I mentioned in my last post that I have some code that will help you find built-in groups. It’s actually pretty simple, and build upon code that James already provided last year. Say you want to find the Team Foundation Administrators group, the Valid Users group, or the Service Accounts group. These three groups are always created when TFS installs, so we added a neat flag to help you access them without knowing anything else than the server name. Try using the attached file as the main file in a new C# console application and then add dll references to Microsoft.TeamFoundation.dll, Microsoft.TeamFoundation.Client.dll, and Microsoft.TeamFoundation.Common.dll. Many thanks to Matt Hoover for the code review on my sample code here.
The key piece of code is the following method.
/// Prints out the membership of the three built-in groups
public void DisplayBuiltinGroupMembers()
// Find all the Administrative users
Identity adminUserSids = m_gss.ReadIdentity(SearchFactor.AdministrativeApplicationGroup, null, QueryMembership.Expanded);
// Find all the Service accounts
Identity serviceSids = m_gss.ReadIdentity(SearchFactor.ServiceApplicationGroup, null, QueryMembership.Expanded);
// Find all the valid users
Identity allUserSids = m_gss.ReadIdentity(SearchFactor.EveryoneApplicationGroup, null, QueryMembership.Expanded);
We can also read the project administatrative groups in a similar way. The only thing you need to know is the project URI. Note that if you have the project name you can find its URI the ICommonStructureService’s “GetProjectFromName” method.
project = m_css.GetProjectFromName(“My Project”);
Identity adminGroup = m_gss.ReadIdentity(SearchFactor.AdministrativeApplicationGroup, project.Uri, QueryMembership.Expanded);
Disclaimers: The most efficient means of reading identity information is by using the SearchFactor.Sid. If you plan to do a tremendous number of queries like the ones in my sample app and want to get the best perf, this may not be the right method for you. Instead, use the members of the Microsoft.TeamFoundation.GroupWellKnownSidConstants class in Microsoft.TeamFoundation.Common.dll (this will also allow you to access the Licensed Users Group which only exists in the Team Foundation Server Workgroup Edition). Even so, the extra SearchFactors can make your code look a bit prettier.