` LinkedIn WhatsApp Twitter Facebook Email
Internal
External
Resources

images/clip_image002_thumb-1-1.jpg (image/jpeg)

images/image_thumb37-2-2.png (image/png)

images/metro-applies-to-label-3-3.png (image/png)

images/metro-findings-label-4-4.png (image/png)

images/metro-problem-icon-5-5.png (image/png)

images/metro-solution-label-6-6.png (image/png)

images/wlEmoticon-sadsmile-7-7.png (image/png)

Theme
Text Font
Currency
Accepting 1 new client!
Blog Uncategorized

a·gen·tic a·gil·i·ty

TFS Integration Tools - Issue: TFS WIT bypass-rule submission is enabled

TL;DR; Explains how to resolve TFS Integration Platform errors caused by missing permissions for bypass-rule submission by adding accounts to the Team Foundation Service Accounts group.

Published on
Written by Martin Hinshelwood
2 minute read
Image
https://nkdagility.com/resources/sb9e7R72Ioq
Table of Contents
Related Blog
TFS Integration Tools - Issue: TFS WIT invalid submission conflict type TFS Integration Tools – Issue: Access denied to Program Files Project Server 2013 Issue - TF294003: Cannot access the following PWA instance
Related Videos
Unlocking TFS: Mastering Permissions for Seamless Team Collaboration A Step-by-Step Guide to Installing TFS 2013 on Windows Server 2012 R2 Mastering TFS Release Management: A Step-by-Step Guide to Smooth Configuration
Related Signals
no entries found
Related Guides
no entries found
Related Course
no entries found
Comments
Feedback View on Github Edit on Github
Classifications
` LinkedIn WhatsApp Twitter Facebook Email
Internal
External
Resources

images/clip_image002_thumb-1-1.jpg (image/jpeg)

images/image_thumb37-2-2.png (image/png)

images/metro-applies-to-label-3-3.png (image/png)

images/metro-findings-label-4-4.png (image/png)

images/metro-problem-icon-5-5.png (image/png)

images/metro-solution-label-6-6.png (image/png)

images/wlEmoticon-sadsmile-7-7.png (image/png)

Subscribe

When you run the TFS Integration Platform for the first time with TFS WIT bypass-rule submission enabled you will likely get the following error:

TFS Integration Tools - Issue: TFS WIT bypass-rule submission is enabled

Figure: A Runtime Error

Microsoft.TeamFoundation.Migration.Tfs2010WitAdapter.PermissionException: TFS WIT bypass-rule submission is enabled. However, the migration service account ‘TFSService’ is not in the Service Accounts Group on server ‘http://tfsserver:8080/tfs/msf_migrate’.

at Microsoft.TeamFoundation.Migration.Tfs2010WitAdapter.VersionSpecificUtils.CheckBypassRulePermission(TfsTeamProjectCollection tfs)

at Microsoft.TeamFoundation.Migration.Tfs2010WitAdapter.TfsCore.CheckBypassRulePermission()

at Microsoft.TeamFoundation.Migration.Tfs2010WitAdapter.TfsWITMigrationProvider.InitializeTfsClient()

at Microsoft.TeamFoundation.Migration.Tfs2010WitAdapter.TfsWITMigrationProvider.InitializeClient()

at Microsoft.TeamFoundation.Migration.Toolkit.MigrationEngine.Initialize(Int32 sessionRunId)

TFS Integration Tools - Issue: TFS WIT bypass-rule submission is enabled Applies To

TFS Integration Tools - Issue: TFS WIT bypass-rule submission is enabled Findings

Only accounts in the Team Foundation Service Accounts are aloud to access the web services directly. By default the account used to install TFS is not added to this group.

In addition you will also be unable to add the account through the UI as editing this group directly is disables. It is meant to be used under the covers for Lab or Build accounts, but the TFS Integration Platform is not an out-of-the-box tool.

TFS Integration Tools - Issue: TFS WIT bypass-rule submission is enabled

Figure: You can’t edit Team Foundation Service Accounts

This is a special group that does not allow you to populate it through the UI. You can however view it and all of the accounts that you use for your Build Agents, Build Controllers and other bits and bobs will all be in this list already.

You need to use the the command line TFS Integration Tools - Issue: TFS WIT bypass-rule submission is enabled

TFS Integration Tools - Issue: TFS WIT bypass-rule submission is enabled Solution

Use the tfssecurity.exe tool to update the Service Accounts Group and add the “TfsAdmin”.

TFS Integration Tools - Issue: TFS WIT bypass-rule submission is enabled

Figure: Updating the TFS Security group

You use our old friend the command line. There is an application called TfsSecurity that will allow you to add an account directly to that group.

1tfssecurity /g+ "Team Foundation Service Accounts" n:domainusername ALLOW /server:http://myserver:8080/tfs

Now you have that sorted you are ready to rock…

Did this help you?

Smart Classifications

Each classification [Concepts, Categories, & Tags] was assigned using AI-powered semantic analysis and scored across relevance, depth, and alignment. Final decisions? Still human. Always traceable. Hover to see how it applies.

Table of Contents
Related Blog
TFS Integration Tools - Issue: TFS WIT invalid submission conflict type TFS Integration Tools – Issue: Access denied to Program Files Project Server 2013 Issue - TF294003: Cannot access the following PWA instance
Related Videos
Unlocking TFS: Mastering Permissions for Seamless Team Collaboration A Step-by-Step Guide to Installing TFS 2013 on Windows Server 2012 R2 Mastering TFS Release Management: A Step-by-Step Guide to Smooth Configuration
Related Signals
no entries found
Related Guides
no entries found
Related Course
no entries found
Comments
Feedback View on Github Edit on Github
Classifications
` LinkedIn WhatsApp Twitter Facebook Email
Internal
External
Resources

images/clip_image002_thumb-1-1.jpg (image/jpeg)

images/image_thumb37-2-2.png (image/png)

images/metro-applies-to-label-3-3.png (image/png)

images/metro-findings-label-4-4.png (image/png)

images/metro-problem-icon-5-5.png (image/png)

images/metro-solution-label-6-6.png (image/png)

images/wlEmoticon-sadsmile-7-7.png (image/png)

Subscribe

Connect with Martin Hinshelwood

If you've made it this far, it's worth connecting with our principal consultant and coach, Martin Hinshelwood, for a 30-minute 'ask me anything' call.

Our Happy Clients​

We partner with businesses across diverse industries, including finance, insurance, healthcare, pharmaceuticals, technology, engineering, transportation, hospitality, entertainment, legal, government, and military sectors.​

SuperControl Logo

SuperControl

Freadom Logo

Freadom

NIT A/S

Lean SA Logo

Lean SA

Epic Games Logo

Epic Games

Hubtel Ghana Logo

Hubtel Ghana

Milliman Logo

Milliman

Bistech Logo

Bistech

Big Data for Humans Logo

Big Data for Humans

Akaditi Logo

Akaditi

Brandes Investment Partners L.P. Logo

Brandes Investment Partners L.P.

ProgramUtvikling Logo

ProgramUtvikling

Healthgrades Logo

Healthgrades

Sage Logo

Sage

Boxit Document Solutions

Graham & Brown Logo

Graham & Brown

ALS Life Sciences Logo

ALS Life Sciences

Teleplan Logo

Teleplan

Royal Air Force Logo

Royal Air Force

Washington Department of Transport Logo

Washington Department of Transport

Ghana Police Service Logo

Ghana Police Service

Washington Department of Enterprise Services Logo

Washington Department of Enterprise Services

New Hampshire Supreme Court Logo

New Hampshire Supreme Court

Nottingham County Council Logo

Nottingham County Council

Kongsberg Maritime Logo

Kongsberg Maritime

Xceptor - Process and Data Automation Logo

Xceptor - Process and Data Automation

Freadom Logo

Freadom

Sage Logo

Sage

Emerson Process Management Logo

Emerson Process Management

YearUp.org Logo

YearUp.org