Menu
I am trying to deploy using Team Build 2010 to a Windows Server 2008 R2 web server. My build server agent is setup to run under a Windows domain account. I have successfully given this domain account permissions on my web server for the deployment using the IIS Manager permissions. This account is not an Administrator on the web server. I can get the build deploying just fine using the following parameters:
/p:DeployOnBuild=True /p:DeployTarget=MsDeployPublish /p:CreatePackageOnPublish=False /p:MSDeployPublishMethod=WMSVC /p:AllowUntrustedCertificate=True /p:MSDeployServiceUrl=webservername /p:DeployIisAppPath="Web Site Name" /p:UserName=DOMAIN\BUILDID /p:Password=buildidpassword Because other developers are going to be setting up their builds, and I would rather not publish the password for the domain account, I need to use NTLM authentication to deploy. I would like to continue using the Web Management service method (WMSVC) for deployment so the BUILDID doesn't have to be an administrator.
I have dug deep into the "Microsoft.Web.Publishing.targets" and it appears that I should be able to pass an AuthType parameter to control the authorization type, but it appears to not have any effect. I have tried:
/p:DeployOnBuild=True /p:DeployTarget=MsDeployPublish /p:CreatePackageOnPublish=False /p:MSDeployPublishMethod=WMSVC /p:AllowUntrustedCertificate=True /p:MSDeployServiceUrl=webservername /p:DeployIisAppPath="Web Site Name" /p:AuthType=NTLM And I have also tried putting a blank username (as seen elsewhere on StackOverflow), to no avail. I continue to get the error:
C:\Program Files (x86)\MSBuild\Microsoft\VisualStudio\v10.0\Web\Microsoft.Web.Publishing.targets(3847,5): error : Web deployment task failed.(Connected to the destination computer ("webservername") using the Web Management Service, but could not authorize. Make sure that you are using the correct user name and password, that the site you are connecting to exists, and that the credentials represent a user who has permissions to access the site.)
I have also tried the UseMsdeployexe parameter as mentioned in the previous link, but I then get other errors related to the web.config transformation. It looks like the issue is already on Microsoft Connect and is listed as being fixed in the next issue.
791
Is Web Deploy installed? You can verify web deploy is installed by going to the "Programs and Features" control panel and looking for "Microsoft Web Deploy 2.0" in the list of installed programs. If it is not there, you can install it via the Web Platform Installer by going to the "Products" tab.
Go to C:\Windows\System32 and right click on CMD. EXE. Choose “Run as Administrator”. Once the command prompt is up, you will navigate to the folder level where MSDeploy.exe exists.
There is an additional step, which I never picked up on:
Source
You can optionally enable users to authenticate with the Web Management Service using NTLM. To do this, update the registry on the server by adding a DWORD key named "WindowsAuthenticationEnabled" under HKEY_LOCAL_MACHINE\Software\Microsoft\WebManagement\Server, and set it to 1. If the Web Management Service is already started, the setting will take effect after the service is restarted.
150
If it is failing using NTLM then the team build service agent needs to be given permission to your site to allow non-administrators to connect to the site or application deployment server access. You can configure this under Management Service .
You might want to also take a look at configuring the web deployment provider settings. Web Deploy Provider Settings
If the wmsvc provider setting is specified, the default authentication type is Basic; otherwise, the default authentication type is NTLM.
You could also encrypted your password using the encryptPassword parameter and configuring the setup on the hosted server if you are wanted to use basic authentication type.
This error code can surface because of a number of different reasons. It typically indicates an authentication or authorization problem, and can happen because of any of hte following reasons:
If connecting using the Web Management Service:
If connecting using the Remote Agent Service:
43
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
