When performing a check-in to TFS, the user name associated with the check-in is DOMAIN\username. When linked to TeamCity, this is visible in TeamCity under the changes heading (Recent History).
The problem is that my users log in to TeamCity using LDAP, so their default VCS username is simply username and I can't see an automatic way to set the default VCS user as DOMAIN\username.
There are too many account to change manually to the correct VCS users so that the My changes functionality works.
Is there no user name style for TFS? Is there another way around this?
You can go to the profile page of a user(TeamCity/profile.html) and change the default user id for all TFS roots to DOMAIN/username.
IF the above steps works for one user, you can update the data in user-related tables in the teamcity database to update it for all users
insert into user_property
values(<user_id>,'plugin:vcs:jetbrains.**tfs**:anyVcsRoot','DOMAIN//username')
Related
If somebody has left my firm, how do I disable their account in Teamcity. I only see a delete option. I'll lose the configurations set by the user if I delete him right?
Is there a disable/Deactivate user option?
Currently it is not possible to disable a user. You can watch/vote for the corresponding issue in the bug tracker
The options you have now are:
Remove all roles/permissions of a user
Change user's password
Delete the user. This will not delete user's created items (projects, configurations, etc). The deleted user will be shown as 'unknown' on the UI
I'm trying to clean up a project in VSS2005 so it can Built one last time for a maintenance release before moving into TFS. However, I have one file that is currently checked out to a user who no longer exists, not even in the VSS database. We don't know what changes the user made to the file, but we don't care. We just want the checkout removed.
How is this to be done? There doesn't seem to be any options for this.
Or are we just screwed with no path out of the hole?
You can log in SourceSafe Admin as admin and undo checkouts of the gone user from there.
Here you can learn more details:
https://support.microsoft.com/en-us/kb/150648
As sometimes happens, after posting the question an idea occurred to me. I have noticed in times past that when creating a new user for VSS, the administrator can either give the user the same username as he or she logs in to his or her PC as, and not specify a password for VSS, thus letting the user's security context govern, or the administrator can specify a VSS password for the user.
Here is what I did:
Recreated the user in VSS Admin, as the Administrator
Gave the user a specific password
Started VSS, and selected File --> Open Source Safe Database
Selected the VSS database, filled in the Username with the new user's username (logging in as a different user)
When challenged for password, entered the password I assigned to the user
At this point I was then able to Undo the Checkout
Whew!
I am the administartor of TeamCity 9.0 which is my continuous integration server. I have added many users for different projects. They have the permission to manually trigger the build, but they cannot edit the configurations.
Now , I need to add a user so that the user can view the Web UI and get the logs etc ; but he must not be able to trigger the build. In short, the run button in the Web UI should not work for that user or should be invisible. How can I achieve that? Please help me out.
In the default installation, the All Users group only has the Project viewer role associated with it, which only has the View project and all parent projects permission. You'll see the Project developer role by default has the Run build and Stop build permissions, and many more.
What does your permission set up look like, i.e. what group is the user assigned to and what roles are associated with that group.
You can get a sort of "effective permissions" overview for a user on the "Roles" tab of a user, this shows how the user is getting permission for which projects via the groups they are in.
TeamCity provides a built-in role, Project Viewer, that grants users read-only access to projects. You can also create your own roles with permissions tailored for your team. See Administration > User Management > Roles.
Click on Administration on top right corner. Under User Management on left side of the UI, click on Users. Click on the user you want. Under Roles tab select Assign Role. In the pop up select what privilege you want to give to that user for what project.
Check this link https://confluence.jetbrains.com/display/TCD9/Role+and+Permission for knowing about different types of users in TeamCity.
I have an application which uses Dirsync to monitor the changes in AD. When I add/remove users to a group, AD creates an event for it. But when I delete a user from AD, it only create a changelog for user deletion. I don't get a changelog for "user removed from a group"
Is there some settings I can enable to view these kind of changes too?
When you delete an user, they are not automatically deleted from the group. Their SID is left lingering in the group membership unless you manually remove it. This happens to access controls as well, if you gave permission for a share to that user, you'll see a SID with no user information left on the share after you delete the user.
My organization adopted the policy of disabling users and moving them to a "Terminated Users" OU with a GPO attached that makes their session unusable if someone managed to re-enable the account. This allows us to avoid dangling SIDs and not have to worry about doing a full audit of group membership every time an employee leaves.
If you wish, you could do an audit once a year where you remove all permissions for a user, then delete the user, but I don't really feel it's necessary.
I need some help in understanding a problem. Here is the scenario. We have a windows domain controller machine and several machines in that domain. (Everything in windows 2008). In one of the machines in that domain (machine name AlphaSiter) our own custom java based product is installed. To log on into our product, you have to provide a user/password combo which is validated against the active directory. Now here is the scenario.
Log into the domain controller and create a user (say David) in the active directory and set the “User must change password in next login option”.
Go to the machine called AlphaSiter where our custom product is installed and try to login to our product with the newly created user credentials and then change password successfully.
The side affect is that in the AlphaSiter machine in C:\Users the user folder is created..that is c:\Users\David. Also this folder is only created if at the time of user creation the “User must change password in next login option” is set. This user folder is not created if the option is unchecked. We are not creating the folder programmatically from our code. So I am wondering how this folder is getting created.Is it something that windows does internally?
Any help on this would be appreciated as I have to give explanation to our customer ---:)
The user's profile folder is always created when there is some profile information that needs to be stored. It may be some registry settings in HKCU hive.
You can use RegMon to track regitry activity.