Team Foundation Server (TFS) 2010 is a system not a product and is a combination of WSS, SQL Server and TFS it’s self and most of the Errors and Issues We face during during its Installation and Deployment are releated to SECURITY this might not be possible in every case but if you go online and check this will be the case and that’s what i have learnt during my professional career and deploying TFS multiple times.
We need to understand the following components and the User(s) access rights on them are very important and are the root cause!.
1) SQL Server
a) Reporting Services User rights
b) Analysis Services User rights
c) Database Engine User rights
a) Default Site User rights
b) Central Administration Site User rights
c) Team Site Collection (falling under the Default Site and the Team Sites fall under Team Site Collection) User rights
3) Team Foundation Server
a) Server level User rights
b) Project level User rights
So all these are inter-linked your USER under which your TFS will run has to have rights on all these above mentioned components so let’s say for installation of TFS 2010 you created a user named tfs-user now this User has to have rights on Analysis Services, Reporting Services, SQL DB Engine, WSS sites (Default, Central Admin) and TFS Projects. This is the only way out in which you would be able to deploy, install and configure services rightly and successfully and you would be able to create Team Project successfully and would be able to access Team Site, Reports etc and etc.
So for creating additional users you need to check rights on these specific locations and assign rights as per requirements and privleges.