我正在将 MSDeploy 集成到我的构建过程中,但在身份验证时遇到问题。以下命令运行良好:
msdeploy -verb:sync -source:appHostConfig="KitchenPC",computerName=192.168.0.3,userName=Administrator,password=secret -dest:package=c:\DeployTest\KPC.zip
但是,这不起作用:
msdeploy -verb:sync -source:appHostConfig="KitchenPC",computerName=192.168.0.3,userName=kpcpublish,password=secret -dest:package=c:\DeployTest\KPC.zip
并产生错误:
Error Code: ERROR_USER_NOT_ADMIN
More Information: Connected to '192.168.0.11' using the Web Deployment Agent Service, but could not authorize. Make sure you are an administ
rator on '192.168.0.11'. Learn more at: http://go.microsoft.com/fwlink/?LinkId=221672#ERROR_USER_NOT_ADMIN.
Error: The remote server returned an error: (401) Unauthorized.
Error count: 1.
我已按照上面链接中的说明进行操作,以及任何 other docs I could find ,几乎都说同样的事情:
- 我创建了一个名为 kpcpublish 的帐户
- 我将此帐户添加到名为 MSDepSvcUsers 的组 - 哎呀,我什至将该帐户添加到管理员
- 我右键单击该网站并选择部署 -> 配置 Web 部署发布,并将 kpcpublish 添加到列表中。它说如下:
.
Publish enabled for 'SERVER\kpcpublish' Granted 'SERVER\kpcpublish' full control on 'C:\Website' Successfully created settings file 'C:\Users\Administrator\Desktop\SERVER_kpcpublish_KitchenPC.PublishSettings'
我一定缺少某些步骤,但我就是不知道可能是什么。
更新:
使用 computerName 属性的完整 HTTP 路径时,出现错误:
Error Code: ERROR_DESTINATION_NOT_REACHABLE More Information: Could not connect to the remote computer ("192.168.0.3"). On the remote computer, make sure that Web Deploy is installed and that the required process ("Web Management Service") is started. Learn more at: http://go.microsoft.com/fwlink/?LinkId=221672#ERROR_DES TINATION_NOT_REACHABLE. Error: Unable to connect to the remote server Error: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection fa iled because connected host has failed to respond 192.168.0.3:8192 Error count: 1.
我已经检查过,Web 管理服务确实正在运行。
另一个更新:
我已经完全铺好系统并从头开始重新设置。我没有做任何异常的事情,只是安装了 IIS 角色,并确保选中管理工具下的“管理服务”,这是 WMSVC 运行所必需的。然后我安装了 Web PI,并安装了“托管提供商的推荐配置”,这将安装 Web Deploy 3.0。然而,我确实注意到安装时出现了错误(我相信我上次也遇到了这个错误)。它看起来像:
我还附上了日志文件 here .
然后我尝试手动安装 Web Deploy 3.0,但它说它已经安装。接下来我直接从http://www.iis.net/download/webdeploy下载了MSI并在“修复”模式下运行它。这似乎奏效了。我还注意到 WMSVC 服务已启动并正在运行。所以这看起来不错。
尽管如此,MSDeploy 仍无法连接。我认为这可能是某种防火墙问题,所以我在本地运行它。我尝试过使用 HTTPS 和 HTTP 进行连接。 HTTPS 给我一个错误,HTTP 只是在 2-3 分钟后超时。
HTTPS:
msdeploy -verb:sync -source:appHostConfig="Default Web Site",computerName=https://STAGING:8172/msdeploy.axd,userName=Administrator,password=Khorf123 -dest:package=c:\DeleteMe.zip
Info: Using ID 'f3a54096-adc4-4f54-9e4f-ad8fde12edb6' for connections to the remote server.
Error Code: ERROR_CERTIFICATE_VALIDATION_FAILED
More Information: Connected to the remote computer ("staging") using the specified process ("Web Management Service"), but could not verify the server's certifi
cate. If you trust the server, connect again and allow untrusted certificates.
Learn more at: http://go.microsoft.com/fwlink/?LinkId=221672#ERROR_CERTIFICATE_VALIDATION_FAILED.
Error: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
Error: The remote certificate is invalid according to the validation procedure.
Error count: 1.
HTTP:
msdeploy -verb:sync -source:appHostConfig="Default Web Site",computerName=http://STAGING:8172/msdeploy.axd,userName=Administrator,password=Khorf123 -dest:package=c:\DeleteMe.zip
Info: Using ID 'ebee66f0-08e5-4d9d-98ea-0c2e59784895' for connections to the remote server.
Error: Could not complete the request to remote agent URL 'http://staging:8172/msdeploy.axd'.
Error: The operation has timed out
Error count: 1.
最佳答案
(更新于 2016-03-07 - 注意:非管理员部署还需要在 msdeploy.axd 之后使用 ?site=IIS_SITE_NAME,否则连接被视为全局连接并需要管理员访问权限)
不确定最初是如何错过这个的,但您的问题是 computerName 参数。仅在使用 WMSVC 时支持非管理员部署,您需要为此指定完整的 URL。
尝试以下操作
msdeploy -verb:sync ^
-source:appHostConfig="KitchenPC",computerName=https://192.168.0.3:8172/MsDeploy.axd,userName=kpcpublish,password=secret,authType=Basic ^
-dest:package=c:\DeployTest\KPC.zip
The computer name will be translated to the default Web Deploy URL. For example, computerName=Server1 will become http://Server1/MsDeployAgentService. If the remote service is running with a custom port or URL, you must specify the full URL
和from the install instructions :
The MSI will not install the Web Management Service handler component if the Web Management Service is not installed; the handler component is necessary for non-administrator deployments
(我找不到更明确的规范来源将 WMSVC 描述为非管理部署的要求)
关于asp.net - MSDeploy.exe 可以以管理员身份连接,但不能以任何其他 Windows 帐户身份连接,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/12984960/