Tfs Permissions not in sync with Windows / Ldap Groups
One of my clients is currently in a busy testing phase having TFS & its Test component as the SUT and since one array of test cases focuses on security, roles and permissions, we quickly switch back and forth between different roles for particular users but quickly noticed that TFS, by default, only syncs up changes we made to the underlying Windows (local and AD) groups every hour.
Luckily Neno Loje has created a small tool (follow the link below) that forces the Tfs application server to sync up its information and thereby propagate the changes almost immediately (syncing takes a short while).
If you’re more of a PowerShell person, you can also use the code shown in the MSDN forums.
For more information regarding this topic you can also follow this link: Identity Synchronization in Team Foundation Server 2010.