 2005 to see what's involved in opening up my TFS 2005 server to allow external clients access so they can raise defects, view progress, etc. I have installed and created a new web site with Forms Based Authentication, and it all works fine with my Active Directory user account. It has a nice user interface for the web side of things. What I want to do now is to create a user account for an external client. Do I need to create them an account in my Active Directory? It looks like I do, but I wanted to get away from this. I was hoping to be able to do it some other way? Is AD the preferred approach? What have others done? Any suggestions would be appreciated. BTW, I am also looking at doing this for my TFS 2008 server when we upgrade later on this year, but I want to get the 2005 version going first. Cheers, David OzTFS.com - to unsubscribe from this list, send a message back to the list with 'unsubscribe' as the subject. View the web archives at http://www.mail-archive.com/[email protected]/ Powered by mailenable.com, supported by www.readify.net OzTFS.com - to unsubscribe from this list, send a message back to the list with 'unsubscribe' as the subject. View the web archives at http://www.mail-archive.com/[email protected]/ Powered by mailenable.com, supported by www.readify.net OzTFS.com - to unsubscribe from this list, send a message back to the list with 'unsubscribe' as the subject. View the web archives at http://www.mail-archive.com/[email protected]/ Powered by mailenable.com, supported by www.readify.net OzTFS.com - to unsubscribe from this list, send a message back to the list with 'unsubscribe' as the subject. View the web archives at http://www.mail-archive.com/[email protected]/ Powered by mailenable.com, supported by www.readify.net
<<image001.gif>>
<<image002.jpg>>
<<image003.gif>>
<<image004.gif>>
<<image005.jpg>>
