Received 'Cannot read configuration file due to insufficient permissions' when using web app manage task in Azure Pipelines

Question

I want to set up an automated deployment to a remote Windows server. I have a YAML file in Azure Pipelines that compiles the code and does a deployment. Since I need to deploy the code in a specific subfolder on the remote server I use the Web App Manage task to set the physical path. I received an error when this task ran which says:

ERROR ( message:Configuration error 

Filename: redirection.config

Line Number: 0

Description: Cannot read configuration file due to insufficient permissions

. )

In configuring the Web App Manage task I turned on anonymous authentication and add bindings for port.

Here is my Web App Manage task YAML:

- task: IISWebAppManagementOnMachineGroup@0
    displayName: 'Set Folder Path'
    inputs:
      enableIIS: false # Optional
      iISDeploymentType: 'IISWebsite' # Options: iISWebsite, iISWebApplication, iISVirtualDirectory, iISApplicationPool
      actionIISWebsite: 'createOrUpdateWebsite' # Required when iISDeploymentType == IISWebsite# Options: createOrUpdateWebsite, startWebsite, stopWebsite
      websiteName: '$(websiteName)'
      websitePhysicalPath: '$(physicalPath)'
      websitePhysicalPathAuth: 'WebsiteUserPassThrough' # Options: websiteUserPassThrough, websiteWindowsAuth
      addBinding: true # Optional
      bindings: '{"bindings":[{"protocol":"http","ipAddress":"All Unassigned","port":"443","hostname":"","sslThumbprint":"","sniFlag":false}]}'
      createOrUpdateAppPoolForWebsite: false # Optional
      appPoolNameForWebsite: '$(applicationPool)'
      pipeLineModeForWebsite: 'Integrated' # Options: integrated, classic
      anonymousAuthenticationForWebsite: true # Optional
      basicAuthenticationForWebsite: false # Optional
      windowsAuthenticationForWebsite: false # Optional

The steps in the deployment stage of the pipeline script are:

1. Download build artifact from previous pipeline stage
2. Set remote server folder path using Web App Manage
3. Stop IIS website using Web App Manage
4. deploy app using Web App Deploy
5. start IIS website using Web App Manage

Do I need to change the type of authentication to solve the error? This is my first time using a pipeline to deploy to a remote Windows server. I'm not even completely sure I have all the right steps.

UPDATE: Here's some additional info. I have four private Windows agents (version 2.186.1) installed on the same server as my DevOps Server instance. I also have three agents installed on the server I'm trying to deploy to. These three agents were installed by running the Powershell script that is provided when you set up a new Environment in the Pipelines section of DevOps Server.

Answer 1

I think you used your private agent to deploy the website and you did not give the right for your agent when you use a user to deploy it.

1) please enter the agent PC--> Security-->add the user which you used to deploy the website under System.

Or you could enter C:\Windows\System32\inetsrv\config--> right-click--> select Properties --> Security and then add the user there.

Besides, if you config your private agent as a service, please enter private agent's services--> search for Azure Pipelines Agent--> double-click on it and enter Log on--> then change it to Local System.

After that, enter Project Settings--> Agent Pool--> your agent--> Agents--> click more options under the below agent-->Update Agent.