WebDeploy - Not able to log on the user '.\WDeployConfigWriter'
I have problem with MsDeploy to publish my website to remote IIS from Visual Studio.
I encountered the following error:
Microsoft.Web.Delegation.DeploymentAuthorizationException: Not able to log on the user '.\WDeployConfigWriter'. ---> System.Runtime.InteropServices.COMException: The user name or password is incorrect. (Exception from HRESULT: 0x8007052E) --- End of inner exception stack trace --- at Microsoft.Web.Deployment.LogonUserHandle.LogonUser(String userName, String domain, String password)
I tried to change WDeployConfigWriter's password in Local Users and Groups (lusrmgr.msc). Then, I open Management Service Delegation. I try to set credentials in edit rule for WDeployConfigWriter page and it's always fail with message "The spesified password is invalid. Type a new password".
I am working in Windows Server 2012.
Any help would be appreciate. Thanks!
Iswanto San8 Answers
I had this too but with a slightly different detail
Not able to log on the user '.\WDeployConfigWriter'.
Logon failure: the specified account password has expired.
Full credit to this blog, the problem is that the Web Deploy installer creates users with expiring passwords that are used to elevate permissions during deployment. The fix is to:
- Use server manager on the accounts WDeployAdmin and WDeployConfigWriter to
- reset the password
- check password never expires
- uncheck user must change password next logon
- Use IIS -> Management Service Delegation to reset the passwords for the rules where those accounts have been configured to elevate to a specific user
- Fixed!
fiatThe easiest fix to this problem is:
- Computer Management ->Local Users And Groups -> Users
- Right click -> properties on WDeployAdmin
- Uncheck "User must changed password at next logon
- Check "Password never expires"
- Do the same for WDeployConfigWriter
- Done!
Similar to @fiat solution, but you don't really need to change the password.
randomsHere are simple CMD commands:
WMIC USERACCOUNT WHERE "Name='WDeployConfigWriter'" SET PasswordExpires=FALSE
WMIC USERACCOUNT WHERE "Name='WDeployAdmin'" SET PasswordExpires=FALSE
It will set deploy users passwords to never expire
Gh61The WDeploy* users are not intended to be used directly as part of your deployment process. Instead, they are used to implicitly elevate permissions in order to perform specific tasks (modifying IIS for WDeployConfigWriter, and GAC installations among others for WDeployAdmin).
I'd recommend creating a non-admin user specifically for your website. You can find the instructions for doing so at Installing and Configuring Web Deploy on iis.net. If you continue to have problems with the WDeployConfigWriter user, you're probably best off uninstalling Web Deploy and starting again.
Richard SzalayI had the same problem trying to changes the passwords in Management Service Delegation and it did not fix the problem. It turns out that I had to change the WDeployConfigWriter to a different user(ie Admin) change it back and then the password changes only took effect
I had the same problem with Visual Studio 2017 with a different error message. The solution is also uncheck (WDeployConfigWriter) "User must changed password at next logon"
Publish failed
Publish has encountered an error.
Publish failed due to build errors. Check the error list for more details.
A diagnostic log has been written to the following location:
"C:\User\MyUser\AppData\Local\Temp\tmpXXXX.tmp"
The content of the log file
06.04.2018 19:56:13
System.AggregateException: One or more errors occurred. ---> System.Exception: Publish failed due to build errors. Check the error list for more details.
--- End of inner exception stack trace ---
at System.Threading.Tasks.Task.ThrowIfExceptional(Boolean includeTaskCanceledExceptions)
at System.Threading.Tasks.Task.Wait(Int32 millisecondsTimeout, CancellationToken cancellationToken)
at Microsoft.VisualStudio.Web.Publish.PublishService.VsWebProjectPublish.<>c__DisplayClass40_0.<PublishAsync>b__2()
at System.Threading.Tasks.Task`1.InnerInvoke()
at System.Threading.Tasks.Task.Execute()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.VisualStudio.ApplicationCapabilities.Publish.ViewModel.ProfileSelectorViewModel.<RunPublishTaskAsync>d__108.MoveNext()
---> (Inner Exception #0) System.Exception: Publish failed due to build errors. Check the error list for more details.<---
===================
live2In my case, I got this error because either WDeployConfigWriter nor WDeployAdmin had been created during the installation of WebDeploy (3.6 / 4.) even if the installation ran through successfully.
Found out, that the servers rule for password complexity was more restricting that the generated one with the script in C:\Program Files\IIS\Microsoft Web Deploy V3\Scripts\AddDelegationRules.ps1 didn't meet the requirements.
So I edited GenerateStrongPassword() in the PowerShell file and run it.
The users then have been created successfully.
martinossThere is some cases where setting "Password never expires" not is enough. Reinstalling webdeploy will fix the issue.
The other way to fix this is to set new passwords for the users WDeployAdmin and WDeployConfigWriter. User management
The next step is to set the new passwords in IIS > Management Service Delegation for those users. Management Service Delegation
Pär SandgrenUser contributions licensed under CC BY-SA 3.0