TFS API Part 4: Get TFS User List (Mail, Sid, Account, Domain)

14/01/2009

10 comments

TFS API Part 4: Get TFS User List (Mail, Sid, Account, Domain)

In my previous posts TFS API Part 2: Domain Picker Using Registered Servers (Cache) I demonstrate how to connect TFS and how to get TFS Projects.

In this post I’ll show how to get User List from TFS by groups.

First add reference for Microsoft.TeamFoundation, Microsoft.TeamFoundation.Client, Microsoft.TeamFoundation.Common.dll
located in – C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\

Download Demo Project

Add using for Proxy,Client and Server.

*** Good to know -> An Identity structure represents a user, group, or Team Foundation Server application group, along with some of their attributes

using Microsoft.TeamFoundation.Proxy;

using Microsoft.TeamFoundation.Client;

using Microsoft.TeamFoundation.Server;

Connect to TFS and call GetTfsUsers(dp.SelectedServer) with the TFS.

Create IGroupSecurityService from TFS.

IGroupSecurityService gss = (IGroupSecurityService)server.GetService(typeof(IGroupSecurityService));

 

# Read Identitys

Using gss you can read all Identitys in TFS.

SearchFactor

AccountName -Logon name (for Windows identities) or an application group name, possibly qualified by domain name, such as AdventureWorks\JAaberg, ProjectURI\groupname, or GUID\groupname.

AdministrativeApplicationGroup – An administrative application group.

DistinguishedName – A LDAP escaped distinguished name, optionally prepended by LDAP://.

EveryoneApplicationGroup – The Team Foundation Server Everyone application group.

ServiceApplicationGroup – The service application group.

Sid – Contains a SID 

Identity SIDS = gss.ReadIdentity(SearchFactor.AccountName, "Team Foundation Valid Users", QueryMembership.Expanded);

 

image

 

Identity SIDS = gss.ReadIdentity(SearchFactor.ServiceApplicationGroup, "Team Foundation Valid Users", QueryMembership.Expanded);

 

image

QueryMembership

Direct- Each Identity includes its direct members. However, these member identities will contain null members.

Expanded – Each returned identity includes its direct members. Each of these member identities contain their direct member identities, and so on.

None – No information about membership is returned, and corresponding properties are set to null. 

Identity SIDS = gss.ReadIdentity(SearchFactor.AccountName, "Team Foundation Valid Users", QueryMembership.Expanded);

image

 

Identity SIDS = gss.ReadIdentity(SearchFactor.AccountName, "Team Foundation Valid Users", QueryMembership.Direct);

image

#

# Getting User List

To get Identity for each user use ReadIdentities by Sid.

Identity[] UserId = gss.ReadIdentities(SearchFactor.Sid, SIDS.Members, QueryMembership.None);

 

image

 

Download Demo Project

Add comment
facebook linkedin twitter email

Leave a Reply

10 comments

  1. Lammy10/04/2009 ב 01:22

    Many thanks Shai. Saved me many, many hours of work. To find this was a gift…Toda raba.

  2. Bubma05/06/2009 ב 12:45

    Hello Shai,

    thanks for the article,
    I was just wondering, I have a custom web app for the tfs and on the login I am asking the user to choose the project that he wants to log in to.

    I somehow cannot list only those projects that the user has access to, I now list all of them, and it is a security issue.

    I tried with the IGroupSecurityService but i get an error when the user trying to access the service is not in the administrator group…..

    Is there any workaround to it?

    Thank you,

    Cheers

  3. Stainless steel pipe05/02/2010 ב 11:15

    Thanks for the great article here at your blog. I know it will help me and many others.

  4. santosh28/05/2010 ב 17:00

    Is there any code sample how to achive the same in Dev10 .

  5. Kelly18/08/2010 ב 04:50

    I’m indebted to Shai. Shai is one of my best friends today. :)

  6. Kelly18/08/2010 ב 04:57

    I had to change a couple lines of code to get past some deprecated properties. Changed these lines:

    From:
    GetTfsUsers(dp.SelectedServer);
    To:
    GetTfsUsers(dp.SelectedTeamProjectCollection);

    From:
    private void GetTfsUsers(TeamFoundationServer server)
    To:
    private void GetTfsUsers(TfsTeamProjectCollection tpk); //and updated all server refs to tpk

    From:
    Identity SIDS = gss.ReadIdentity(SearchFactor.AccountName, “Team Foundation Valid Users”, QueryMembership.Expanded);
    To:
    Identity SIDS = gss.ReadIdentity(SearchFactor.AccountName, “Project Collection Valid Users”, QueryMembership.Expanded);

  7. Riddhi15/06/2011 ב 17:47

    TfsConfigurationServer tfai = new TfsConfigurationServer(tfsUri, (ICredentials)credential);
    IGroupSecurityService gss = tfai.GetService();
    Identity SIDS = gss.ReadIdentity(SearchFactor.AccountName, “Team Foundation Valid Users”, QueryMembership.Expanded);
    Identity[] UserId = gss.ReadIdentities(SearchFactor.Sid, SIDS.Members, QueryMembership.None);

    I am getting gss as null. Does this requires extra setting ?

  8. Chris Nash22/06/2011 ב 19:26

    // Connect to the team project collection.
    TfsConfigurationServer tfsServer = m_tfsServer;
    Guid collectionGuid = m_collectionGuid;
    TfsTeamProjectCollection tpc = tfsServer.GetTeamProjectCollection(collectionGuid);

    // Get the group security service.
    var gss = tpc.GetService();

    // Retrieve each user’s SID.
    Identity sids = gss.ReadIdentity(SearchFactor.AccountName, “[My Team Project]\\Contributors”, QueryMembership.Expanded);

    // Resolve to named identities.
    Identity[] users = gss.ReadIdentities(SearchFactor.Sid, sids.Members, QueryMembership.None);

  9. Symons01/12/2011 ב 05:08

    Hi,shair!
    I am a newer!
    I did not understand the factorValue? So what is the “Team Foundation Valid Users”?
    Thank you
    Cheers