Enabling metaKey="siteName" Syntax

Applies To: Windows 7, Windows Server 2003, Windows Server 2003 R2, Windows Server 2008 R2, Windows Vista, Windows XP

This topic shows the delegation rules that are required to allow the metaKey provider to take a virtual path argument instead of a metabase path argument when you use the Web Deployment handler.

The Web Deployment Handler

The Web Deploy handler uses the Web Management Service (WMSvc) to allow non-administrative users to access the sites and applications to which they have been delegated access by using a URL argument with the computerName provider setting (for example, computername=https://serverName/agent.mwd?Site=Site1). The handler is useful for Web hosting because it gives users control over the publishing of their own content while preventing them from having administrative rights on the Web server that hosts their content.

The metaKey Provider

You can use the metaKey provider to publish IIS 6.0 sites and applications to an IIS 7 server. The metaKey provider can take as an argument either a valid metabase path (such as lm/w3svc/1/root), or a virtual path (such as "Fabrikam Site 1"). On IIS 6.0, the site or application name can be found in the MetaBase.xml file in the ServerComment property of the Web site or application.

Delegation Rules are Required

To enable the metaKey="Fabrikam Site 1" syntax when you use the metaKey provider with the handler, you must first put certain delegation rules in the Administration.config file on the IIS 7 server. By default, the Administration.config file is located in the %windir%\system32\inetsrv\config folder.

The rule sets required for sites and applications are different. Example commands and corresponding configuration settings are given for each.

Delegation rules for metaKey="siteName"

Example Command

The following command uses the metaKey provider to synchronize the IIS. 6.0 "Default Web Site" website on the source computer to the destination computer Server1 by using the Web Management Service handler.

msdeploy.exe -verb:sync -source:metaKey="Default Web Site" -dest:metaKey="Site1",computername=https://Server1:8172/msdeploy.axd?Site=Site1,username=<userName>,password=<password>,authType=basic -allowUntrusted

Example Settings

The following table displays the Administration.config file delegation settings that are necessary to implement the example command.

Example Configuration

The following XML shows how the example settings are implemented in the Administration.config file.

<delegation allowAdministrators="false">

   <rule providers="metaKey" actions="*" path="/lm/w3svc/1">
      <permissions>
         <user name="<userName>" isRole="false" accessType="Allow" />
      </permissions>

      <runAs identityType="SpecificUser" userName="administrator" password="<password>" />
   </rule>

   <rule providers="metaKey" actions="*" path="Site1">
      <permissions>
         <user name="<userName>" isRole="false" accessType="Allow" />
      </permissions>
   </rule>

   <rule providers="dirpath" actions="*" path="d:\inetpub\wwwroot">
      <permissions>
         <user name="<userName>" isRole="false" accessType="Allow" />
      </permissions>
   </rule>

   <rule providers="dirpath" actions="*" path="d:\php">
      <permissions>
         <user name="<userName>" isRole="false" accessType="Allow" />
      </permissions>
   </rule>

   <rule providers="rootwebconfig32" actions="*" path="Default Web Site">
      <permissions>
         <user name="<userName>" isRole="false" accessType="Allow" />
      </permissions>
   </rule>

   <rule providers="machineconfig32" actions="*" path="Default Web Site">
      <permissions>
         <user name="<userName>" isRole="false" accessType="Allow" />
      </permissions>
   </rule>

   <rule providers="rootwebconfig64" actions="*" path="Default Web Site">
      <permissions>
         <user name="<userName>" isRole="false" accessType="Allow" />
      </permissions>
   </rule>

   <rule providers="machineconfig64" actions="*" path="Default Web Site">
      <permissions>
         <user name="<userName>" isRole="false" accessType="Allow" />
      </permissions>
   </rule>
</delegation>

Delegation rules for metaKey="siteName/applicationName"

Example Command

The following command uses the metaKey provider to synchronize the IIS. 6.0 "Default Web Site/root/App1" web application on the source computer to WebSite1/root/App1 on destination server Server1 by using the Web Management Service handler.

msdeploy –verb:sync -source:metaKey="Default Web Site/root/App1" -dest:metaKey="WebSite1/root/App1",computername=https://Server1:8172/msdeploy.axd?Site=WebSite1,username=<userName>,password=<password>,authType=basic -allowUntrusted

Example Settings

The following table displays the Administration.config file delegation settings that are necessary to implement the example command.

Example Configuration

The following XML shows how the example settings are implemented in the Administration.config file.

<delegation allowAdministrators="false">

   <rule providers="metaKey" actions="*" path="/lm/w3svc/1/root/App1">
      <permissions>
         <user name="<userName>" isRole="false" accessType="Allow" />
      </permissions>

      <runAs identityType="SpecificUser" userName="administrator" password="<password>" />
   </rule>

   <rule providers="metaKey" actions="*" path="WebSite1/root/App1">
      <permissions>
         <user name="<username>" isRole="false" accessType="Allow" />
      </permissions>
   </rule>

   <rule providers="dirpath" actions="*" path="d:\php">
      <permissions>
         <user name="<username>" isRole="false" accessType="Allow" />
      </permissions>
   </rule>
</delegation>

See Also

Concepts

Configuring the Web Deployment Handler
Using Web Deploy Remotely
Web Deploy metaKey Provider
Web Deploy Provider Settings