TF50309: The following account does not have sufficient permissions to complete the operation

Asked 13/5, 2016 at 10:59 Answered 10/4, 2019 at 17:24

Solved tfs release release-management tfs-2015 tfs-security

I am created build and deploying those using TFS 2015. Everything was proper but from last two weeks the Build is being created successfully but the Release part is throwing error

TF50309: The following account does not have sufficient permissions to complete the operation:[*****]\Project Collection Service Accounts. The following permission is needed to perform this operation:View Project-level Information

So I verified the team project-> security settings. View Project-level Information is set to Allowed for all the groups except Project valid user. All the other groups are member of Project valid user so I do not think it should be a issue.

Can somebody help me out and give a proper solution

Embankment answered 13/5, 2016 at 10:59 Comment(0)

Add "Project Collection Service Accounts" as member of "Release Administrators" group.

Embankment answered 17/3, 2017 at 14:53 Comment(2)

This did not help for me. – Juanitajuanne 1/8, 2019 at 11:1

What did help for me was to run az account clear && az login, because apparently I had an old account cached or something like that. – Juanitajuanne 1/8, 2019 at 13:30

For me the issue was in visual studio so after opening visual studio installer and selecting repair option the issue disappeared.

Enchorial answered 25/7, 2018 at 9:47 Comment(2)

A short answer is welcome, however it won't provide much value to the latter users who are trying to understand what's going on behind the problem. Please spare some time to explain what's the real issue to cause the problem and how to solve. Thank you ~ – Ironsides 25/7, 2018 at 10:22

I don't know the root cause of the issue, but what i mentioned fixed the issue for me so i shared how it was fixed . – Enchorial 25/7, 2018 at 11:16

When you add accounts of users directly to a TFS group or through a Windows group, they are automatically added to one of the valid user groups.

TFS uses a least-permissive model for security permissions. What that means is that if a user belongs to two groups and the same permission is assigned Allow for one group and Deny for another group, Deny takes precedence over Allow.

So, if View Project-level Information is set to Allow in one group, but set Deny in Project valid user group, Deny takes precedence over Allow. You need to check the group permission that the account belongs to, and make sure every group has the proper permission.

Actium answered 16/5, 2016 at 1:51 Comment(1)

All the group had proper permissions. The issue got resolved by adding "Project Collection Service Accounts" as member of "Release Administrators" group. – Embankment 16/5, 2016 at 7:54

If you imported the definition in from another TFS/DevOps, it is possible that there is a unique identifier in the template export that needs to be changed or cleared out.

Desensitize answered 10/4, 2019 at 17:24 Comment(0)

Recommended topics

Hot tags