In instances where your network administrator has created an external trust with another domain, you may want the SharePoint People Picker to find users in the external AD.
According to Microsoft’s TechNet, “The People Picker automatically issues queries to all two-way trusted domains when it uses the application pool account to search for users and groups. When you select a secondary account in the People Picker, the primary account information will be returned.” Therefore, by default two-way trusts are automatically searched.
I was asked to take over a TFS installation. Apparently, there was no one, previously, knowledgeable in administering Team Foundation Server because there were many installation and configuration issues – it was a mess.
One such issue was misassignment of user permissions. For instance, the business needed multiple users to have access to the TFS analysis cube in order to generate reports and pivot tables in Excel. The business’s solution to granting users “read” access to the cube was to grant them TFS Administrator privileges. In fact, there were over 20 users who were authorized as Team Foundation Administration Console Users.
By doing this, not only does the user have incredibly insane permissions around TFS, but they have administrative privileges (Read/Write) to the analysis cube – they would be added as a member of theTfsWarehouseAdministrator role group on the analysis server.