Pre-requisites:

1.       Visual Studio Ultimate 2012 – for debugging

2.       Source code and debug information – for debugging

3.       Administrative access on production (target) server

Prepare for collection

1.       Download the IntelliTraceCollection.exe from the following URL: http://bit.ly/Ru0tJe

2.       Create a folder on the production server (I like to create one called C:\itrace)

3.       Copy the IntelliTraceCollection.exe to C:\itrace

4.       Expand the IntelliTraceCollection.exe file to IntelliTraceCollection.cab using the following command under a command prompt with administrative permissions: expand /f:* IntelliTraceCollection.cab .

5.       Create a folder to capture logs and give it appropriate permissions

a.       (I like to create C:\itrace\logs)

b.      Either use the Windows Explorer security tab to give the appropriate application pool account full control on the folder (use the account “IIS APPPOOL\DefaultAppPool”) or use the following command under a command prompt with administrative privileges: icacls c:\itrace\logs /grant "IIS APPPOOL\DefaultAppPool":(F)

Start the collection

1.       Open a powershell command with administrative privileges and navigate (cd) to C:\itrace

2.       First import the intellitrace powershell utilities with the following command: Import-Module .\Microsoft.VisualStudio.IntelliTrace.PowerShell.dll

3.       Start capturaing the itrace files into the logs folder with the following command: Start-IntelliTraceCollection <ApplicationPool> <CollectionPlan> <FullOutputPath>

a.       Example: Start-IntelliTraceCollection DefaultAppPool .\ Collection_plan.ASP.NET.trace C:\itrace\logs

4.       To dump the itrace file in the logs folder create a checkpoint using the following example command: Checkpoint-IntelliTraceCollection DefaultAppPool

5.       When done, stop the collection using the following example powershell command: Stop-IntelliTraceCollection DefaultAppPool

6.       Copy the *.itrace files from C:\itrace\logs to your development machine with Visual Studio Ultimate 2012.

Analyze the itrace files

1.       Open the itrace files in Visual Studio Ultimate 2012 and expand the “Web Requests” drop down to expose the HTTP/S requests and select the one you wish to explore, then click on the “Request Details” button.

2.       You will now see the request events associated with the HTTP/S command (GET/POST/Etc.).

3.       Select an event of interest and click on the “Start Debugging” button to begin debugging in Visual Studio.

Long story short: View this KB - Microsoft KB 2686098

Essentially run the following powershell command under admin priveleges: Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" RequireSecureNegotiate -Value 0 -Force

Note. Please backup your registry file before making any changes.

When you add a new TFS user he/she may not have access to other, external components or services that TFS integrates with. Namely, this new user may not have permission to use Reporting or the Team Project Portal. In this post, I describe the steps that I have taken to add a new user across all components.

Assumptions

1. You have already created an AD User (and added them to an AD Group, I call mine TFSUsers).

2. You have gone into TFS Administion and added this group or user to the appropriate permission level. I add mine to the "[TFS Project Name] Team" group, which by default is assigned the "Contributors" rights.

Here are the steps then,

SHAREPOINT

1. Launch into the TFS Administration Web page as shown below.

Figure 1.

2. Click on the "Go to project portal" link as shown in Figure 1. Sign on with credentials allowed to administer the SharePoint portal. You will then be taken to the following SharePoint site.

Figure 2.

3. Click on "Site Actions" as shown in Figure 2. and then click on "Site Permissions" as shown in Figure 3.

Figure 3.

4. Now follow the steps shown in Figure 4 to grant the AD Group or User the appropriate permission(s).

Figure 4.

REPORTING

1. Click on "View Reports" as shown in Figure 1. Sign on with the appropriate administrative credentials to the Reporting site, as you are taken to the following page as shown in Figure 5.

Figure 5.

2. Click on "Folder Settings" as shown in Figure 5 as you are taken to the Role Assignments page shown in Figure 6.

Figure 6.

3. Click on "New Role Assignment" as shown in Figure 6, and then assign the appropriate role to the AD Group or User.

Figure 7.

That's all folks! Now your added user or group should have appropriate permissions to work with Team Foundation Server.