用VS2005的客户端连接TFS,结果没有输入用户名密码就可以登陆,而且是管理员登陆,觉得很奇怪,于是就找Team Explorer中的权限设置,发现一个Team Foundation Licensed Users组,里面有一个管理员,于是就好奇将其删除,结果就再也连接不了TFS了,结果SQL SERVER 2005的跟踪发现是死在以下的语句中:
exec sp_executesql N'-- prc_security_read_is_member
DECLARE @ismember BIT
EXEC prc_security_read_is_member @sid, @groupsid, @ismember OUTPUT
SELECT @ismember
',N'@sid varchar(46),@groupsid varchar(59)',@sid='S-1-5-21-2604840842-1608877906-3008711727-1113',@groupsid='S-1-9-1551374245-1204400969-2402986413-2179408616-0-0-0-0-4'
DECLARE @ismember BIT
EXEC prc_security_read_is_member @sid, @groupsid, @ismember OUTPUT
SELECT @ismember
',N'@sid varchar(46),@groupsid varchar(59)',@sid='S-1-5-21-2604840842-1608877906-3008711727-1113',@groupsid='S-1-9-1551374245-1204400969-2402986413-2179408616-0-0-0-0-4'
这个SP是Tfsintegeration中的一个SP,但是加密的,无法查看。于是就找表,发现有三个表可能有关联:tbl_gss_group_membership、tbl_security_membership_cache、tbl_security_ismember_cache,于是就一个个向里面加数据,加到第三个的时候,突然可以连接TFS,大功告成。以下是语句:
INSERT INTO tbl_gss_group_membership(parent_group_sid, member_sid, last_update)
VALUES('S-1-9-1551374245-1204400969-2402986413-2179408616-0-0-0-0-4', 'S-1-5-21-2604840842-1608877906-3008711727-1113', getdate())
INSERT INTO tbl_security_membership_cache(container, member)
VALUES('S-1-9-1551374245-1204400969-2402986413-2179408616-0-0-0-0-4', 'S-1-5-21-2604840842-1608877906-3008711727-1113')
INSERT INTO tbl_security_ismember_cache(group, member)
VALUES('S-1-9-1551374245-1204400969-2402986413-2179408616-0-0-0-0-4', 'S-1-5-21-2604840842-1608877906-3008711727-1113')
VALUES('S-1-9-1551374245-1204400969-2402986413-2179408616-0-0-0-0-4', 'S-1-5-21-2604840842-1608877906-3008711727-1113', getdate())
INSERT INTO tbl_security_membership_cache(container, member)
VALUES('S-1-9-1551374245-1204400969-2402986413-2179408616-0-0-0-0-4', 'S-1-5-21-2604840842-1608877906-3008711727-1113')
INSERT INTO tbl_security_ismember_cache(group, member)
VALUES('S-1-9-1551374245-1204400969-2402986413-2179408616-0-0-0-0-4', 'S-1-5-21-2604840842-1608877906-3008711727-1113')