Allowing non-admin users to deploy web applications on IIS 7 using web deploy 2.0

One of the main features of web deploy is integration with the IIS 7.0 Web Management Service (WMSVC) for remote deployment by non-administrators. 

1. Installing Web Management Service (WMSVC)

Click Server Manager in the Start menu, select the Roles node in the left-hand tree view, and scan down to find the Web Server (IIS) role.  Click Add Role Services and select theManagement Service component.

2. Installing WebDeploy 2.0.

http://www.microsoft.com/en-us/download/details.aspx?id=25230

3. Configure WMSvc Settings

• Open IIS Manager.
• In the Connections pane, click the server node in the tree.
• In Features View, double-click Management Service.
• On the Management Service page, in the Actions pane, click Stop to stop the service.
• Select Enable remote connections. This enables server administrators to connect remotely to the server, sites, and applications.
• Optionally, if you want to allow non-administrators to connect to sites and applications by using IIS Manager, configure the options under Identity Credentials:
• Select Windows credentials only if you want to limit connections to users who have Windows credentials.
• Select Windows credentials or IIS Manager credentials if you want to accept connections from users who have Windows credentials and users who have IIS Manager credentials.
• In the Actions pane, click Apply and then click Start.

 

4. Configure Management Service Delegation rule

• Open IIS Manager.
• In the Connections pane, click the server node in the tree.
• In Features View, double-click Management Service Delegation.
• On the Management Service page, in the Actions pane, click  "Add rule".
• Select Blank Rule template.
• Configure the rule as per below mentioned settings:
• Providers: setAcl, createApp, contentPath, iisApp
• Actions: *
• Path Type: Path Prefix
• Identity type: ProcessIdentity
• Click ok.
• Add the non-admin user to this rule.

 

 

 5. Adding permissions for non-admin user on the website. 

• Open IIS Manager.
• In the Connections pane, click the desired Website in Sites tree.
• In Features View, double-click IIS Manager Permissions.
• On the IIS Manager Permissions page, in the Actions pane, click  "Allow User".
• Add non-admin user here.

6. Verify if remote delegation has been set correctly for the user.

-  Open IIS Manager.

- In the Connections pane,  select Connect to Site.

  

-  Enter the Server and Site names and press next.

-  Enter the User Credentials and press next.

-  Enter a name for your Connection.

-  Right Click on Website connection, and you would get "Deploy Option". 

 

 -  We will get options under Deploy Section based on the Providers added to management service delegation rule.