Login/Register
How to use Web Deploy 3.0 with a non-admin account
Asked Answered
Solved asp.net-mvcwebdeploy
E

1

7

I'm trying to deploy an ASP.net MVC Web Site using a non-administrator account (with Web Deploy 3.0). According to all the videos and documentation I've seen this is possible. However, when I try to deploy I get an error (ERROR_USER_NOT_ADMIN).

I have added the user under "IIS Manage Users" on the server. This user exists on the site under "IIS Manager Permissions".

What am I missing?

Here is the pubxml:

<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  <PropertyGroup>
    <WebPublishMethod>MSDeploy</WebPublishMethod>
    <SiteUrlToLaunchAfterPublish>http://sitename.com/</SiteUrlToLaunchAfterPublish>
    <MSDeployServiceURL>http://server.com</MSDeployServiceURL>
    <DeployIisAppPath>IISsitename</DeployIisAppPath>
    <RemoteSitePhysicalPath />
    <SkipExtraFilesOnServer>True</SkipExtraFilesOnServer>
    <MSDeployPublishMethod>RemoteAgent</MSDeployPublishMethod>
    <UserName>user</UserName>
    <_SavePWD>True</_SavePWD>
    <PublishDatabaseSettings>
      <Objects xmlns="">
      </Objects>
    </PublishDatabaseSettings>
  </PropertyGroup>
</Project>

http://www.iis.net/learn/publish/troubleshooting-web-deploy/web-deploy-error-codes#ERROR_USER_NOT_ADMIN

ERROR_USER_NOT_ADMIN Diagnosis - This happens if you try to connect to the Remote Agent Service but have not provided appropriate administrator credentials. Resolution - The Remote Agent Service accepts either built-in Administrator or Domain Administrator credentials. If you have a non-domain setup and want to use account other that built-in administrator, please do following: Create a separate user group MSDepSvcUsers on remote computer. Create an local account A on both local & remote computer. Add A to MSDepSvcUsers on remote computer. Use account A to publish, this will allow you to publish without needing to use built-in > admin account.

Erumpent answered 6/3, 2013 at 17:31 Comment(2)
The problem was that it was using the Remote service deploy rather than Web deployment. If using the Remote service deploy, the account must be an admin. Web deployment allows non admin accounts. In order to fix I had to change the MSDeployServiceURL (in the pubxml) to server.com:8172/MsDeploy.axd - changed to https, added the port, and MsDeploy.axdErumpent
Could you share your final settings in whole to give me the full context? Also did you end up creating delegation rules in IIS?Pretentious
F
1

I think you also need to use the management service delegation feature in iis to create delegation rules for the user that you are deploying as.

See part 2 of this article

http://www.iis.net/learn/publish/using-web-deploy/configure-the-web-deployment-handler

Foreworn answered 6/3, 2013 at 17:50 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.