We have a team member in a different country, and are trying to figure out the most viable option to provide them with access to our Team Foundation Server for Visual Studio 2010.
You can check this http://msdn.microsoft.com/en-us/library/bb668967.aspx
If they are part of your corporate LAN/WAN, they should be able to get access just like a local user. If they are external, you have a couple choices:
VPN: You could give them VPN access into your network, then they could access like a local user.
Expose: You could expose TFS to the outside world by allowing the appropriate ports through your firewall.
You can also take a look at the TFS Proxy, but honestly I haven't done anything with that yet.
Open up port 8080 and route that port to the appropriate server. You can also setup to use HTTPS.
When the remote user is not on the same domain, he gets prompted for the credentials. The remote user can use the Windows Credential Cache (Stored Usernames and passwords for Windows XP).
Best solution is to enable TFS through a VPN for WAN users. Through port mapping you can enable TFS application tier access, but the Sharepoint (Documents) and Reports may not work properly. So, the best method is to enable VPS with SSL, and let internet users connect to your TFS just like internal users
Best of luck!
Related
I want to configure internet option via remote for windows 8. For example, I some pcs have two accounts, say admin,user. All pc connected via LAN with a server. How do I disable and enable internet from centralized server for only those users who have logged in via 'user' account? I asked for windows 8 machines.
The best way would be some kind of Centralized authentication and authorization.
Like the Microsoft ActiveDirectory, or An OpenLDAP Server.
Next you would need a proxy server where every program/user has tho authenticate to open up a new Connection to the outside world.
Another approach could be some kind of captive portal on your router (pfsense does this pretty easy and fast) for authentication.
This could also be paired with a centralized user management oder just local users.
Local Users (on every machine) have the problem that none of the settings and properties, such as passwords, could be synchronized and have to be set by hand on every machine.
Actually i have following step by step from http://www.windowsazure.com/en-us/manage/services/sql-databases/getting-started-w-sql-databases/ to create database and etc.
But when i try to login using username and password which i have configured,message error appear " Failed to retrieve connection information. Try to login again. "
I have configure firewall before to allowed my public ip to access the database.
How to solve my problem ?
Thanks
Clear your cookies and browsing history and contact Microsoft support if this persists after some time (like an hour)
That is very interesting problem.
What about checking connection with Microsoft SQL Server (can be Express edition).
If you configured firewalls then you should be able to access Azure database via Microsoft SQL Server Management Studio from your system with no problems.
Alternatively you could check Visual Studio. But I am not sure if Visual Studio Express edition can connect to Azure databases (you might need some paid version).
If you still have some connectivity issue using SQL Management Studio then that would indicate some networking problems between your place and Azure data centre. In that case I would recommend spinning up another Azure database (for very short time) in different data centre, set up firewalls and see if that will work.
EDIT
Any way to configure Firewall for Azure ?
Firewall to database cannot be configured at a level of individual databases; it needs to be configured at a level of server.
In Windows Azure Management portal, go to Database tab and then select database server:
Once you in server dashboard, select configuration top tab. You can change DB Server firewall allowed IP addresses under Allowed IP Addresses
In the same section there is Current Client IP Address which tell you the current IP. That very handy when you work with VPN or change your network quite often.
Allow popups. Chrome was blocking this from me.
I am working on a large application in team environment. We use to Team Foundation Server to control source code with VS2010.We are using LAN to connect TFS which works great in an small office but now we need to connect TFS through Internet.
What actually I want to know that we have many developers they reside in different location worldwide. We want to download there work directly in the TFS server through Internet like LAN. We will have also connect LAN users who work on this application and want to connect both kind of users parallel.
Note: WE DON'T WANT TO USE VPN.
Is there any possibility to do this kind of work in TFS? Any Help will be appreciated.
You can definately expose TFS over the internet. TFS is basically a set of web services hosted in IIS, just make your server internet-visible and you're set.
There are some security best practices you probably want to consider though:
1) You should configure an SSL cert in IIS and connect to TFS using HTTPS (an option when connecting in VS).
2) You should place your SQL Server database on a separate machine that is not directly exposed to the internet (but is visible to the Application Tier server). SSRS should reside on the AT server, the DB and SSAS should be on the Data Tier server.
I am very new in TFS 2010. I have setup my PC as server. I need to connect the client machine with this server. I have added a Service Account in TFS console. The client machine are connected with this account.
Now, my question is that, is the Service Account is intended to connect the client with server?
Can anyone explain me the purpose of this account?
Also I need to know, how to find(or setup) the TFS admin?
Are you referring to the "TFSSERVICE" service account from the installation guide? That account is used to run various services related to TFS, for example the TFS Task Scheduler. It should have the minimum privileges possible on the machine.
The client should not connect to the server with a service account, they should be using their own account which you grant access to the relevant repositories in TFS. If you connect all clients with the service account, how will you know who checked in each changeset?
You might find the installation guide of use which can be found here. See section entitled "Accounts Required for Installation of Team Foundation Components".
If you are using a domain, you should be able to follow the instructions in this article for how permissions work in TFS. You can allocate permissions to resources from the Team Explorer pane within Visual Studio.
If you're using TFS in a workgroup then it's a little different as you need to set up local accounts for your users. See this article.
I've installed TFS 2008, but I can't seem to access the server. When I try to connect to it in Visual Studio, I can't. If I try by browser on a remote PC, I get a generic page cannot be displayed. On the server, I get a 403. Nothing was touched in IIS and the service is running as a Network Service. Any ideas?
try:
http://localhost:8080/Services/V1.0/ServerStatus.asmx. This will tell you if TFS is up and running. If you are getting anything else you need to look into IIS issues.
I wrote a blog post on diagnosing these types of TFS connections.
http://blogs.msdn.com/granth/archive/2008/06/26/troubleshooting-connections-to-tfs.aspx
The very first thing I do is confirm that it works for a known-good configuration – usually my workstation.
Providing that works and the server appears to be functioning, the next thing I do is ask the user to call the CheckAuthentication web service using Internet Explorer.
The URL for this is: http://TFSSERVER:8080/services/v1.0/ServerStatus.asmx?op=CheckAuthentication
By doing this check, I am doing four things:
Eliminating Team Explorer from the picture
Eliminating the .NET networking stack from the picture
Ensuring that Windows Authentication is working correctly (that’s why I say IE)
Ensuring that proxy settings are set correctly
In most cases I’ve seen, the TFS connection issues are because the proxy settings have changed or are incorrect. Because .NET and Visual Studio use the proxy settings from Internet Explorer, it’s important to have them set correctly.
In rare cases it’s beyond this. That’s when I start looking at things like:
Can you resolve the server name?
Can you connect using the IP address?
Are there HOSTS file entries? (see: c:\windows\system32\drivers\etc\hosts)
Can you ping the server?
Can you telnet to port 8080?
Does the user actually have access? Run TfsSecurity.exe /server:servername /im n:DOMAIN\User to check their group memberships
Have you changed your domain password lately? In some cases they’ll need to logoff the workstation and log back on again to get a new security token.
Is the computer's domain certificate valid? update the certificate: gpupdate /force
Hope this helps.
Turns out the time and date on my computer was not "close enough" to the time and date on the tfs server. Changed my system clock setting and problem went away.
What happens if you send a simple HTTP request to the server directly?
ie:
telnet 8080 [enter]
GET / HTTP/1.1[enter]
[enter]
[enter]
That might give a hint about whether IIS is actually serving anything. If you can do that on the server, what about from a different machine? If the results are different a good guess is there are some security/firewall issues somewhere. HTH a little.
I went through everything on a similar problem.
I logged onto my tfs server and connected directly there.
I also used a TFS admin tool I downloaded some time ago from Microsoft, and made sure I was in all the right groups and projects.
I then went back to the client PC with the problem, tried the services/1.0/serverstatus.asmx?op=CheckAuthentication Url again, and it worked this time.
AFter that full service was restored to my PC.
So I don't have the exact answer, but I would go through the checklists presented by Grant Holliday in his answer.
Add this to the cases for future users, as i had this issue on server 2016...
if your firewall allow only Domain and Private Network, it may not work on client. make sure you give public permission, if server network is set to public...
The error you may face:
ERR_CONNECTION_TIMED_OUT
for
http://fserver:8080/tfs