Monday, February 19, 2024

// // Leave a Comment

How unlock TFS/DevOps files and delete Workspace without TFS sidekick?

 Team Foundation Sidekicks is a very good toll for Microsoft Team Foundation Server administrators which providing Graphic User Interface for administrative and advanced version control tasks in multi-user TFS environments. But Team Foundation Sidekicks is no more offering updated version the last release was for Team Foundation Server 2015.  TFS sidekick was really good tool which helps Administrator to delete workspace and to remove file locks remotely. 

Below commands are very helpful for Administrator to delete workspace and unlock check out Dev Ops files remotely.

 1. Go to the Visual Studio directory which is in Program files folder and the below to see the use Workspace on. In this example you can see this user has two workspace.


 C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\Common7\IDE\CommonExtensions\Microsoft\TeamFoundation\Team Explorer>tf workspaces /owner:jason.roy /collection:https://devops.azurehowtos.com/MyCollection/

Workspace      Owner               Computer     Comment
-------------- ------------------- ------------ -----------------------------------------------------------------------
MyWork     Roy,Jason         RedBull-2023

MyWork-1  Roy,Jason        RedBull-2023

Once you run the above command you will Workspace name, Owner of the workspace and computer name.

 

2. If you want to delete workspace you simple run the below command.

 

C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\Common7\IDE\CommonExtensions\Microsoft\TeamFoundation\Team Explorer>tf workspace /delete /collection:https://devops.azurehowtos.com/MyCollection/Redbull-2023;jason.roy
A deleted workspace cannot be recovered.
Workspace 'MyWork;Jason.Roy' on server 'https://devops.azurehowtos.com/MyCollection/' has 49 pending change(s).
Are you sure you want to delete the workspace? (Yes/No) Yes

Type yes and press Enter, then it will delete the workspace. This option is really good if you want to delete the workspace of the employees who left the company and no more working on the projects. 

 

3. Instead of deleting workspace if you want to unlock specific file then you can run the below command.

 

tf undo $/MyCollection/Santy/Files/rptMem.rpt /workspace:"Redbull-2023";azurehowtos\jason.roy /s:https://devops.azurehowtos.com/MyCollection/

 

 OR

 

tf lock lock:none $/MyCollection/Santy/Files/rptMem.rpt /workspace:"Redbull-2023";azurehowtos\jason.roy /s:https://devops.azurehowtos.com/MyCollection/

 

the difference between tf lock and tf undo in below case.

  • To delete pending changes in another user's workspace, use the tf undo command.
  • To remove an exclusive lock on a file but not the pending changes, use the tf lock command.
Read More

Wednesday, October 11, 2023

// // 4 comments

Step by Step Guide How to find the user Account Lockout Source Computer and Application

 In Today's post, I will discuss an easy way to find the source Computer and Application for your Account lockouts. Many End Users save their password somewhere in the Services, Applications, and Batch file and forget to update it after password changes. This is not a good practice to keep passwords in applications, scheduled tasks, and Windows services. It is always recommended to use GMSA accounts for Windows services or to use a dedicated service account for Windows services.


There are many reasons behind your Account Lockouts.


1. Services using your old login credentials
2. Applications using old login credentials
3. Network drives Mapped using expired Windows login credentials
4. Windows Scheduled Tasks using expired login password.

1. How to find source Computer Name from Domain Controller Security Events.

 
When the Administrator configures the domain controller, they configure the Account lockout threshold, which helps to lock the user account in case anyone tries to use/hack your account. This is very helpful to secure your login account and company Infrastructure. The account Threshold can be set to specify the number of times a user can attempt to log in using the wrong credentials before it locks out. Whenever your account gets locked out, it generates Event ID 4740. To find out the source of the Account lockout, login to the domain controller. Open Event Viewer-> Security Events     

                                                                                  

                                                    

The on Right side Pane click on Filter Current Logs-> In All Event ID's type 4740 and click on OK to search for Event ID 4740.

 

  

 

A user account was locked out.

Subject:
    Security ID:        SYSTEM
    Account Name:        MY-AD$
    Account Domain:        AzureHowTos
    Logon ID:        0x007

Account That Was Locked Out:
    Security ID:        AzureHowTos\Azure
    Account Name:        Azure

Additional Information:
    Caller Computer Name:    PC-01 

As you can see above my user account is locked out and the source is PC-01. So I need to check PC-01 and what's is going on there.

2. How to Find the Application which is locking out my user Account.

Its easy to find the source computer, but event ID 4740 does not show the application which is locking out your computer account. There is one easy way to find the Application which is locking out your computer.

1. Login to the end users computer and Open PowerShell ISE as an Administrator.

2. Copy and Paste below script in it and run. Note - Replace Computer-Name with source/your computer name.

$filter = @{LogName = "Security"; Id = 4625; StartTime = (Get-Date).AddDays(-5)}

$lockouts = Get-WinEvent -ComputerName PC-01 -FilterHashTable $filter -MaxEvents 1 -ErrorAction 0

$lockouts| Select @{Name = "LockedUserName"; Expression = {$_.Properties[5].Value}}, `
@{Name = "LogonType"; Expression = {$_.Properties[10].Value}}, `
@{Name = "LogonProcessName"; Expression = {$_.Properties[11].Value}}, `
@{Name = "ProcessName"; Expression = {$_.Properties[18].Value}}


3. Here you can see that my user account locked out by Windows Service. This will help you to narrow down the issue and find the source application which is locking out your user account.


Read More