public static AccountValidationResult HasAllServiceAccountPermissions(
ServiceType serviceType,
string account,
SecurityIdentifier accountSid)
{
AccountValidationResult result = ServiceAccount.AccountValidationResult.Valid;
try
{
if (!DBRoleUtil.IsAccountInTFSIPEXECRole(account))
{
result |= ServiceAccount.AccountValidationResult.NotInTFSIPEXECRole;
}
if (!WindowsGroupUtil.IsMemberOfLocalGroup(Constants.TfsIntegrationExecWorkProcessGroupName, accountSid))
{
result |= ServiceAccount.AccountValidationResult.NotInTFSIPEXECWorkProcessGroup;
}
if (GlobalConfiguration.UseWindowsService)
{
string serviceName = s_serviceNames[serviceType];
if (!WindowsServiceLogonUtil.IsLogonAccountOfService(serviceName, account))
{
result |= ServiceAccount.AccountValidationResult.NotTfsIntegrationServiceLogonAccount;
}
}
}
catch (InvalidConfigurationException e)
{
throw;
}
catch (Exception e)
{
TraceManager.TraceException(e);
result |= ServiceAccount.AccountValidationResult.ValidationFailed;
}
return(result);
}
