Esempio n. 1
0
        public static AccountValidationResult HasAllServiceAccountPermissions(
            ServiceType serviceType,
            string account,
            SecurityIdentifier accountSid)
        {
            AccountValidationResult result = ServiceAccount.AccountValidationResult.Valid;

            try
            {
                if (!DBRoleUtil.IsAccountInTFSIPEXECRole(account))
                {
                    result |= ServiceAccount.AccountValidationResult.NotInTFSIPEXECRole;
                }

                if (!WindowsGroupUtil.IsMemberOfLocalGroup(Constants.TfsIntegrationExecWorkProcessGroupName, accountSid))
                {
                    result |= ServiceAccount.AccountValidationResult.NotInTFSIPEXECWorkProcessGroup;
                }

                if (GlobalConfiguration.UseWindowsService)
                {
                    string serviceName = s_serviceNames[serviceType];
                    if (!WindowsServiceLogonUtil.IsLogonAccountOfService(serviceName, account))
                    {
                        result |= ServiceAccount.AccountValidationResult.NotTfsIntegrationServiceLogonAccount;
                    }
                }
            }
            catch (InvalidConfigurationException e)
            {
                throw;
            }
            catch (Exception e)
            {
                TraceManager.TraceException(e);
                result |= ServiceAccount.AccountValidationResult.ValidationFailed;
            }

            return(result);
        }