TFS Source Control Remote Working

Hot Topic

Run settings of a load test
Is there a web interface to VSTS defect tracking?
External resource editor
Error 28703
After you migrate a SourceSafe DB into Team System
One of the team mate not able to access anything in VSTS even with exact same permissions as others
Solved that one, still want to know how to remove think time from within transaction.
What is Ocracoke going to be relased?
Modeling .Net Remoting or DCOM
Developing on Same Server as Team Foundation Server

VS Team System

SDM: Flow and Extends questions
AvoidUnusedPrivateFields fired in error
Trouble checking out *.csproj.vspscc from TFS after migrating from VSS 2005
Allowing team members to create Team Builds
Can't not create team project
How to resolve: Mark assemblies with CLSCompliant
Lock Computer and Check-out
Scenario can not be resolved as "split"
Restricting access to Visual Studio Project directories for different team members
Features in Data Dude

TFS Source Control Remote Working

Hi,

I hope I am missing the obvious, but I can't find any info on how TFS will work for remote workers. I know that it will work fine for those connected to the office network via VPN or such, but what about remote users who only have standard internet access

I was under the impression that there was some kind of web access, but I can't find any details anywhere. I imagine there has to be some serious setup if this kind of external access through to a TFS server running on a corporate network so if anyone has any info, please let me know!

Thanks
Dan

Answer this question

TFS Source Control Remote Working

  • dougseven

    The server provides a webservices interface. So, if your source control server is 'visible' from the internet, that means clients can reach it over the internet.

    The hopefully-obvious caveat there is that you'd want to take care when exposing any infrastructure to the public internet. We've taken steps to support this scenario; for example, the server can be configured to only accept HTTPS connections (and the clients know how to contact a server using HTTPS), and by default, anonymous connections shouldn't find anything useful to do (read: attack).

    So, once you've connected to a Team Foundation Server, the client doesn't really know or care whether your server URL was "sourceServer" or "http://source.example.com".

    Hope that helps :)

  • the_magic_juan

    We have not commited to any web clients for this release.  However, your corporation can configure remote access to Team Foundation Server via HTTPS.  This will allow remote version control access with basic authentication over HTTPS.  Unfortunately, we're still working out the kinks around this scenario in Beta 3, but it will be available for the final release.

  • silvo vasquez

    hi buck/ling,

    that might work, but i am not too familiar yet with the checkpoint software so am not sure (as we have only recently started using it!). it sounds like i have a couple of options anyway so i'll have to chat with the network guys and see what we can work out :)

    cheers
    dan

  • Erik McCarty

    I found one (from Eric Jarvi's blog): http://www.devbiz.com/teamplain/default.aspx

    Unfortunately, I think this one is only work item tracking, not source control.

    It'll take me a little longer to remember where I saw the other one...

  • Glaciered Pyro

    so what could i do if the server is not directly visible from the internet some of our remote users can connect to corporate resources through a clientless vpn (i.e. through internet explorer). is there a client that i could 'host' inside IE i'm just not sure we'd want to expose the source server to the internet directly.

  • chrischua83

    We're trying to get SSL access to FS to work right now for the Beta 3.

    So my question is: Is trying toi set up SSL on the FS services a futile task until the release or do you have some pointers/tips/tricks to help us out

    You're saying you're still not fully in control of this scenario in beta 3 right

    An alternative approach is terminating external SSL on our reverse proxy and go uncrypted on the inside. This would probably work just fine for the project portal seem from IE clients, but seeing all the port numbers and services in use in FS leads us to believe it would require quite some fiddling about when looking at full access (Team Client). Am I right

    Martin

  • JeffGoneMad

    i would be very interested if you could do that, thanks chris! this would then support all our scenarios for remote connection to source control :)

  • haputanlas

    it looks as though they are intending at some point to do a source control web client, but it doesnt give timescales. let me know if you remember
    the other one ;-)

    cheers
    dan

     

  • Dj Jamminx

    Your caution is well-founded; opening the attack surface on the server is not something to do lightly.

    I have to confess, I'm not at all familiar with "clientless" VPN as such (I use the VPN client built into XP personally). So, I'm not sure if the nature of our connection would make our traffic go out over such a connection or not (if it uses the IE proxy configuration, for example, I think you COULD use our clients because they'll respect IE's proxy settings).

    We're not shipping a web-based client for Source Control in v1. I know there's at least two projects in the works in the partner ecosystem to produce web-based clients for all of TFS. I can track down the information on those if you're interested.



  • ColinW

    Dan, I'm not familiar with clientless VPN, so I searched and found a doc on it at CheckPoint.
    http://www.checkpoint.com/products/downloads/ipsecwp.pdf

    It mentions being able to use applications that support SSL, such as Outlook.  All of the communication from source cotrol and work item tracking is via HTTP or HTTPS.

    It sounds like the TFS client would be able to talk to the server via HTTPS in this scenario.  Is that the case

    Buck

  • TFS Source Control Remote Working
Answer this question