RE: TFS 2008 Team Build: Error connecting to remote build agent



Update:

Of course, this would start working a few minutes after I put this post out
here. However, I wanted to follow-up and see if anyone knew WHY:

I set the AuthenticationScheme="Anonymous" instead of "Ntlm".
I have the service running under a domain account w/ local admin rights.
I have added that domain account to the team project's [Build Services] group.

Looks like the change in AuthenticationScheme did the trick. Any idea why
Ntml doesn't work?



__________________________________

"Dan Sloan" wrote:

Hi everyone,

I am trying to get a remote build agent to work in a TFS 2008 environment
and I'm having some difficulty. If anyone has any guidance for
troubleshooting this, I'd really appreciate it.

Issue:

* When I queue builds from Team Explorer, I get the following error:

TF215085: An error occurred while connecting to agent
\[MyTeamProjectName]\BUILD_AGENT_BOX: TF215076: Team Foundation Build on
computer BUILD_AGENT_BOX (port 9191) is not responding. (Detail Message: HTTP
code 403: Forbidden)

Here's the situation:

******* Build Agent Machine *******

TFSBuildService.exe is running - and I've run it both under
NTAUTHORITY\Network Service, as well as a domain account that has
administrative rights on the box. For the latter configuration, I added that
domain account to the team project's [Build Services] TFS group. Neither
configuration seems to resolve the issue.

I have reviewed TFSBuildService.exe.config for all of the normal
configuration settings and everything looks good, including:

<add key="port" value="9191" />
...
<add key="AuthenticationScheme" value="Ntlm" />
...
<add key="AllowedTeamServer" value="http://TFS_APP_TIER_BOX:8080"; />
...

******* TFS App Tier Machine *********

To try and troubleshoot the issue, I remoted to the app tier box and was
able to perform the "telnet test" to port 9191 successfully, so I know that
this box can talk to the build agent box and it recognizes that port 9191 is
in use. I am not aware of any firewalls between the two machines.


******* Common Stuff **************

-- Both the app tier box and build agent box are on the same domain.
-- There are no errors in the build agent's event log.
-- I have started a build agent on the app tier box and can queue builds up
to that machine successfully. This only appears to be a problem when the
build agent is running remotely.


Any insight would be greatly appreciated!

Dan
.



Relevant Pages

  • Re: What privileges do my SQL services need?
    ... I am looking at the SQL Server Service and the SQL ... > SQL Server Service can run as just a user but the Agent may need more. ... > SQLServerAgent Service" says that the domain account must be a member ...
    (microsoft.public.sqlserver.security)
  • Re: Auto Accept Agent working, but having trouble with customrespo
    ... > the Auto Accept Agent is correctly installed, ... > Is there something special that needs to be done to have the Auto Accept ... >>> security context you want Auto Accept Agent to run under. ... >>> Accept Agent under the security context of a domain account. ...
    (microsoft.public.exchange.admin)
  • Re: Backup Programs That Use Push Model Instead of Pull?
    ... and its agent ... domain account that has administrator access on each machine. ... backup upstream to a central server. ... Just write a schedule program to do the backup and then propagate it as ...
    (microsoft.public.windows.server.general)
  • Re: Auto Accept Agent working, but having trouble with customrespo
    ... Start Component Services. ... verify that Auto Accept Agent is present. ... Accept Agent under the security context of a domain account. ...
    (microsoft.public.exchange.admin)
  • Merge agent timeout
    ... profile - configuration settings are found there. ... the agent should not stop itself in continuous mode. ... In merger immediate/contineous update replication, ...
    (microsoft.public.sqlserver.replication)