I've found a lot of articles on web deploy and why it might fail, but not any with answers with this error message.
Web deployment task failed. (Could not complete the request to remote agent URL https://myserver:8172/msdeploy.axd?site=mysite.)
Could not complete the request to remote agent URL https://myserver:8172/msdeploy.axd?site=mysitename. The request was aborted: The request was canceled. This method is not supported by this class.
I am trying to deploy an MVC4 website from Visual Studio 2013 Express to a Windows 2008 R2 Datacenter server with the Web Server role installed.
I followed this (and other installation guides) and can confirm the following:
Windows Server 2008 R2 Datacenter
Web Server role installed
Management Services is running
Accepting windows and IIS credentials
Server Administrator has permissions
Remote connections enabled (and service restarted)
SSL certificate is our real one, not the self-cert
My firewall is configured to allow this traffic
I am prompted for a username/password when accessing https://myserver:8172/msdeploy.axd
The website is running
Bound to all IPs on :80 and :443 (with same cert as deploy)
So for some reason, it didn't want the Windows Administrator account doing a deploy.
Created an IIS user in IIS Manager User
Changed the permission settings to Windows credentials or IIS manager credentials
Restarted Management Service
Added the newly created user to the website
it works!
Related
I am trying to web deploy a Asp.Net Core 2 project through plesk.
My plesk version is;
Plesk Onyx
Version 17.8.11 Update #6
IIS 8.5.9600
I have also followed the guide and added web deploy to the server;
Plesk Web Deploy Guide
However, when I go to publish my website i get the following error;
Web deployment task failed. (Connected to 'www.domain.co.uk' using the Web Deployment Agent Service, but could not authorize. Make sure you are an administrator on 'www.domain.co.uk'. Learn more at: http://go.microsoft.com/fwlink/?LinkId=221672#ERROR_USER_NOT_ADMIN.)
Make sure the site name, user name, and password are correct. If the issue is not resolved, please contact your local or server administrator.
Error details:
Connected to 'domain' using the Web Deployment Agent Service, but could not authorize. Make sure you are an administrator on 'www.domain.co.uk'. Learn more at: http://go.microsoft.com/fwlink/?LinkId=221672#ERROR_USER_NOT_ADMIN.
The remote server returned an error: (401) Unauthorized.
Now I have tried the admin login for the plesk portal and I still get this message?
How and where do I add user privileges (just for this site) to allow the web deploy to work?
UPDATE
I have gone to subscriptions -> selected the subscription -> users, create a new user for this and then added a new administrator user her. But again when I try to run the web deploy through visual studio I am getting the same error (the user is definitely in the admin role).
Double Hop Delegation: Error retrieving for user IIS APPPOOL. The underlying provider failed on Open. Login failed for user 'Domain\WebVM$'.
I'm setting up a IIS VM server to access a separate SQL Server VM, both machines running Windows Server 2016 and running on intranet. We're using windows authentication, and attemping to impersonate users through the machine account on IIS VM server machine. We are building / deploying MVC IIS bits using ASP.NET Core.
I'm hitting the above (machine account login) error after having configured everything I can think of and referred to several postings. I've configured the following main items:
Web Site setup with Windows Authentication, and ASP.NET Impersonation enabled, all other auth types disabled.
Web Site Config Editor set "system.webServer/security/authentication/windowsAuthentication" : useKernelMode to True
App Pool running .NET CLR Version "No Managed Code"
App Pool using Classic Managed Pipeline Mode
App Pool running as ApplicationPoolIdentity
Confirmed HOST SPN registered for IIS VM machine account in AD (with setspn -L IISVMServer)
Confirmed HOST SPN registered for SQL Server VM machine account in AD
Confirmed ServiceClass/Host:Port registered for SQL Server VM in AD
Registered SPN for IIS server machine account "Trust this computer for delegation to any service (Kerberos only)
Plan to lock down to constrained delegation after getting unconstrained delegation working
Tried running with / without web.config : "system.web identity impersonate="true" /system.web"
I previously posted Kerberos Double Hop Delegation with ASP.NET Core (4.5.2) which is indirectly related to this posting.
thanks, dave
I have a Server 2012 R2 machine on a domain to which I would like to use Web Deploy to deploy a web site. This works fine when I use my domain credentials.
Web Deploy fails with ERROR_USER_NOT_ADMIN when I use either the Administrator account, or a new account in the Administrators group.
Error Code: ERROR_USER_NOT_ADMIN
More Information: Connected to '192.168.76.109' using the Web Deployment Agent Service, but could not authorize. Make sure you are an administrator on '192.168.76.109'. Learn more at: http://go.microsoft.com/fwlink/?LinkId=221672#ERROR_USER_NOT_ADMIN.
Error: The remote server returned an error: (401) Unauthorized.
I have tried using the special MSDepSvcUsers group, installing all sorts of remote management tools for IIS 8.5, delegating permissions, and reinstalling Web Deploy after installing the remote management features. Because I am a vegetarian, I have not yet tried sacrificing a goat.
Why can't I use a local account to deploy my web site?
I'm trying to test a migration of moving a BizTalk SQL Server from one server to another. Here are the details.
Currently it was all on a single server in a dev environment, BizTalk SQL, SSO and BizTalk runtime all on one server. It is a Windows 2008 R2 server with SQL Server 2008 R2.
What I want to do is split out the SSO Master secret server and BizTalk databases to a Windows Server 2012/SQL Server 2012 setup. So far I got SSO all setup on the new SQL server. I configured just the SSO portion on that server and all went well.
I then unconfigured the existing BizTalk Runtime and then went to configure again, using the new Windows/SQL Server/SSO in the configuration process.
All goes well up to the point where it tries to configure the BizTalk runtime. That being said all the database are created, SSODB, BizTalkMessageBoxDb, all of them. But when it goes to configure BizTalk Runtime, it hangs for a while and several of the following errors show up in both of the Server's logs:
Could not access the SSO database. If this condition persists, the SSO service will go offline.
Timeout expired. The timeout period elapsed prior to completion of the operation or the server is not responding..
SQL Error code: 0xFFFFFFFE
It shows up in the SQL/SSO servers logs first, then the Runtime server a few seconds later. Eventually the configuration times out and fails. I believe it's permissions related, but I can't seem to figure out what it would be.
Questions:
what permissions do I need to review?
would the fact that the new server is Windows 2012/SQL 2012 while the runtime server is Windows 2008 be an issue?
is there any way I can get more details on this error?
Edit to add both DTCPing and DTCTester pass with flying colours and I can connect to SQL via SSMS from the server. Firewall has been completely disabled for now in order to eliminate that as well.
How were your service accounts configured in the first environment? Typically a single DEV environment with everything on one box can be done by using a local account on that server. If you now split out your SSO onto another server (it doesn't matter if it's W2K12 instead of W2K8), you are going to have to switch your service account(s) and groups for BizTalk to Domain accounts.
In a multicomputer environment, BizTalk Server supports only domain groups and domain service accounts. Domain groups include Domain Local groups (not recommended), Global groups, and Universal groups. Built-in accounts such as NT AUTHORITY\LOCAL SERVICE, NT AUTHORITY\NETWORK SERVICE, NT AUTHORITY\SERVICE, NT AUTHORITY\SYSTEM, and Everyone are not supported if you want to configure BTS in a multicomputer environment.
Make sure your SSO is running as a domain account, and a member of an SSO Administrators domain group - and ensure this domain account/group combo is configured for the SSO system on the SQL server (instead of local accounts):
After that the SSO system you join from the BizTalk Server before configuring the runtime on BizTalk Server usually needs to be configured with the same domain service account for SSO:
I have a remote server (Win2008R2) with WebDeploy 3.0 installed on it. Web Management Service isn't installed on it (actually I tried to install it but it cannot be contacted due to closed ports on my side).
I'm trying to deploy a package (zip) to the server via local WebDeploy 3.0 tool.
Server.deploy.cmd /T /M:myserver.no-ip.org "/U:myserver\Administrator" "/P:pwd" /A:Basic
I tried both Basic and NTLM auth methods.
I'm getting error:
Error Code: ERROR_USER_NOT_ADMIN
More Information: Connected to 'myserver.no-ip.org' using the Web Deployment Agent Service, but could not authorize. Make sure you are an administrator on 'myserver.no-ip.org'. Learn more at: http://go.microsoft.com/fwlink/?LinkId=221672#ERROR_USER_NOT_ADMIN.
Error: The remote server returned an error: (401) Unauthorized.
Error count: 1.
Please note that I'm actually connectin to WebDeploy Agent Service not Web Management Service. That's important as there are tons of info how to setup WMSrc with WebDeploy.
I know that WebDeploy Agent only supports connecting as Administrator. That is my case - I'm specifying the remote server Administrator credentials.
I tried to open WDAgentSrc url in the browser. I was promted for creditials and they were accepted.
I checked "Microsoft Web Deploy" log in the Event viewer - it's empty.
How to get it working?