I have two servers with TFS installed, one that runs the build service, and one that has the main repository. In order to have an account on a windows domain to run as the build service, what permissions do I need to give him in windows? I'm trying to use a newly created account, but am having registration issues, and I'm not sure if its windows permissions related or IIS related...
Thanks.
Two things.
The person configuring the build server - To perform this procedure, you must be a member of the Administrators group on the build machine and your Manage build resources permission must be set to Allow. For more information http://msdn.microsoft.com/en-us/library/ms181712.aspx#perms
Before a build machine can build projects in a given team project collection, you must configure the collection with the build service account for that build machine. First, you identify the account under which Team Foundation Build Service is running on the build machine. Then, on the application-tier server that hosts the collection, you add the account to the Project Collection Build Service Accounts group for that collection. http://msdn.microsoft.com/en-us/library/cc668757.aspx
It is strongly recommended that you use the service account rather than NT Authority\Network Service.
HTH
Cheers, Tarun
I think you can just use NT Authority\Network service
Related
I am trying to create a DSC configuration for a developer workstation and facing difficulties.
A developer machine has a well defined owner - the developer who is going to get it. Some configurations tightly coupled to the owner account:
It should be added to the Sql Server as a login account in sysadmin role.
Visual Studio extensions that I want every developer to have must be installed from a session started by the owner account (not the SYSTEM account used to apply the DSC configurations)
The TFS workspaces must be associated with the owner account.
It is unclear to me how Azure Automation DSC can allow for such coupling. Sometimes just the account name is needed (to configure Sql Server), but sometimes the resource must be run as the owner, i.e. the owner credentials are needed. Unless there is a way for a DSC resource to run as the workstation owner without knowing owner's credentials.
In short, it seems to me that Azure Automation DSC cannot be used to configure developer machines. And I am not even talking about shortage of out of the box and tested DSC resources like:
Installing Visual Studio
Installing Visual Studio Extensions
Configuring Visual Studio Source Control to use TFS
Configuring TFS workspaces
I'd suggest having a look at Azure DevTest Labs for this kind of scenario of provisioning and customising developer machines.
I have two azure entities I'm trying to connect, a build agent running my nuget deployments and a VM (Windows Server 2012 R2) on which I'm trying to set up symbol hosting using SymStore.
From this page I am told to Grant full control permission to the build agent service account. How do I go about doing this? In the Publish Symbols build step, I can enter a URL to store the symbols, but I have no way of logging the build agent into the VM as the user that I've given full control permission to.
This setup is actually not possible; from the SymSrv docs: writes to an http-based symbol store are not possible.
It appears that the SymStore has to be on the same machine as the Azure build agent to give it full control permission. I happened to discover that NuGet will let me publish .pdbs, so I'm going to try that route instead.
I'm trying out Team Services and I see that I can add queues but I can't add any agents to them. In fat, I had two starting queues: Default and Hosted and only the latter had an agent in it.
Are agents necessary for enabling automatic builds or am I a victim of misconception?
How do I do more agents to the queues?
To Add more Hosted Agents, which as of this writing cost $40 each, you also have to have an Azure account and have it linked to your Visual Studio Team Services account.
Assuming your VSTS and Azure accounts are linked, log in to the new Azure Portal, go to All Resources and search for Team Services Account. Select your Team and then choose the option Build And Deployment service. The first option that shows up is Hosted Agents which defaults to 1, and you can increase up to 5 per pool.
If you're going to be depending on Microsoft to provide the agents, use the Hosted queue. You can't add machines to the hosted queue, the idea there is that agents are provisioned on-the-fly for your builds.
For other queues, you need to install and configure an agent on a machine (whether on-prem or in Azure/AWS). For Windows machines, there's a download link right on the agent pool screen.
For non-Windows machines, you can install the Node.JS build agent from NPM.
We're having an issue in our lab environment running coded UI tests.
Note that the deployment completes successfully but the test fails with the following error:
Deployment
Lab environment: Win 7 VM
Build definition did not specify
a clean snapshot. It is a best practice to use clean snapshot when
running the lab workflow.
The application was deployed successfully from the following build location:\tfssvr106\TFS\BuildDrop\ServerAssistant_Production\ServerAssistant_Production_20130816.1
Build definition did not specify a post deployment snapshot. It is a
best practice to take post deployment snapshot when running the lab
workflow.
Test Results
Test run (Id) : ServerAssistant - Coded
UI_20130816.12 (96) Test run needs investigation Test run details
0 of 1 test(s) passed, 1 failed, 0 inconclusive, View Test Results
The test results have the following error…
The build directory of the test run either does not exist or access permission is required.
The Diagnostic logging from the build has the following…
TestDirectory = \tfssvr106\TFS\BuildDrop\ServerAssistant_Production\ServerAssistant_Production_20130816.1
We don’t want the tests running from the build drop location because that is a domain server share and the test VM is a workgroup machine. We'd prefer the agent on the workgroup VM to run the tests from its local C:
If we authenticate the workgroup machine to the build drop share using my domain account, the tests run fine.
All the files are present and ready to run from C: via my deploy task. How do we get the tests to run from C: of the VM?
Any advice would be greatly appreciated!
If you plan to run your test controllers and test agents on machines that are in a work group and not in a domain, or machines that run in different domains that do not have a two-way trust relationship, you must follow these steps as part of your installation process:
On each computer where you will install a test controller or a test agent, create a local user account that is a member of the Administrators group. Use the same account and password on each machine.
Use this user account for your test controllers when you install and configure them.
Add this account to the TeamTestAgentService group on the test controller machine.
Caution
When you add this user account to the group, do not include the name of the local machine. For example, do not add the user account as \. Just add as the user account for the group.
Install and configure your test agents using this same account.
Note
During installation, simple file sharing is automatically turned off for users who connect to a controller from a Windows XP Professional computer in a Work Group. To verify this, open Windows Explorer, choose Tools, choose Folder Options, choose Next, choose the View tab, and then choose Use Simple File Sharing (Recommended).
Full information can be referenced from this link:
Requirements for Workgroups and Multiple Domains
We have TFS 2010 working on-premise in a domain environment.
I want to add a Build Service which will be hosted in a multi-instance Azure service wherein the build agent runs in the cloud. It will have access to SourceControl from on-prem TFS probably through Service Bus. I would prefer to do this without using a VM Role if possible.
The most likely topology as per Understanding a Team Foundation BuildSystem is either the 'Multiple-machine System' or 'Multiple-machine system with multiple controllers'
Has anyone done this specific type of deployment, how?
Could the Build Agent be made to run in a Web or Worker role?
For the tfs preview it can be done using the vm role: http://bartwullems.blogspot.com/2011/10/running-your-build-server-on-azure.html