2

I have a following setup:

  • TFS and Release Management Server are setup on different servers (not in same network)
  • TFS in DOMAIN1
  • RM Server in DOMAIN2 (totally separate/untrusted from DOMAIN1)
  • RM Server is connected to TFS using DOMAIN1\RMService account
  • Everything seems to work fine, Make requests on behalf of others granted
  • RM Client connected to RM Server using DOMAIN2\AMAN

Everything seems to work fine I wanted to connect Release Management to TFS, which I did by following the link given here:

https://msdn.microsoft.com/en-us/library/dn593699.aspx

I got my TFS connected to Release Management. So far so good. But when I tried to add Build Definition for a Release Template in RM, I got an empty dropdown list for Team Project and Build Definition.

When I checked on the Event Viewer, I got following error logged.

User Domain2\username does not have access to http//xyz.xyz.com:8080/tfs/Default Collection: \r\n\r\n at Microsoft.TeamFoundation.Release.Platform.Common.TfsOnPremConnector.GetTfsUserIdentity(Uri tfsUri, String serviceUserName, String serviceUserPassword, String impersonatingUserName) at Microsoft.TeamFoundation.Release.Platform.Common.TfsOnPremConnector.GetTeamProjectCollectionWithImpersonation(Uri tfsUri, String serviceUserName, String serviceUserPassword, String impersonatingUserName) at Microsoft.TeamFoundation.Release.Builds.TfsOnPrem.TfsOnPremBuildSystem.d__6.MoveNext() Category: General Priority: -1 EventId: 0 Severity: Error Title: Machine: Machine1 Application Domain: /LM/W3SVC/2/ROOT-1-130824564165011117 Process Id: 9528 Process Name: C:\Windows\SysWOW64\inetsrv\w3wp.exe Win32 Thread Id: 13396 Thread Name: Extended Properties:

There is a similar question been asked and it still seems unresolved to me as solution is irrelevant:

https://social.msdn.microsoft.com/Forums/vstudio/en-US/4d45d222-8a46-49e6-a2e2-993fc14000a0/rm-server-in-untrusted-domain?forum=tfsbuild

Is there a solution or workaround to this problem?

Aman Shankhdhar
  • 21
  • 2
  • 1
    Release Management shouldn't be on a separate domain or network than TFS. For purposes of installation and configuration, it's better to think of them as the same product. – Daniel Mann Jul 27 '15 at 20:48
  • Hi Daniel, Thanks for your prompt reply. However, I could not find any documentation mentioning TFS and Release Management to be on same network or domain. – Aman Shankhdhar Jul 28 '15 at 05:17
  • Also, if there is a constraint to have RM on same network and domain as TFS. In such case, how can we provide on-premise standard deployments to multiple enivronments outside RM network using the same TFS ? – Aman Shankhdhar Jul 28 '15 at 05:59
  • 1
    It's not part of documentation, it's just common sense from an application role perspective. Deployers (for agent-based releases) are designed to communicate cross-domain if necessary, and the vNext releases can cross domains easily as well. – Daniel Mann Jul 28 '15 at 13:48
  • I agree with @DanielMann, it makes sense to have the RM server at least on the same domain of TFS. I've never tried, but I'd expect the deployers to be able to work cross-domain. – mguassa Jul 28 '15 at 20:17
  • @mguassa They do. It requires a little bit of jumping through hoops, but it's not too bad. – Daniel Mann Jul 28 '15 at 22:05
  • Could you guys have a look at the same discussion on another forum and see if you can help [link](https://social.msdn.microsoft.com/Forums/vstudio/en-US/ff0924e0-70b0-4720-9f15-79b8023bed12/how-to-connect-to-release-management-to-tfs-when-both-tfs-and-release-management-servers-are-on?forum=tfsbuild) as I still face the issue. – Aman Shankhdhar Aug 06 '15 at 07:07

1 Answers1

0

Are you using shadows accounts? you have to have the same credentials in the two domains within the same password and the same user.

DOMAIN1\RMService;DOMAIN2\RMService
DOMAIN1\AMAN; DOMAIN2\AMAN
Robert
  • 5,278
  • 43
  • 65
  • 115
Galletas Maria
  • 1
  • 1
  • I was able to see Team Projects & Build Def. for Release Template after I created Shadow account on RM Server (by the name of TFS User which had all the required permissions) But when I triggered a new Release after setting up my Release Template, my Release got Rejected in the 'Deploy' step. RM Client logs were: System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.AggregateException: One or more errors occurred. ---> System.IO.IOException: The network path was not found. Would you have any idea about this exception message? – Aman Shankhdhar Aug 10 '15 at 10:45
  • The exception is thrown in the execution of the Release? I mean, the exception was throw by a component or it's the RM client? – Galletas Maria Aug 19 '15 at 10:59
  • The exception did not come through any component or RM client. While using the RM Client this exception was logged in Windows Event Viewer – Aman Shankhdhar Aug 26 '15 at 20:31