You receive an error message when you use the Web Deployment Tool (Web Deploy) as a delegated user over a remote IIS manager connection via the Web Management Service (WMSVC)


When you perform Web Deploy operations remotely through IIS Manager and are using the Web Management Service (WMSVC), you may receive an error message similar to the following:

“An error occurred when the request was processed on the remote computer.”
“Attempted to perform an unauthorized operation. “ <Web Deploy Provider Name>”



The problem occurs because the user has not been granted permissions to perform the action for the specified provider.  The server administrator has to determine the provider and user that are affected, the permissions that are necessary (for example, Read or Write), and the path that is being used.



The resolution will vary depending on the message returned and the provider specified. Consult the following resources for instrumentation to assist in diagnosing the problem:


More Information

Below are some of the common issues that may be encountered in this scenario:


The user receives a 401 "unauthorized" error when trying to connect to a Web site.

Possible causes: This error comes from WMSVC and is usually an error with a username or password, or because the user does not have access to the Web site.

Resolution: Verify the username and password and that the user has access to the Web site.


The user receives a server error when trying to import or export an application.
Possible causes: This error comes from the Web Deployment Handler and is usually a problem with the deployment rules. Since the user has connected successfully, it is not an issue with WMSVC.  A deployment rule may have a typo, the user performing deployment may not be authorized, or the runAs identity may not have required access permissions.

Resolution: Configure Web Management Service tracing and review the logs to identify the failure.

  • Look for entries in the logs that contain failures such as “Details: No rule was found that could authorize user 'server1\siteowner', provider 'appPoolConfig', operation 'Read', path 'DefaultAppPool'”. In this case, the provider appPoolConfig is not authorized and the user tried to use a provider for which the user did not have permissions.
  • Another common error is if the RunAs user that is being used to create applications does not have proper access to configuration. In this case, Process Monitor is a useful tool for determining where an access denied error may be coming from.




Web Deployment Tool TechNet Reference

Configure the Web Deployment Handler

Web Deploy on IIS.NET


Microsoft Internal Support Information

Steps to reproduce.

Product Bug Number:
Author ID (email alias): RMarr
Writer ID(email alias): Timamm, MLaing
Tech Review ID (email alias): RMarr
Confirm Article has been Tech Reviewed: Yes
Confirm Article released for Publishing: Yes

Номер статьи: 2023855 — последний просмотр: 20 апр. 2010 г. — редакция: 1

Отзывы и предложения