There are instances where you only want a specific group of people to create work items in TFS. For example, maybe just the Business Analyst group can create stories, but then anyone should be able to update them. The easiest way to do this is by setting permissions on the initial transition on the work item definition – from blank to Open/Active or whatever your first state is:
You can do this in using the TFS Power Tools WIT editor, or you can just easily open your definition in notepad and make this change: