Can the web deploy agent run on a port other than 80 on IIS6?
Solution 1
There's a couple of ways to do this:
Option 1: Uninstall and re-install Specifying a different port:
msiexec /I WebDeploy_x86_en-US.msi /passive ADDLOCAL=ALL LISTENURL=http://+:8172/MsDeployAgentService
The command line installs the MsDeployAgentService and configures it to listen on port 8172 just like on IIS7.
Option 2: Re-configure Existing Service to listen on port 8172:
Stop the msdepsvc (
net stop msdepsvc
)-
Edit the following registry value:
HKLM\SYSTEM\CurrentControlSet\Services\MsDepSvc\Parameters\ListenUrl
It'll look something like:
http://+:80/MsDeployAgentService
Change to:
http://+:8172/MsDeployAgentService
-
Query HTTP listeners:
httpcfg query urlacl
Your should see the following entry listed in the results:
URL : http://+:80/MsDeployAgentService/ ACL : D:(A;;GX;;;NS)
-
Modify listener:
httpcfg delete urlacl /u http://+:80/MsDeployAgentService/
This should respond with:
HttpDeleteServiceConfiguration completed with 0.
httpcfg set urlacl /u http://+:8172/MsDeployAgentService/ /a D:(A;;GX;;;NS)
This should respond with:
HttpSetServiceConfiguration completed with 0.
The ACL specified in the
/a
switch should match the ACL reported by thehttpcfg query urlacl
command Restart the msdepsvc (
net start msdepsvc
).-
You can confirm that the service is listening on port 8172 by doing:
netstat -an
You should see the following:
TCP 0.0.0.0:8172 0.0.0.0:0 LISTENING
Warning:
I would try this on a non-production machine first to ensure this works as you expect.
Solution 2
These are the changes I had to do for Windows 7, following Kev's recipe:
Step 3:
netsh http show urlacl
Step 4:
netsh http delete urlacl url=http://+:80/MSDEPLOYAGENTSERVICE/
netsh http add urlacl url=http://+:8172/MSDEPLOYAGENTSERVICE/ sddl=D:(A;;GX;;;NS)
Solution 3
For what it's worth, I glued together Kev's solid advice into a batch script for one stop shopping on changing port numbers.
:: Name: MsDepSvc.Port.cmd
:: Purpose: Modifies the TCP/IP port that the Web Deployment Agent Service
:: (MsDepSvc) listens on. Tested on Win7 Enterprise 32-bit.
:: Author: [email protected]
:: Revision: January 2013
@ECHO OFF
SETLOCAL ENABLEEXTENSIONS
SETLOCAL ENABLEDELAYEDEXPANSION
:: variables
SET me=%~n0
SET url=
SET port=
IF NOT "%~1"=="" (
SET /A port=%~1
)
ECHO %me%: Web Deployment Agent Service (MsDepSvc) port change script
:: default argument values
IF "%port%"=="" (
SET /A port=8172
ECHO %me%: INFO - using default port value of 8172
)
SC.EXE query msdepsvc >NUL 2>NUL
IF NOT "%ERRORLEVEL%"=="0" (
ECHO %me%: ERROR - MsDepSvc not installed
ECHO %me%: exiting
EXIT /B 1
)
ECHO %me%: stopping MsDepSvc
NET STOP msdepsvc >NUL 2>NUL
:: check if the default port is set
REG.EXE QUERY HKLM\SYSTEM\CurrentControlSet\Services\MsDepSvc\Parameters /v ListenUrl >NUL
IF NOT "%ERRORLEVEL%"=="0" (
ECHO %me%: ERROR - MsDepSvc ListenUrl registry key not found
REG.EXE QUERY HKLM\SYSTEM\CurrentControlSet\Services\MsDepSvc\Parameters
ECHO %me%: exiting
EXIT /B 2
)
FOR /F "tokens=3" %%I IN ('REG.EXE QUERY HKLM\SYSTEM\CurrentControlSet\Services\MsDepSvc\Parameters /v ListenUrl ^| FINDSTR ListenUrl') DO (
SET url=%%I
)
ECHO %me%: INFO - MsDepSvc current reservation is "%url%"
NETSH.EXE http show urlacl "%url%" >NUL
IF NOT "%ERRORLEVEL%"=="0" (
ECHO %me%: ERROR - reservation for "%url%" not found
EXIT /B 4
)
:: save the existing urlacl properties for User, Listen, Delegate, and SDDL
FOR /F "tokens=1,* delims=: " %%A IN ('NETSH.exe http show urlacl %url% ^| FINDSTR "User Listen Delegate SDDL"') DO (
SET URLACL.%%A=%%B
)
IF NOT DEFINED URLACL.User ECHO %me%: Failed to read the exising URLACL setting for User &&GOTO :ERROR
IF NOT DEFINED URLACL.Listen ECHO %me%: Failed to read the exising URLACL setting for Listen &&GOTO :ERROR
IF NOT DEFINED URLACL.Delegate ECHO %me%: Failed to read the exising URLACL setting for Delegate &&GOTO :ERROR
IF NOT DEFINED URLACL.SDDL ECHO %me%: Failed to read the exising URLACL setting for SDDL &&GOTO :ERROR
ECHO %me%: updating MsDepSvc to listen on port %port%
REG.EXE ADD HKLM\SYSTEM\CurrentControlSet\Services\MsDepSvc\Parameters /v ListenUrl /t REG_SZ /f /d "http://+:%port%/MSDEPLOYAGENTSERVICE/"
ECHO %me%: deleting the existing reservation for MsDepSvc
NETSH.EXE http delete urlacl "%url%" || GOTO :ERROR
ECHO %me%: adding the port %port% reservation for MsDepSvc
NETSH.EXE http add urlacl url=http://+:%port%/MsDeployAgentService/ user="%URLACL.User%" listen="%URLACL.Listen%" delegate="%URLACL.Delegate%" SDDL="%URLACL.SDDL%" || GOTO :ERROR
ECHO %me%: starting MsDepSvc
NET START msdepsvc >NUL 2>NUL
ECHO %me%: process info for MsDepSvc
QUERY.EXE PROCESS MSDEPSVC.EXE
ECHO.
ECHO %me%: port bindings for MsDepSvc
NETSTAT.EXE -a -n -o | FINDSTR /R "TCP.*:%port%.*LISTENING Proto"
ECHO.
ECHO %me%: finished
:END
ENDLOCAL
ECHO ON
@EXIT /B 0
:ERROR
ECHO %me%: ERROR - exiting with errorlevel %ERRORLEVEL%
ECHO ON
@EXIT/B %ERRORLEVEL%
Read More:
- https://gist.github.com/steve-jansen/5060329
- http://steve-jansen.github.com/blog/2013/02/28/how-to-modify-the-tcp-slash-ip-port-binding-for-the-microsoft-web-deployment-agent-service/
Troy Hunt
Pluralsight author. Microsoft Regional Director and MVP for Developer Security. Online security, technology and “The Cloud”. Creator of Have I Been Pwned.
Updated on November 09, 2020Comments
-
Troy Hunt over 3 years
I've got a bit of a challenge with a Windows 2003 machine where I need to run the web deploy agent on a port which isn't 80. By default, MsDepSvc will expose an endpoint at http://[server]/MsDeployAgentService which obviously implicitly listens on port 80.
The problem I have is that the machine is also running Visual SVN Server which is using port 80 and as a result, the web deployment agent service refuses to start. (At least this is the only logical conclusion I can draw.) I have a small SVN management app on the same machine which I'd like to publish over web deploy hence the conundrum.
Is it possible to run the agent on another port? Obviously if this was IIS7 we'd be on 8172 and everything would be fine but unfortunately that's not the case here. Any suggestions?
-
Doug almost 13 yearsEpic fu there Kev - if this was ebay i'd be "AAAA++++"ing you fo showa
-
Shawn Holmes over 12 yearsI just found this answer while searching for the same issue, but affecting a Windows 7 box, and the process worked for me, with the slight change of using the 'netsh' command instead. Ref: msdn.microsoft.com/en-us/library/ms733768.aspx
-
Matt over 12 yearsI was getting the following errors and changing the port worked for me. "Retrying the sync because a socket error (10054) occurred. Retrying operation 'Serialization' on object sitemanifest (sourcePath)." Server side the event log contained, "System.Net.HttpListenerException: An operation was attempted on a nonexistent network connection." Thanks for the fix.
-
Martin_W about 12 yearsJust a follow-up on Kev's answer: httpcfg is distributed as part of "Windows Server 2003 Service Pack 2 32-bit Support Tools (microsoft.com/download/en/…)".
-
Luke Puplett over 11 yearsOption 1 failed for me: I was unable to reinstall because 8172 is already used by WMSvc (Web Management). I can't understand it - MsDepSvc needs WMSvc to work and yet both use the same port which doesn't make sense on paper, and in practice, for me, proves not to work! How does it work for anyone??
-
Kev over 11 years@LukePuplett - not being flippant...but did you try option 2? Also what OS were you trying this on. I know that this answer does work specifically on Windows 2003, but I never tried it on Win7/2008/2008R2
-
Luke Puplett over 11 years@Kev: Do you know, I think I figured out that there's Web Deploy and MS Deploy and that only one is needed. The second one is inside the Web Management feature. I think... it's so confusing.
-
Kev about 11 yearsJust bumped into this. Nice adaptation +1 :)
-
Riaan about 11 yearsthis worked for me starting the service, but the Management icons are still missing in IIS. Any idea?
-
niico over 10 yearsThanks - I get an error though: "Url reservation add failed, Error: 183" "Cannot create a file when that file already exists"
-
Steve Jansen over 10 yearsHi @niico, what port number are you trying to use, are you sure it's an unused port, and what output do you see before the error message?
-
niico over 10 yearsI'll step back if I may. I just want to stop it using port 80 - because that's open on the hardware firewall - and use another port that is closed (most are) so it's not open to the world, only to VPN users. I don't mind which port. Thoughts?
-
niico over 10 years(the line before that error was: adding the port 1872 reservation for MsDepSvc) - this is a clean install of Web Deploy 3.5 on Windows Server 2012
-
Steve Jansen over 10 yearsSomething must be different for Windows Server 2012; unfortunately, I do not have access to a 2012 box. Can you paste the output of
NETSH.exe http show urlacl %url%
says, where%url%
is the value output by the log lineINFO - MsDepSvc current reservation is "%url%"
? -
Heki over 9 yearsIt's worth mentioning that the script will fail on non-english Windows. In danish (my os language), global replace
URLACL.User
withURLACL.Bruger
,URLACL.Listen
withURLACL.Lyt
,URLACL.Delegate
withURLACL.Deleger
. LeaveURLACL.SDDL
as this is the same in both languages. -
Sukhdevsinh Zala about 7 yearsI am using Windows Server 2016, I can't find "httpcfg.exe".