project manager decided to go with tfs, but our IT was too expensive to setup/manage it, so i was elected. I have standalong server 2008r2 running with tfs2010. but before i go creating new user accounts separate from our company AD i would like
to know if there is an easy way to trust domain users so developers and managers don't need to maintain a separate user login on just this server.
The situation with TFS is that it goes beyond just being a code repository. In working with the workitems you will see a lot more benefit in adding that server to the Domain. You are not configuring it to be a domain controller, just a server
that will need to use the account mechanism and functionality provided by AD without having it be a hassle to manage.
Again, it will be the easiest way to have this integrate and not have to workaround the users having two different identities.Enrique Lima Solutions Architect | Apparatus, Inc. | http://geekswithblogs.com/enriquelima
its been too long since i have set up a server in a domain environment, but long ago and not so far away there was some way to set up one-way trusts such that you could have a server trust the domain logins but not the other way. it was useful for special
use servers that you didn't want accessing domain resources, but that you wanted to allow domain users to access. is there something like that with AD?
The situation with TFS is that it goes beyond just being a code repository. In working with the workitems you will see a lot more benefit in adding that server to the Domain. You are not configuring it to be a domain controller, just a server
that will need to use the account mechanism and functionality provided by AD without having it be a hassle to manage.
no, corporate IT refuses to allow it to connect to the domain unless they manage it. my manager doesn't want the hassle of them managing it, so i guess i'm stuck with just making my own accounts.
