How do I deploy using MSDeploy in Team Build 2010 using the WMSVC service and NTLM authentication?

Question

I am trying to deploy using Team Build 2010 to a Windows Server 2008 R2 web server. My build server agent is setup to run under a Windows domain account. I have successfully gi

Answer 1

If it is failing using NTLM then the team build service agent needs to be given permission to your site to allow non-administrators to connect to the site or application deployment server access. You can configure this under Management Service .

You might want to also take a look at configuring the web deployment provider settings. Web Deploy Provider Settings

If the wmsvc provider setting is specified, the default authentication type is Basic; otherwise, the default authentication type is NTLM.

You could also encrypted your password using the encryptPassword parameter and configuring the setup on the hosted server if you are wanted to use basic authentication type.

Hope this helps.

This error code can surface because of a number of different reasons. It typically indicates an authentication or authorization problem, and can happen because of any of hte following reasons:

If connecting using the Web Management Service:

• Verify that the username and password are correct
• Verify that the site exists
• Verify that the user has IIS Manager Permissions to the site's scope

If connecting using the Remote Agent Service:

• Verify that the username and password are correct
• Verify that the user account you specified is a member of the Administrators group on the remote computer. NOTE: Because of a bug in Web Deploy 2.0, the user must be either the built-in Administrator or a member of the Domain Administrators security group. Attempts to sync with any other user account, even if it is an administrator, will see this error code. Verify that the site exists

Answer 2

There is an additional step, which I never picked up on:

Source

You can optionally enable users to authenticate with the Web Management Service using NTLM. To do this, update the registry on the server by adding a DWORD key named "WindowsAuthenticationEnabled" under HKEY_LOCAL_MACHINE\Software\Microsoft\WebManagement\Server, and set it to 1. If the Web Management Service is already started, the setting will take effect after the service is restarted.