Reputation: 1003
Installing Azure DevOps Server on a non OS partition/drive
This question applies to Azure DevOps Server 2019 and 2020
I need to install the Azure DevOps application tier or move/set the ADO IIS applications root path to a different drive than the Operating System. I have reviewed the Basic and Advanced steps in the install wizard as well as the unattended steps with no mention on how to do this. Further more, the only location you're able to customize is the FileCacheFolder path. The default installation directory for 2020 is: "C:\Program Files\Azure DevOps Server 2020\Application Tier\Web Services". This is considered a security vulnerability in my organization as well as many of our customers.
The Defense Information Systems Agency or DISA has security guidance (STIG) for IIS Sites V-218752 that states:
"By locating the web document (home) directory on the same partition as the web server system file, the risk for unauthorized access to these protected files is increased. Additionally, having the web document (home) directory path on the same drive as the system folders also increases the potential for a drive space exhaustion attack"
I've also tried to move ADO's Web Services folder to a different drive and manually changing the physical path with no luck. (I didn't think that was going to work from the start but was worth the try lol)
Upvotes: 1
Views: 351
Answers (1)
Reputation: 1003
This wasn't documented anywhere that I could find on the Microsoft documentation but if you call the setup executable with the /help argument, it displayed a list of all the setup switches.
Example:
azuredevopsserver2020.1.1.exe /help
/? Display this usage text.
/H
/Help
/AdminFile <filename> Specifies the installation control file.
/CreateAdminFile <filename> Specifies the location to create a control file that can then be used with /AdminFile.
/CustomInstallPath <path>
Set Custom install location.
/ForceRestart Always restart the system after installation.
/Full Install all product features.
/InstallSelectableItems <item1;item2;...;itemN> Choose which selectable item(s) to be installed. If you do not want any selectable item to be installed, just pass in this switch without any value.
/Layout Create a copy of the media in specified folder.
/L <filename> Specifies a location for the log file.
/Log
/NoRefresh Prevent setup checking for updates from the internet.
/NoRestart Do not restart during or after installation.
/NoWeb Prevent setup downloading from the internet.
/Passive Display progress but do not wait for user input.
/ProductKey <25-character product key>
Set custom product key (no dashes).
/PromptRestart Prompt the user before restarting the system.
/Q Quiet mode with no display and no user interaction.
/Quiet
/S
/Silent
/Repair Repair the product.
/U Uninstall the product.
/Uninstall
/U /Force Uninstall the product and features shared with other products.
/Uninstall /Force Warning: using this switch may cause other products installed on this machine to stop functioning properly.
Setting the CustomInstallPath to a different drive satisfies the requirement in my post.
Upvotes: 0
Related Questions
- Azure Devops Pipeline - Use Microsoft Visual Studio Installer Projects
- Azure DevOps deployment into on premises machine
- Azure DevOps Server migration & upgrade
- Create an Azure VM with a non-Premium SSD as OS disk with Azure CLI
- Azure DevOps Server local install Extension over REST API
- Using azure devops to deploy to an offline server
- Implementing Azure DevOps Services with On-premise TFS Release Manager
- How to specify Azure Linux OS Disk Type with Azure CLI Create VM
- Create an Azure VM with an unmanaged disk
- Azure OS Disk naming convention