This Post is to identify Security Tips in TFS best Practices :
1) Implicit & Explicit Permission in TFS:
When you try to manage Group Permission on TFS Server (Server Level or Project Level) you have 2 check boxes to allow/deny the permission.
when you check either allow/deny this is called you explicitly set the permission set.
when you leave the checkboxes un check this called your Implicitly Deny this Permission to the selected group.
2) Inheritence in TFS Security Permission Set:
In TFS,if the user belongs to 2 Groups and one Group has a permission to Create New Project and other doesnt have,The user will inherit this permission from one of those groups.
Note also that the permission on WSS or Reporting Services is not inherited in TFS.
3) Manage The project Lead Permissions to on SQL Reporting Services:
Navigate to this URL :
http:// application-tier /Reports/Pages/Folder.aspx
Select Properties,Click on New Role Assignement,Put the Username (User Account Username) of the Project Lead and select Content Manager then OK
4) Manage Project Lead Permissions on WSS :
From Team Explorer Window,Select Project Portal, Site Settings,Manage Users, Add the username then select either Administrator Role then click add.
Hope This Tips helps