As I understand the checkin-policy are set on the server, but enforced on the client.
Since they are enforced on the client, is there a way to setup a private checkin policy.
I want to have a checkin policy for myself, but I can't set it on the TFS server as that would force everyone to follow that policy as well.
No that is not possible. If you're creating custom check-in policies you could have it filter by user, but you'd still have to turn it on at the server level and have every user install it locally.
Related
Starting from a running network with 3 organizations, I dynamically added a new organization (org4). But now, I want to update the endorsement policy for handling the new organization, and for handling some cases, as if the machine that contains org4 breaks down, the other organizations cannot make operations in the network. I tried to make an upgrade of the smart contract with the new endorsement policy, but it doesn't work. How can I solve this issue?
Thanks
Davide
I'm struggling with moving our VSTS subscription (and all projects within it) to a new MS work Azure account.
The original VSTS subscription was created on a personal account (call it a#a.com) and I want to move it to a#a.onmicrosoft.com.
When I am in the azure portal I can see the Team Service as a resource. I've unlinked it from any active directory.
Now, while it has a subscription key, I cannot seem to access the subscription. There is no link and there are zero subscriptions listed on the subscriptions list in Azure portal. it seems to be orphaned or something.
I have tried adding a#a.onmicrosoft.com as a user to the VSTS account within VSTS but it seems to add it as a personal account, so I cannot log in to it using my work account.
I have managed to change the owner in VSTS to a Gmail account, but it's still showing as a resource in my a#a.com personal Azure account.
I have tried to find up to date information on this but several pages mention adding a co administrator, but either this is no longer possible or I cannot do it because there appears to be no subscription association with the VSTS resource.
I'm desperate, please help!
In the end I had to raise a support ticket with VSTS support who performed some kind of migration that I would have been unable to do myself.
I'll try to explain my goal as good as I can;
I want to trigger a script whenever there is a new computer added to a Organizational Unit.
To do this i need to activate the logging of this event under the local security policy/audit policy. I guess my question is, do I need to do this on all the domain controllers, or is it enough to do it one just one?
Also, is it possible to see the event from a member server with the Management Tools pack installed? As I don't want to put too much work on the Domain Controllers.
Here is the Microsoft article that gives 4 ways of tracking changes in Microsoft Active-Directory. You will find everything you need from configuring the eventlog to receiving notifications by way of different kind of polling.
I have a teamcity server configured for CI. Our svn connection occasionally drops, once this happens a project will no longer check for changes, but we are not warned about this without logging onto the servers' web page.
Is there a way to be notified when there is a VCS problem in Team City?
Do you use mail notification on you builds? If so, you can set it to be notified of "Build fails to start". There may be different reasons to fail, but for us, it is always losing connectivity to VCS server.
Subscribing to Notifications
Failed to Start Builds
I am not sure, but teamcity does have an extensive API and if I understand it right you should be able to get the information from that. I haven't used it yet, just tested it does work. Hope that may help!
I have a web app that uses some backend servers (UNC, HTTP and SQL). To get this working I need to configure ServicePrincipalNames for the account running the IIS AppPool and then allow kerberos delegation to the backend services.
I know how to configure this through the "Delegation" tab of the AD Users and Computers tool.
However, the application is going to be deployed to a number of Active Directory environments. Configuring delegation manually has proved to be error prone and debugging the issues misconfiguration causes is time consuming. I'd like to create an installation script or program that can do this for me.
Does anyone know how to script or programmatically set constrained delegation within AD?
Failing that how can I script reading the allowed services for a user to validate that it has been setup correctly?
OK, after much digging on the internet and some testing, I've got a way forward.
The following code is c#.
Setting an SPN for a user or computer can be achieved via the setspn utility.
Alternatively, the following C# code can do the same:
DirectoryEntry de = new DirectoryEntry("LDAP://"+usersDN);
if (!de.Properties["servicePrincipalName"].Contains(spnString))
{
de.Properties["servicePrincipalName"].Add(spnString);
de.CommitChanges();
}
To set constrained delegation:
if (!de.Properties["msDS-AllowedToDelegateTo"].Contains(backendSpnString))
{
de.Properties["msDS-AllowedToDelegateTo"].Add(backendSpnString);
de.CommitChanges();
}
If the user has had non-constrained delegation enabled, you may need to turn this off before enabling constrained - but I didn't fully test this scenario.