[英]msdeploy (Web Deploy) failing with 401 auth issues
I'm trying to get msdeploy
installed and set up. 我正在尝试安装和设置
msdeploy
。 I've installed the remote service on the web server, but all my tests are giving me a 401 unauthorised error
. 我已经在Web服务器上安装了远程服务,但我的所有测试都给了我
401 unauthorised error
。 The server is Windows 2008 R2. 服务器是Windows 2008 R2。
I'm testing a very simple msdeploy command: 我正在测试一个非常简单的msdeploy命令:
msdeploy -verb:dump -source:contentPath=c:\inetpub\wwwroot\MyApp,computerName=<IP HERE>,userName=Domain\msdeploy,password=MyPassword
And the error: 而错误:
Error: Object of type 'contentPath' and path 'c:\inetpub\wwwroot\MonApp' cannot be created.
Error: Remote agent (URL http://<IP HERE>/MSDEPLOYAGENTSERVICE) could not be contacted. Make sure the remote agent service is installed and started on the target computer.
Error: An unsupported response was received. The response header 'MSDeploy.Response' was '' but 'v1' was expected.
Error: The remote server returned an error: (401) Unauthorized.
Error count: 1.
I created a user called msdeploy and I added it to the local admins group on the server. 我创建了一个名为msdeploy的用户,并将其添加到服务器上的本地管理员组。
I've checked: 我检查过:
I'm assuming you've configured your server correctly for WebDeploy 2.0 as per this article: 我假设您已根据本文为WebDeploy 2.0正确配置了服务器:
Note: MS have released a refresh of Web Deploy 2.0 and the original link isn't really valid any more. 注意: MS已经发布了Web Deploy 2.0的刷新版本,原始链接不再有效。 I've updated this but I think it'll be a moving target over time.
我已经对此进行了更新,但我认为随着时间的推移,这将是一个不断变化的目标。
You also need to install Web Deploy 2.0 on your development/build/CI machine. 您还需要在开发/构建/ CI计算机上安装Web Deploy 2.0。
If you're still using 1.0 then I recommend upgrading, there are some huge improvements in 2.0. 如果您仍在使用1.0,那么我建议升级,2.0中有一些巨大的改进。
Using Visual Studio 2010's Publish Feature: 使用Visual Studio 2010的发布功能:
Visual Studio can publish a site by right clicking on the site and selecting "Publish". Visual Studio可以通过右键单击站点并选择“发布”来发布站点。 This brings up the following dialogue:
这引出了以下对话:
There are a couple of gotcha's with Visual Studio 2010 and WebDeploy 2.0. Visual Studio 2010和WebDeploy 2.0有几个问题。 The first is that VS2010 isn't WebDeploy/MSDeploy 2.0 aware.
首先是VS2010不支持WebDeploy / MSDeploy 2.0。 So if you try to publish you will get an error such as the following:
因此,如果您尝试发布,您将收到如下错误:
Error 1 Web deployment task failed.((04/02/2011 12:30:40) An error occurred when the request was processed on the remote computer.)
错误1 Web部署任务失败。((04/02/2011 12:30:40)在远程计算机上处理请求时发生错误。)
You'll also see the following error in the Failed Request Tracing for the web management service on the server in C:\\inetpub\\logs\\wmsvc\\TracingLogFiles\\W3SVC1
assuming you have this turned on: 您还会在
C:\\inetpub\\logs\\wmsvc\\TracingLogFiles\\W3SVC1
的服务器上的Web管理服务的失败请求跟踪中看到以下错误,假设您已启用此功能:
AspNetModuleDiagErrorEvent
AspNetModuleDiagErrorEvent
Uri /msdeploy.axdUri /msdeploy.axd
eventData Tracing deployment agent exception.eventData跟踪部署代理程序异常。 Request ID ''.
请求ID''。 Request Timestamp: '02/04/2011
索取时间戳:'02 / 04/2011
System.UnauthorizedAccessException: Access to the path 'D:\\' is denied.System.UnauthorizedAccessException:拒绝访问路径“D:\\”。
The drive letter will vary according to which drive your IIS site is located on. 驱动器号将根据IIS站点所在的驱动器而有所不同。
Out of the box, the in-GUI Publish mechanism defaults to using the wrong version of MSDeploy (1.0). 开箱即用,GUI内发布机制默认使用错误版本的MSDeploy(1.0)。 We want to tell VS2010 to use MSDeploy 2.0.
我们想告诉VS2010使用MSDeploy 2.0。 You can do this by editing Visual Studio 2010's
devenv.exe.config
file which is located in (assuming you did a default c:\\
drive install): 您可以通过编辑Visual Studio 2010的
devenv.exe.config
文件来执行此操作(假设您执行了默认的c:\\
drive install):
For 64 bit systems: c:\\Program Files (x86)\\Microsoft Visual Studio 10.0\\Common7\\IDE
For 32 bit systems: c:\\Program Files\\Microsoft Visual Studio 10.0\\Common7\\IDE
对于64位系统:
c:\\Program Files (x86)\\Microsoft Visual Studio 10.0\\Common7\\IDE
对于32位系统: c:\\Program Files\\Microsoft Visual Studio 10.0\\Common7\\IDE
Open up devenv.exe.config
in your favourite XML editor (I just used Visual Studio 2010 itself) and copy the following xml: 在您喜欢的XML编辑器中打开
devenv.exe.config
(我刚刚使用Visual Studio 2010本身)并复制以下xml:
<dependentAssembly>
<assemblyIdentity
name="Microsoft.Web.Deployment"
publicKeyToken="31bf3856ad364e35" culture="neutral"/>
<bindingRedirect oldVersion="7.1.0.0" newVersion="8.0.0.0"/>
</dependentAssembly>
Add this to the /configuration/runtime/assemblyBinding
section: 将其添加到
/configuration/runtime/assemblyBinding
部分:
Once you've done this close all instances of Visual Studio 2010 to allow this change to take effect. 完成此操作后,关闭Visual Studio 2010的所有实例以允许此更改生效。 Restart VS2010, open a web project and then try to publish again.
重新启动VS2010,打开一个Web项目,然后再次尝试发布。 This time it should be successful.
这一次应该是成功的。
Publishing using a Build Package: 使用构建包发布:
Visual Studio can produce a Build Package that can be executed from the command line. Visual Studio可以生成可以从命令行执行的构建包。 This is generated using
Project -> Build Deployment Package
. 这是使用
Project -> Build Deployment Package
。 Handy for continuous integration and the like (the package can also be generated using msbuild with the /t:Package
switch). 方便连续集成等(也可以使用msbuild和
/t:Package
开关生成/t:Package
)。
The output folder for the package usually defaults to obj\\Package
. 包的输出文件夹通常默认为
obj\\Package
。
Unfortunately Visual Studio 2010 gets this a bit wrong and generates a msdeploy wrapper batch script targetting 1.0 and targetting deployment at the server rather than site level. 不幸的是,Visual Studio 2010有点错误并生成一个msdeploy包装器批处理脚本,目标是1.0并在服务器而不是站点级别进行目标部署。
There's no quick fix for this other than to craft your own msdeploy.exe command line. 除了制作自己的msdeploy.exe命令行之外,没有其他快速解决方法。 I've split this across several lines to make this a bit more readable.:
我将它分成几行,使其更具可读性:
"C:\Program Files\IIS\Microsoft Web Deploy v2\\msdeploy.exe" -source:archiveDir='d:\sites\DemoApp\obj\Package\Archive' -dest: auto, computerName='https://yoursite.com:8172/msdeploy.axd?site=yoursitename', userName='demosite', password='somepassword', authtype='basic', includeAcls='False' -verb:sync -disableLink:AppPoolExtension -disableLink:ContentExtension -disableLink:CertificateExtension -setParamFile:"d:\sites\DemoApp\obj\Package\Archive.SetParameters.xml" -allowuntrusted
The first thing to note is the path to msdeploy.exe
. 首先要注意的是
msdeploy.exe
的路径。 Visual Studio generates a path to version 1.0. Visual Studio生成1.0版的路径。 I've changed this to use 2.0.
我已将此更改为使用2.0。
Notable parameters: 值得注意的参数:
-source:archiveDir=
tells msdeploy we're deploying a package and provides the local location -source:archiveDir=
告诉msdeploy我们正在部署一个包并提供本地位置
computerName='https://yoursite.com:8172/msdeploy.axd?site=yoursitename'
- this tells MSDEPLOY to deploy to a specific site on IIS7. computerName='https://yoursite.com:8172/msdeploy.axd?site=yoursitename'
- 这告诉MSDEPLOY部署到IIS7上的特定站点。 yoursitename
should exactly match the name of the site in IIS. yoursitename
应与IIS中的站点名称完全匹配。
userName
and password
are is the name of the delegated manager user for the site. userName
和password
are是站点的委派管理器用户的名称。 This is configured using the "IIS Manager Permissions" feature at the site level. 这是使用站点级别的“IIS管理器权限”功能进行配置的。 The account needs to be a local Windows user account.
该帐户必须是本地Windows用户帐户。
-authtype='basic'
- this forces basic authentication otherwise NTLM authentication is attempted. -authtype='basic'
- 这会强制进行基本身份验证,否则会尝试进行NTLM身份验证。
-allowuntrusted
- this ignores any SSL certificate errors if you use the built-in self signed SSL cert. -allowuntrusted
- 如果您使用内置的自签名SSL证书,则会忽略任何SSL证书错误。
If you use that command line then you should be able to deploy to a remote IIS7 server with success. 如果使用该命令行,则应该能够成功部署到远程IIS7服务器。
Publishing Raw Content: 发布原始内容:
Sometimes we want to just publish some static content (or maybe even a Classic ASP or PHP site) directly from a local folder. 有时我们想直接从本地文件夹发布一些静态内容(或者甚至是经典ASP或PHP站点)。 We can do this using the following
msdeploy.exe
command line: 我们可以使用以下
msdeploy.exe
命令行执行此操作:
"C:\Program Files\IIS\Microsoft Web Deploy v2\\msdeploy.exe" -source:contentPath='d:\websites\mysite' -dest: contentPath='yoursitename', computerName='https://yoursite.com:8172/msdeploy.axd?site=yoursitename', userName='demosite', password='somepassword', authtype='basic', includeAcls='False' -verb:sync -allowuntrusted
Again the same rules apply as before for -dest:contentPath
and computerName
. 同样的规则同样适用于
-dest:contentPath
和computerName
。
I believe the MSDeploy version issues will be resolved in SP1 (which I haven't had a chance to look at yet). 我相信MSDeploy版本问题将在SP1中得到解决(我还没有机会查看)。
One Final VS2010 Gotcha: 一个最终的VS2010问题:
When publishing using Visual Studio 2010, the "Publish" build package causes the ACL's of the site's anonymous account to change to Read Only for all files and folders with the exception of the App_Data
folder which is changed to Read and Write. 使用Visual Studio 2010发布时,“发布”构建包会导致站点匿名帐户的ACL更改为“只读”所有文件和文件夹,但
App_Data
文件夹除外,该文件夹更改为“读取”和“写入”。
This can be worked around by adding the following setting to the .csproj
file under each <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
: 这可以通过在每个
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
下的.csproj
文件中添加以下设置来解决:
<IncludeSetAclProviderOnDestination>False</IncludeSetAclProviderOnDestination>
Or if you're using msbuild: 或者如果你正在使用msbuild:
msbuild.exe myproject.csproj /t:Package /p:IncludeSetAclProviderOnDestination=False
I found that useful nugget from here: 我从这里发现了有用的金块:
Skipping setting an ACL in a Visual Studio 2010 deployment package (WayBackMachine link because the original content is no longer available)
跳过在Visual Studio 2010部署包中设置ACL (WayBackMachine链接,因为原始内容不再可用)
For me, publishing worked in Visual Studio, but it did not work when I ran the .deploy.cmd
script. 对我来说,发布在Visual Studio中工作,但是当我运行
.deploy.cmd
脚本时它不起作用。
By setting <UseMsdeployExe>true</UseMsdeployExe>
in your .csproj
, you can force VS to use msdeploy.exe instead of an MSBuild task. 通过在
.csproj
设置<UseMsdeployExe>true</UseMsdeployExe>
,可以强制VS使用msdeploy.exe而不是MSBuild任务。 Then by turning up the logging level (Tools > Options > Projects and Solutions > Build and Run > MSBuild project build output verbosity) you can see the command line that VS uses. 然后通过调高日志记录级别(工具>选项>项目和解决方案>构建并运行> MSBuild项目构建输出详细程度),您可以看到VS使用的命令行。
The problems with my .deploy.cmd
were: 我的
.deploy.cmd
的问题是:
?site=<SITENAME>
in the computerName
. computerName
使用?site=<SITENAME>
。 AuthType='Basic'
in the -dest:
parameter. -dest:
参数中需要AuthType='Basic'
。 We were facing a similar problem as yours. 我们遇到了与您类似的问题。
For this you need to start the remote agent service in services. 为此,您需要在服务中启动远程代理服务。 We used the PC name because the IP address was giving an error.
我们使用了PC名称,因为IP地址出错了。 So try to use pc name, username and password.
所以尝试使用pc名称,用户名和密码。
In the end I never did suss out what permissions I was missing with my deploy user account - but found that if I used the machine admin account, that the deployment would succeed. 最后,我从未尝试过我的部署用户帐户所缺少的权限 - 但发现如果我使用机器管理员帐户,则部署会成功。 For now I'm using the admin account to do the deployment.
目前我正在使用管理员帐户进行部署。
Kudos to Kev for the fantastic and informative summary of setting up ms deploy 2 :) 感谢Kev提供有关设置ms部署2的精彩和内容丰富的摘要:)
For what it's worth. 物有所值。 Publishing was working for me and then one day I had this very same issue (401 unauthorised error) Restarting VS2012 resolved the issue.
发布对我有用,然后有一天我遇到了同样的问题(401未经授权的错误)重启VS2012解决了这个问题。 Wish I had tried that before trying out every other solution.
希望我在尝试其他解决方案之前尝试过。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.