Visual Studio 2013的发布管理 - 部署代理“未知用户名或密码错误”

Question

我们正在使用Visual Studio 2013版本管理，部署在DEV，QA和Staging服务器中运行顺畅，这些服务器与RM / Build服务器位于同一个域中。

尝试在RM服务器域之外的服务器上设置生产部署代理并出现问题。

在RM服务器和生产服务器上创建了一个本地“影子”帐户，两者都使用相同的用户名/密码。部署代理已安装在生产服务器上，并且使用“./shadow_user”格式为用户名设置成功。

发布管理客户端未显示生产服务器，并且RM服务器上的事件查看器显示部署代理程序中的许多安全审核失败。失败详细信息显示域的生产服务器名称而不是RM服务器名称（模拟失败）。具体信息是：

An account failed to log on.

Subject:
    Security ID:        NULL SID
    Account Name:       -
    Account Domain:     -
    Logon ID:       0x0

Logon Type:         3

Account For Which Logon Failed:
    Security ID:        NULL SID
    Account Name:       shadow_User
    Account Domain:     PROD-SVR

Failure Information:
    Failure Reason:     Unknown user name or bad password.
    Status:         0xC000006D
    Sub Status:     0xC0000064

Process Information:
    Caller Process ID:  0x0
    Caller Process Name:    -

Network Information:
    Workstation Name:   PROD-SVR
    Source Network Address: -
    Source Port:        -

Detailed Authentication Information:
    Logon Process:      NtLmSsp 
    Authentication Package: NTLM
    Transited Services: -
    Package Name (NTLM only):   -
    Key Length:     0

This event is generated when a logon request fails. It is generated on the computer where access was attempted.

The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network).

The Process Information fields indicate which account and process on the system requested the logon.

The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
    - Transited services indicate which intermediate services have participated in this logon request.
    - Package name indicates which sub-protocol was used among the NTLM protocols.
    - Key length indicates the length of the generated session key. This will be 0 if no session key was requested

有任何解决此问题的建议吗？

我们尝试过使用RM服务器影子帐户凭据的Windows Credential管理器，但没有区别。

Answer 1

而不是使用影子帐户方法。使用支持标准部署的VNext版本（代理更少）将使用WINRM端口进行通信，只要求机器在同一网络中。

了解更多信息： http://blogs.msdn.com/b/visualstudioalm/archive/2014/07/07/how-to-setup-environments-for-agent-less-deployments-in-release-management-release-management-2013-with-update-3-rc.aspx

Answer 2

解决方案是使用生产服务器上的影子帐户登录，并将凭据添加到Credential Manager。之前使用其他帐户登录，并且Deployment Agent未在其他Credential Manager实例中看到条目。