Configuring Release Management to work across untrusted domains

Configuring Release Management to work across untrusted domains

Rate This
  • Comments 3

There are times when you will want Release Management (RM) to interact with machines that are not part of the same domain. This post details the steps required to configure RM to work across untrusted domains. 


Configuring the Microsoft Deployment Agent
 


Follow these steps to configure the Release Management Server and the Deployment Agent on machines that run in different domains that do not have a two-way trust relationship.
 

1.       On each computer where you will install the RM Server or Deployment Agent, create a local user account that is a member of the Administrators group. Use the same account and password on each machine (i.e. Shadow Account).

2.       Add the RM Server’s Shadow Account to RM and grant both “Service User” and “Release Manager” permissions.

3.       Add the Deployment Agent’s Shadow Account to RM and grant “Service User” permission.

4.       Use the Shadow Account as the service account when you install and configure the Deployment Agent.

 

Note: When you add the local accounts to Release Management, include the name of the local machine where the account resides.

For example, add the user account as <Release Management Server machine name>\<username> or <Deployment Server machine name\<username> 


Configuring the Release Management Client for Visual Studio 2013

 

In the case where it is your Release Management Client application is running in a different domain than where the Release Management Server is installed, configuring a Windows Credential in the Credential Manager of the client machine will enable the authentication to happen successfully. 


             clip_image001[6]

1.       Open the Credential Manager on a client machine.

2.       Click on Add a Windows credential.

3.       Enter the necessary information.

     clip_image002[10]

 

5.       Open the Release Management Client and it will now open correctly.

6.       These steps will need to be repeated for each client machine that needs access to Release Management.

Leave a Comment
  • Please add 8 and 2 and type the answer here:
  • Post
  • Great job Roopesh!

  • The client connection procedure is not working for us. We are not able to connect the client from another domain.

    Release Management Server is on DOMAIN_MAIN and the client connects from DOMAIN_DEV.

    I created a user in Release Management linked to the AD account DOMAIN_MAIN\user.

    On the client, Windows Credentials were added with the url of RM (rmserver.domain.com:9292) and the DOMAIN_MAIN\user and password.

    It seems like the RM client is ignoring Windows Credentials.

  • The steps for the release management client do not work at all.

    The Release Management Server is installed on a server in a domain. While the Release Management Clients are not part of any domain.

    No matter what Credientials are entered it still says:

    "The current user does not have access to Release Management. Please log in with a valid user or communicate with the Release Management administrator to add your user".

Page 1 of 1 (3 items)