Domain credentials suddenly invalid - tfs

I previously had TFS 2017 and SQL 2016 working well on a single 250GB Server 2016 .VHDX with two partitions, C: and D:. SQL is installed on C:, with its data directories on D:.
Oddly, C: started filling up unexpectedly, so I decided to move the D: partition to its own .VHDX and expand C:.
This all went well, and I now have two 100GB .VHDXs with C: and D:, respectively. (This is a one-man shop, so data storage needs are quite small at present. These needs will increase soon, however, so this is another reason to split off into multiples like this.)
The trouble comes when I try to sign in to TFS using the same domain account (DOMAIN\User) that worked before all of this took place. I'm now unable to sign in, and I'm prompted for credentials in a continuous loop (unless I cancel the basic auth dialog, in which case I get a 401-Unauthorized).
I've reapplied all accounts using the TFS Management Console, but this hasn't worked. FYI I'm able to boot to the server desktop and connect to the SQL instance and browse TFS tables using SSMS.
What must I fix to be able to sign in as before?

Seems the relationship between TFS and SQL server is destroyed by the partition expanding.
First, please check if there are problems for the SQL Server and TFS databases. If no issues, just try to Re-RegisterDB and RemapDBs for TFS.
If that still not work, I am afraid that you have to reconfigure the TFS. uninstall the application tier then reinstall it again using the existing database. If the SQL Server and TFS database also have problems, you have to reinstall sql server and restore the backed up data.
Similar thread for your reference : TFS 2013 Admin Console locks Tfs_Configuration preventing it's restoration

Related

TFS246017: Team Foundation Server could not connect to the database

While attempting Branch operation from within VS I get the error message TFS246017: Team Foundation Server could not connect to the database. Verify that the instance is specified correctly, that the server that is hosting the database is operational, and that network problems are not blocking communication with the server. (The error message box looks like the one in this question).
I logged on to the TFS virtual machine. In event viewer I see a warnning with with the same message as above + Process Name: w3wp, User: domain\MyUser. The IIS TFS site is started.
I opened the TFS console on the TFS machine using both domain\MyUser and domain\tfssetup (this is the user running the Visual Studio Team Foundation Background Job agent service), the console opens successfully. Both users appear in the Administration Console Users list. I did reapply account for both users. I also did update password for domain\MyUser. It shows a connection string with Datasource and Initial Catalog. I logged in to the DB machine, opened SQLSERVER users: the tfssetup user is there with sysadmin and owner of relevant instances. I also added the domain\MyUser and added admin privileges (but the error persists).
I also installed SSMS on TFS machine & was able to connect to DB server using both domain\MyUser and domain\tfssetup and view tables.
This error did not happen in the past. This error didn't happen when branching a different location in the source control ($/Project1/Main vs $/Project2/Main) beforehand. The Source Control Explorer appears to show OK (so TFS is working). Using Visual Studio 2013. TFS 2017. AFAIK Virtual Machines were not moved, IP address were not changed. Using vSphere it seems there is enough disk space for both TFS and DB machines. The error appears after ~4 seconds.
What else can be tried?
Looking in the TFS SQLSERVER log there was a "SERVER ASSERTION" error and this was the cause for the TFS generic error.
In my case the error was very similiar to the one here. CHECKDB and updating to the latest service pack didn't help. What helped was changing the recovery mode to full as recommended in that thread.

tfs url in email wrong after migration

We migrated our TFS 2017 to TFS 2018 by first using the "Move or Clone Team Foundation Server from one hardware to another" instructions (https://learn.microsoft.com/en-us/tfs/server/admin/move-clone-hardware) and then upgrading that to TFS 2018 which seemed to go just fine. TFS works, however the URLs in the emails that go out regarding work items are still pointing at the old server. The only URL that I can find to change is the Public URL on the Application Tier, which is already correct. In the message header on the emails that are sent out, the old server also appears to be the sending domain:
In-Reply-To: Tfs.WorkItem.Project.######oldservername
I can't find references to that old server anywhere though. Any idea what I might be missing?
We were able to find the issue. The tbl_AccessMapping table in the database for the Project Collection had different values in it than the tbl_AccessMapping table in the tfs_teamfoundationconfiguration database (specifically the accesspoint field). tfs_teamfoundationconfiguration was correct, so we synced those correct values over to the Project Collection database.
This took some time to take effect, I assume due to caching. Restarting IIS would likely fix it quicker.

Team Foundation Server 2012 broken web access - Error TF400893

I have installed TFS 2012 Express on my computer but I can't get TFS web access portal to work. If I try to view a page with work items I get error:
TF400893: Team Foundation Server services are not available.
This is most likely caused by a network error.
Please check your connection and try again.
It's weird because other parts of the TFS web portal works (e.g. source) so I don't think it's network error. If I connect to the TFS server from Visual Studio everything is working, so I suppose TFS service is running.
I tried to reinstall TFS, but it didn't help :-(
Any ideas what can be wrong?
Try an other browser. I have used Opera and got the error. Using IE should work.
Try changing the account from Applicaiton Tier on TFS Administration Console to your current domain and user info. The default value is NT AUTHORITY.
You should check for any firewalls or other IPS devices between the browser and the application tier for SQL injection attack rules. WIQL being sent from the browser in the AJAX request looks far too much like regular SQL so gets canned by such rules.
As we were experiencing this issue where I work, I decided to take a network packet capture of the browser traffic on a machine experiencing the problem. This yielded a whole bunch of TCP retransmits on the packet containing the plain-text WIQL. Upon presenting this evidence to the company's network team, they located the offending IPS rule which was triggering on these packets, disabled it for packets targeting the TFS Application tier and the problem was solved.
I just got the same error while adding a comment to a work item which included a SQL Statement to drop some tables.
After changing my language to not include explicit T-SQL "DROP TABLE" syntax, I was able to add the comment. My guess is something trying to prevent SQL injection.

Migrating .NET Database to Shared Hosting

Built an app locally with an EF code-first database - not sure how to upload it to a shared hosting environment such as GoDaddy. It makes sense that something would be amiss because on the shared hosting your code can't just go create a database, but on the flip side I can't find anything to copy the CREATE sql and create it on the server like you would with MySQL
Feel a little silly because I've been using .NET for over a year now but at work the databases are already set up and we have full control over our environments.
If the database has no data that you need to preserve the easiest method is just to install the app on the new host and set the connection string to your new database on the host. On the first attempt to load a page accessing the database, the database will automatically be created (note that you need to load a page which hits the database - sometimes the home page is not sufficient).
This method is a lot more straightforward than generating SQL and then executing it on the production database.
If there is data that you need to preserve then the best method will be taking a backup and installing the backup on the host. In SSMS simply right-click the database in the left pane, then Tools > Backup... To restore on the server connect to the server in SSMS and right-click the 'Database' node in the left panel and select 'Restore Database...' I'm not sure if the host provides a direct connection from SSMS but they should at a minimum have a mechanism to restore a .bak file.
Going forward you should ensure that you can execute SQL on your database as a very convenient method for deploying EF Migrations is to generate the SQL update script on the development server and then deploy this by executing it in production.
Depending on your web host, you may be able to restore the database. If this is an option, simply back up your database on your local machine and restore it on the server via the management console.
You can back up your local database using SQL Server Management Console. This works well even for larger databases as you can directly restore all your data, your schema, etc.
I've had experience with three different hosts so far and all of them have this as an option. You'll usually find this under the Database tab for the web site. The rest from there is up to you because it's usually different across the various hosts.

Can't create new project in Team Foundation Server

We're switching over to Team Foundation for our version control, and I have to learn it and set it up. Our IT guy did the installation of the both the data tier and the app tier, and he is of course convinced that it's right. However when i log in as tfssetup and try to create a new project, i get the error:
Error
Insufficient permissions to create a new SQL Server Reporting Services at tsttfsapp1.
Explanation
The permissions granted your user name and ID on the SQL Server Reporting Services at tsttfsapp1 do not allow you create a new project. You must be granted specific permission by the server administrator.
User Action
Contact the Administrator for the SQL Server Reporting Services at tsttfsapp1 and ask that the permission "Content Manager" be added to your user account
So i tried to log in to http://servername/Reports_TFS it asks for the credentials but doesn't accept them. Even stranger when i try to access it from a computer and user that aren't on the same domain as the app tier server, it doesn't ask for credentials and lets me right in. As far as i know the default name of the site should be Reports, not Reports_TFS is it possible that his renaming of that could be causing the problem?
tfssetup is definitely a "Content Manager" as far as i can tell, so i don't understand why we are getting this problem. Also any recommendation for good websites or books that can take a complete beginner and help me become an expert in 3 weeks (what's left of the 6 week time frame allowed for me to learn) would be appreciated.
Thanks
I'm not sure this will help, but we had this error at my place of work on our 2005 TFS server. We opened a ticket with Microsoft and sent them our TFS database. They were able to replicate the issue with the copy of the database. Somehow the TFS database had gotten into an invalid state, but they weren't able to determine how this happened or how to fix it. Unfortunately, this error kept us from being able to upgrade the server to TFS 2008 too. We ended up getting latest of all the code and adding it to source control on a new install of TFS. What a pain.
OK so it turns out it was only a problem because I was using a 2005 client with a 2008 server. A 2008 client has no problem creating a project on the 2008 server, but the 2005 client is not able to create a project on a 2008 server.

Resources