Sunday, 2 March 2014

How to perform a TFS Security Audit

It is common to be asked for performing a security audit on Team Foundation Server, and it is not a nightmare as it would seem…

The easiest way is to download the Audit Log. You can find it in the Access Levels administration page:

image

What you are going to get is a .csv file, containing all the groups and accounts allowed into Team Foundation Server, each with its unique internal URI (vstfs://…), the last access date and its access level.

But this is just the beginning – you get a list of flat users and groups, without their relationships. In order to get these, you can use the TFSSecurity command with the /i, /im and /imx switches.

These will give you all the informations about each user/group and its relationships and privileges, so wrapping their outputs and creating a very simple report is just a matter of time Smile

2 comments:

  1. Hi,

    This is the nice post and this post is really appreciable and informatics .I like this post too much.

    Security Audit

    ReplyDelete
  2. Thanks for sharing. Learn a lot from your Blog.I have read your blog about it-security-matter It is very help full.I really enjoyed reading it, you may be a great author.I must say you've done a wonderful job by sharing your article with us.Penetration Testing UK

    ReplyDelete