/m command: Check explicit and implicit group membership

Visual Studio Team Foundation Server 2013

Use /m to check explicit and implicit group membership information for a specified group or user.

Required Permissions

To use the /m command, you must be a member of the Team Foundation Administrators security group. For more information, see Permission reference for Team Foundation Server.

Note
Even if you are logged on with administrative credentials, you must open an elevated Command Prompt to perform this function.


TFSSecurity /m GroupIdentity [MemberIdentity] [/collection:CollectionURL] [/server:ServerURL]

Parameters

Argument	Description
GroupIdentity	Specifies the group identity. For more information on valid identity specifiers, see TFSSecurity Identity and Output Specifiers.
MemberIdentity	Specifies the member identity. By default, the value of this argument is the identity of the user who is running the command. For more information on valid identity specifiers, see TFSSecurity Identity and Output Specifiers.
/collection:CollectionURL	Required if /server is not used. Specifies the URL of a team project collection in the following format: http://ServerName:Port/VirtualDirectoryName/CollectionName
/server:ServerURL	Required if /collection is not used. Specifies the URL of an application-tier server in the following format: http://ServerName:Port/VirtualDirectoryName

Remarks

Run this command on the local application-tier computer.

The /m command of the TFSSecurity command-line utility checks both direct and extended memberships.

Examples

The following example verifies whether the user "Datum1\jpeoples" belongs to the Team Foundation Administrators server-level group.

Note
The examples are for illustration only and are fictitious. No real association is intended or inferred.

	Copy Code
>TFSSecurity /m "Team Foundation Administrators" n:Datum1\jpeoples /server:http://ADatumCorporation:8080

Sample output:

	Copy Code
TFSSecurity - Team Foundation Server Security Tool Copyright (c) Microsoft Corporation. All rights reserved. The target Team Foundation Server is http://ADatumCorporation:8080/. Resolving identity "Team Foundation Administrators"... a [A] [INSTANCE]\Team Foundation Administrators Resolving identity "n:Datum1\jpeoples"... [U] DATUM1\jpeoples (John Peoples) Checking group membership... John Peoples IS a member of [INSTANCE]\Team Foundation Administrators. Done.

Copy Code

TFSSecurity - Team Foundation Server Security Tool
Copyright (c) Microsoft Corporation.  All rights reserved.

The target Team Foundation Server is http://ADatumCorporation:8080/.
Resolving identity "Team Foundation Administrators"...
a [A] [INSTANCE]\Team Foundation Administrators
Resolving identity "n:Datum1\jpeoples"...
  [U] DATUM1\jpeoples (John Peoples)
Checking group membership...

John Peoples IS a member of [INSTANCE]\Team Foundation Administrators.

Done.

/m command: Check explicit and implicit group membership

Visual Studio Team Foundation Server 2013

Parameters

Remarks

Examples

See Also

Other Resources

Get in touch