We now have Web Deploy installed – next we need to enable
deployments with it.
Web Deploy supports deployments by administrators, as well
as deployments by non-administrators (aka delegated deployments). In this blog
post, I’m going to cover how to enable deployments using an account that has
administrator permissions on the server. I will cover how to enable
delegated deployments by developers that do not have an administrator account
in my next blog post in this series.
1) The first step to enable Web Deploy is to start the IIS
Admin Tool (Start -> Run -> inetmgr.exe). Then double-click the
“Management Service Delegation” icon on the home-screen:
When you double-click the “Management Service
Delegation” icon it will bring you to a page that looks like below. In
the Actions pane, click the “Edit Feature Settings…” link. This will
bring up the “Edit Feature Settings” dialog - check the “Allow administrators
to bypass rules” option within this dialog box. This will allow those
with Administrator accounts on the server to bypass the delegation capabilities
of the Web Management Service and perform actions using their administrator
capabilities:
Then return back to the IIS Admin Tool
home-screen and double click the “Management Service” icon:
When you double-click the “Management Service”
icon it will bring you to a page that looks like below. Click the “Enable
Remote Connections” checkbox to enable remote deployments. You can
optionally choose which IP address and port the management service runs on – as
well as what client IP addresses are allowed to connect with it. You can
tweak these settings to lock down who can access the deployment service.
When you are done click the “Start” link
within the “Actions” tab to start the Web Management Service on the server:
The server is now setup for deployments using an
administrator account with Web Deploy.
Important Tip: One thing to watch for is whether you have a
firewall enabled on your server, or within the cluster where your server is
hosted. By default the Management Service runs using the HTTPS protocol
on port 8172. This port might be locked down by default depending on your
hosting configuration. If so you should either unlock it with your
firewall/hoster – or pick a different port number that is allowed. You
can test to see whether the management service is available simply by opening
up a browser and accessing it using a URL like: https://yourservername:8172/MsDeploy.axd
– if you are prompted for a username/password then you know it is working, and
there is no firewall blocking access to it. If it times out then it is
likely that a firewall is blocking it.
Enabling Web Deploy on a non-Windows Server 2008 Operating
System
The steps above demonstrate how to enable the Web Deploy
service on a Windows Server 2008 or Windows Server 2008 R2 operating
system. The IIS 7 Management Service is built-into these operating
systems, and Web Deploy takes advantage of it.
If you try and follow the above steps on Windows 7, Windows
Vista, or Windows Server 2003, though, you’ll notice that the IIS Management
Service (and its icon within the IIS admin tool) isn’t available. Instead
you need to follow a slightly different set of steps to enable the Web Deploy
service.
Enabling Web Deploy on Windows 7, Windows Vista, and Windows
Server 2003
You can enable the Web Deploy publishing service on Windows
7, Windows Vista, and Windows Server 2003 using the below steps:
1) Open an elevated command prompt (meaning you right-click
and launch it using the “run as administrator” command)
2) Type “net start msdepsvc” to start the “Web Deploy Agent
Service”:
3) To confirm that the publishing service is working, change
directory to the “c:\Program Files\IIS\Microsoft Web Deploy”, and then type the
command “msdeploy –verb:dump –source:appHostConfig,computername=localhost”:
This should cause the local msdeploy client to connect to
the publishing service you just enabled and dump out the current status of your
web-servers ApplicationHost.Config file:
If a bunch of spew comes out then you know that everything
is working and you have just enabled Web Deploy for publishing. Using
this approach won’t allow you to enable “delegated access” (which allows
non-admin accounts to deploy – and which I’ll cover in more depth in my next
blog post) – but will allow those with an account with admin permissions to
deploy to the machine.