How to use Nant/TeamCity to Deploy across DMZ

I have build server inside our domain (and it needs to be because it also talks to other boxes in the domain), and a webserver that is in the DMZ.

As part of our build scripts, I would like to deploy websites to the webserver in the DMZ, using the Nant copy task. The problem is, that Nant is invoked from TeamCity which runs under the System account on the build server, and there is no way that I can find to give the build server system account access to the DMZ webserver directories. (It probably isn't a good idea anyway).

Is there anyway to tell Nant to run a specific task under a different windows user, or is there another solution to my problem?

Edit: One other restriction I am running under is that I can't create new domain accounts (well, at least not without going through an approval process). I can create local machine accounts, but in that case, it doesn't seem that runas will work across the DMZ.

Best Answer

A couple options might be:

Use the Simple Command Runner to exec out to something like runas, specifying nant.exe running under a different user account.
Change the account in which the TeamCity server runs as; like a limited privileged user that has access to DMZ.
Attempt to use the <scp> (secure copy) task provided by NAntContrib.
Use the nant <exec> task to call an ftp program, that places the files up on the DMZ.

Hopefully this provides a little help. Good luck!

Best Answer

Related Solutions

R – How to set nant target for CCnet nightly build

Use nant to build a custom nant task

Related Topic