We have a TFS 2010 with 14 collections. Each collection has its own team members (different Active Directory Accounts).
When a user logs into TFS, is seeing all the collections, he can enter the draft, create work items, see the source code, etc.. So he is not in the list of Team Member.
I made a program in c # to go by collection and project permits and no one is repeated.
How I can diagnose this behavior? There a tool to enter the user's name to show me why he has those permissions and how inherited (collection groups or groups of server).
I appreciate your input.
UPDATE:
Thanks you for the answers. We solved. it was a sync problem between Active Directory and TFS.
