We've run into a little problem with some of our team builds, where a project can have its own active directory. When we deploy a projekt from a team build, we run into user permission problems, since authorization is relative to the AD - e.g. the user group 'Everyone' on a folder, is relative to the AD. I've tried to add the build user directly to the projects AD, but I get an error specifying that no logon server is available. Just added a local user to the server doesn't work either.
I cannot create a trust between the custom AD's and the produktion AD. I've noted the powershell to accomplish this, but am hoping for a more elegant way. I've tried using Michael Roufa's wrapper for Community Tasks, but I cannot make it work, for some reason.
So... my question is whether it is possible to impersonate a user in msbuild in an elegant way, when invoking other tasks?
Software: TFS2010, MSBuild 4.0, Various tasks lib + custom, Windows 2008 R2 servers
Related
We would like to change the password for our TFSService account. This is the domain account that was used install TFS and has several Windows services running under it.
I did review the link below on changing the TFS service password. Is it as simple as updating the password in Active Directory and then using the TFS administration console to update the account password? Are both steps above required? Are there any additional tasks required?
https://learn.microsoft.com/en-us/tfs/server/admin/change-service-account-password
thanks
Yes, it should just be that.
As with any production environment, there may things in your setup strangers on the internet are not aware of, so it would be best to test this process on a non-production copy if possible first.
Although I know setting up a non-production copy of TFS will end up probably end up running on a different domain.
As custom action of a WiX-based installer (MS Windows 7), I need to check out some files from a StarTeam server. stcmd seems to provide all functionality and I am able to perform the checkout with UID and password provided via parameter -p.
Since the installer is run by different users, I obviously need a mechanism to inquire the StarTeam login credentials at run-time instead of hard-coding UID/pw.
I was browsing the StarTeam manual but was not able to figure out if the StarTeam programs provide a solution to that problem. Any suggestions?
Sorry, this just doesn't make sense to me. Typically you include files from source control in the MSI at build time not install time. What does install time buy you other then complexity? Now application runtime would make sense to me. You could create and install an application that prompts the user for creds and then periodically polls star team for updated files. (Windows service, scheduled task, logon autorun...)
Couldn't you could prompt your users for the login information during the install and then pass them to the stcmd.exe?
Meh, the solution is trivial. When using an empty password, stcmd automatically asks for the password. Example:
stcmd connect username:#hostname:portnumber
Using the stateful commands is recommended since the credentials are stored internally for all subsequent commands.
I've a very simple application built in MVC4. This application allow the users to upload a file, and the application generates an output.
This app works great locally, but when I publish to azure (by right click -> publish), I get a less descriptive error. I've figured out that the error was because in the code, we accessed to a server relative path, and that is not possible in azure. So I've found a way to solve that in this link, that says that I should use LocalResource, rather than Server.MapPath. That make sense for me, but so far, I'm struggling with the suggested line.
LocalResource localResource = RoleEnvironment.GetLocalResource("DownloadedTemplates");
I'm not able to get it working, and also can't get a proper error. BTW I'm not sure how to enable the error log in azure :(
So, after going deeper in MSDN, I've seen that I should configure the Local Storage Resources, but as I've created a local MVC4 project, I can't find where I should configure this.
I need to be able to store a temporary file in the application (hosted in azure).
Did someone faced with this problem?
Anybody knows how to enable the Local Storage Resource in a project like that?
TIA!
Milton RodrÃguez
Well, after struggling a while, I've ended up using Windows Azure Tools.
The steps:
Add a new project
Under Cloud category, select Windows Azure Cloud Service.Note that if you don't have this option, an option to install the needed SDK will be shown. Install it first.
Name it properly :)
New Windows Azure Cloud Service window will appear, select the role that fits your needs. In my case, I choose ASP.Net MVC4, and then removed it.Note that you can edit the name of the created role at the right.
In the Roles folder of your new project, select Add, and then Web Role Project in solution. Your project will be an option to add.
You can remove the other role in the folder, the web project created in step 4, and also the folder ending in Content (ie. WebRole1Content). Basically, you can remove the created assets, but the Azure Service, and link the service to your project.
You're almost done. Follow this link to configurate your local storage :)
Now you're done!
In Visual Studio 2012, using publish profiles along with web deploy simplifies the deployments quite a bit. However it still is missing few things or may be I don't know how to use it yet.
I prefer to use the NTLM authentication without storing the username and password (especially) in the publish profiles. How can this be done? If I leave the username and password empty, I am prompted for it. Is there a way like manually modifying the .pubxml files?
Why is the username/password stored in PublishProfileName.pubxml that I have checked in the source control and not in PublishProfileName.pubxml.user that is local to each user? I could at least save the username but obviously don't want that to be checked in.
The Configuration itself is not part of PublishProfileName.pubxml but is stored in PublishProfileName.pubxml.user as LastUsedBuildConfiguration.
Same for the Platform as last point.
I am also missing support for multi-server deployments. I am currently forced to use batch files in addition to Publish Profiles.
EDIT
The command line that works fine for publishing is
MSBuild.Exe MyProject.sln /p:Configuration=QA /p:DeployOnBuild=true;PublishProfile=PublishToQA;AllowUntrustedCertificate=true /p:authType=NTLM /p:UserName=
In this I would like to omit the /p:Configuration=QA if the configuration becomes part of the publish profile itself.
Some answers to your questions.
I prefer to use the NTLM authentication without storing the username and password (especially) in the publish profiles. How can
this be done? If I leave the username and password empty, I am
prompted for it. Is there a way like manually modifying the .pubxml
files?
Your authentication is typically driven by how Web Deploy is hosted. By default if you are using the Web Management Service then you are using IIS users for auth. With IIS users you can control which users have permissions to specific sites/apps. You can configure WMSVC to use windows auth as well though. If you have issues using VS for those scenarios let me know.
If you are using the Remote Agent service to host Web Deploy then in this case you'll be using windows auth.
Why is the username/password stored in PublishProfileName.pubxml that I have checked in the source control and not in
PublishProfileName.pubxml.user that is local to each user? I could
at least save the username but obviously don't want that to be checked
in.
We have another mechanism for you to determine what information is private/shared. With the exception of the password all publish info is shared (and checked in by default). In order to simplify the design you can either have a publish profile which is shared, or one which is not shared at all. There is no in-between in which you have a profile that some fields are shared and other not. Password is special cased here and encrypted on a per-user/per-machine basis in the .pubxml.user file.
If you'd like to have a private publish profile then you can simply not check in the .pubxml file which corresponds to the publish profile. These are stored in the Properties\PublishProfiles (or My Project\PublishProfiles for VB) and just exclude them from the project and don't check the files in. The publish dialog looks for the profiles on disk, not just the ones which are in the project. Everything should continue to work.
We don't support the concept of selectively storing values in the .pubxml.user file. The publish dialog will only store a set number of values in that file. Instead of
The Configuration itself is not part of PublishProfileName.pubxml but is stored in
PublishProfileName.pubxml.user as LastUsedBuildConfiguration.
Same for the Platform as last point.
This was a mistake it should have been stored in the .pubxml file, not the .pubxml.user file. We have since fixed this, but haven't had a chance to release the update yet.
The Configuration property cannot be set in the publish profile. The Configuration property is a core part of the build process. To be more specific, the reason why we didn't call this property Configuration is because the .pubxml file is imported into the definition of the .csproj/.vbproj during a build & publish. Since other properties are defined based on Configuration you cannot change the value once it's been set. I just blogged with way too much detail on this subject at http://sedodream.com/2012/10/27/MSBuildHowToSetTheConfigurationProperty.aspx. This limitation is an MSBuild thing not a publish limitation. For command line you should specify Configuration in the following way:
msbuild.exe myproj.csproj /p:...(other properties)... /p:Configuration=
I am also missing support for multi-server deployments. I am currently forced to use batch files in addition to Publish Profiles.
We don't have direct support for this, but if you expand on your needs I may be able to help. FYI I have an extension which you may be interested in. I have posted a 5 min video to http://sedodream.com/2012/03/14/PackageWebUpdatedAndVideoBelow.aspx.
You are free (and encouraged) to manually edit your pubxml files, so feel free to remove the password.
To switch to NTLM, change AuthType to NTLM in the first PropertyGroup.
Platform and Configuration remain build configuration, the user file just stores them so Visual Studio knows what the last configuration you deployed was.
By multi-server, do you mean a web farm? If so, you might try looking at the Web Farm Framework which basically performs MSDeploy syncs from the primary server to the others.
Alternatively, you could switch to the command line and use postSync to upload and execute a batch file on the remote server that triggers the other deployments from there.
I'm relatively new to Nant, what i'd like to do is have a task that creates a new Website and AppPool in IIS6
is there a way to do this in Nant?
Essentially the task would need to set all the appropriate properties including the correct version of the .net Framework
Ideally i'd also like to check if the site is already present in IIS.
Have you looked at NantContrib? It might provide some better IIS support without having to write your own task (or shelling out).
It has some IIS specific tasks like iisapppool and mkiisdir.
You can do this from the command line using ADSUTIL, you can find more information here:
http://blogs.msdn.com/david.wang/archive/2007/12/12/howto-create-custom-application-pool-by-commandline.aspx
To do this in Nant you can use the exec task.
How are you planning on deploying your application? Do you need this just for local installation? There may be a better solution if you can give us some more details.