In TFS 2010 a new mechanism for automatic syncronization of users with AD had been introduced. In order to use it the property syncnamechanges must be enabled within a ProjectCollection. The same feature is still available in TFS 11 and following procedure can be used in the same way.
In order to verify status of this setting for a field like Custom.ReviewedBY the sintax to be used is the following:
witadmin listfields /collection:http://tfsserver:8080/tfs/DefaultCollection /n:Custom.ReviewedBy
in order to enable this setting for a type like Custom.ReviewedBy the following syntax should be used:
witadmin changefield /collection:http://tfsserver:8080/tfs/DefaultCollection /n:Custom.ReviewedBy /syncnamechanges:true
MSDN article is wrong: here you can find the MSDN article related to this feature, the command syntax there is wrong. I already sent a comment to MS to correct it.
Advanced note: to better explain inner working of this mechanism let’s take in example custom field ReviewedBy and tables in TFS_Warehouse database. Before enabling syncnamechanges, the field ReviewedBy is a string in the DimWorkItem table. When syncnamechanges is enabled the string field in DimWorkItem is replaced by a ForeignKey named ReviewedBY__PersonSK that is used to link DimPerson table, that contains the list of users synchronized with variuos Active Directory domains. Analizying this table you can see that it contains SID and Domain of the user. In this way the sync of users in this table performed automatically by TFS, will also updated all related fields.
Attention: for your info TFS 11 will import in its database also users disabled in Active Directory.
