public static AccountValidationResult HasAllServiceAccountPermissions( ServiceType serviceType, string account, SecurityIdentifier accountSid) { AccountValidationResult result = ServiceAccount.AccountValidationResult.Valid; try { if (!DBRoleUtil.IsAccountInTFSIPEXECRole(account)) { result |= ServiceAccount.AccountValidationResult.NotInTFSIPEXECRole; } if (!WindowsGroupUtil.IsMemberOfLocalGroup(Constants.TfsIntegrationExecWorkProcessGroupName, accountSid)) { result |= ServiceAccount.AccountValidationResult.NotInTFSIPEXECWorkProcessGroup; } if (GlobalConfiguration.UseWindowsService) { string serviceName = s_serviceNames[serviceType]; if (!WindowsServiceLogonUtil.IsLogonAccountOfService(serviceName, account)) { result |= ServiceAccount.AccountValidationResult.NotTfsIntegrationServiceLogonAccount; } } } catch (InvalidConfigurationException e) { throw; } catch (Exception e) { TraceManager.TraceException(e); result |= ServiceAccount.AccountValidationResult.ValidationFailed; } return(result); }