This section discusses the two common security access problems that you encounter. If you have been following the guidelines outlined in this book, more than likely you will not run into either of these issues. However, they occur often enough to make it worth discussing them here.
If you are having security issues, the MSDN Forums are a great resource (http://msdn.microsoft.com/forums). Many Microsoft employees and knowledgeable users monitor these forums, and will more than likely be able to answer any questions you might have, or at least point you in the right direction.
A user must be a member of the Team Foundation Valid Users group to connect to a Team Foundation Server using Team Explorer. If a user is not a member of this group, then when they try to add a Team Foundation Server to their Team Explorer, they will receive a TF31003 error message, stating that the user account does not have permission to connect to the Team Foundation Server.
The solution for this problem is to have your Team Foundation administrator add the user to either the Team Foundation Valid Users group, or to a group which is also a member of the Team Foundation Valid Users group. The latter option is the preferred method.
If a user tries to create a new team project, and does not have sufficient rights, they may encounter the TF30172 error message, stating you do not have permission to create a new team project. This error message means the user does not have the global security permission Create A Project.
To correct this issue, you need to have your Team Foundation Administrator add the user to a group which has this permission set to Allow. Also, ensure the user is not a member of any group that has this permission set to Deny. Remember, Deny always overrides Allow.
You may receive other error messages, such as being unable to communicate with SQL Reporting Services, or with Windows SharePoint Services. Chapter 2 discusses how a user also has to have certain rights within both these services, which are not set in Team Foundation Server. Refer to Chapter 2 for more information.