After much trial and error configuration, I'm currently able to script msdeploy.exe to deploy a package built in Visual Studio 2010 to a remote server running IIS 7.5 with a command line like:
Basic authentication command:
msdeploy -source:package="project.zip" -dest:auto,computerName='https://webserver:8172/MsDeploy.axd',authtype='Basic',username='DOMAIN\myuser',password='xxx',includeAcls='False' -verb:sync -setParamFile:"SetParameters.xml" -allowUntrusted
Can I eliminate the need to provide a password in the command line by enabling pass-through authentication? The Web Deploy docs mention the authType parameter that can specify 'NTLM', instead of Basic. However, whenever I try this (see example below), I get an error indicating a 401. The WMSvc web log shows a 401.2 and no userid is populated in that log entry, unlike previous attempts using Basic authentication do actually show the DOMAIN\myuser in the web log. No other useful information is found in event viewer of either client or server.
Note: The target webserver is on another domain, so I do a net use \\webserver /u:DOMAIN\myuser to establish a token.
Pass-through authentication command attempt:
msdeploy -source:package="project.zip" -dest:auto,computerName='https://webserver:8172/MsDeploy.axd',authtype='NTLM',includeAcls='False' -verb:sync -setParamFile:"SetParameters.xml" -allowUntrusted
It seems msdeploy.exe is not properly authenticating with IIS at the HTTP level. What could be wrong?
Client is Windows XP, Server is Win2008R2. Both are running msdeploy.exe version 7.1.618.0. Both have .NET 2.0, 3.5, and 4.0 installed.
Best Answer
I guess we can't use pass-through authentication if the client computer does not stay with same domain. If you use web deploy 1.1, you can try storeCredentials and getCredentials for avoiding put a username and password directly in a command line.