I have a web forms application (Visual Studio 2010) with an existing wpp.targets file working successfully to do things like LESS preprocessing, resource minification/bundling, web.config encryption, etc.
I have always been able to deploy just fine by simply right-clicking on the web app, and choosing the Publish - File System option.
I recently decided to try and automate the setting of the ACL permissions on a specific folder within the app. This led me down the road of changing from the File System publish option to the Web Deploy option (which also works fine after installing and configuring Web Deploy 3 on the server).
The reason I switched to Web Deploy is because it's my understanding that by using the Web Deploy option, I should be able to add additional steps to my wpp.targets file to set the necessary folder permissions.
I've seen numerous articles, blogs, forum posts, etc. on the subject and it seems fairly straight forward.
I'm trying to give Read/Write/Modify access to Domain Users for a folder named "IDAutomation" - so I basically just added the following at the end of my existing wpp.targets file:
<Target Name="SetupCustomAcls" AfterTargets="AddIisSettingAndFileContentsToSourceManifest">
<ItemGroup>
<MsDeploySourceManifest Include="setAcl">
<Path>$(_MSDeployDirPath_FullPath)\IDAutomation</Path>
<setAclAccess>Read,Write,Modify</setAclAccess>
<setAclUser>Domain Users</setAclUser>
<setAclResourceType>Directory</setAclResourceType>
<AdditionalProviderSettings>setAclResourceType;setAclAccess</AdditionalProviderSettings>
</MsDeploySourceManifest>
</ItemGroup>
</Target>
<Target Name="DeclareCustomParameters" AfterTargets="AddIisAndContentDeclareParametersItems">
<ItemGroup>
<MsDeployDeclareParameters Include="IDAutomationSetAclParam">
<Kind>ProviderPath</Kind>
<Scope>setAcl</Scope>
<Match>^$(_EscapeRegEx_MSDeployDirPath)\\IDAutomation$</Match>
<Value>$(_DestinationContentPath)/IDAutomation</Value>
<ExcludeFromSetParameter>True</ExcludeFromSetParameter>
</MsDeployDeclareParameters>
</ItemGroup>
</Target>
But I'm obviously missing something because I click Publish -> Web Deploy - and let it do its thing, the permissions are not applied to the folder. The app is deployed successfully and everything looks good - it just doesn't set the permissions on the folder for me.
Here's some excerpts from the end of the deploy output:
Target "Package" skipped, due to false condition; ($(_CreatePackage)) was evaluated as (false).
Target "MSDeployPublish" in file ..... from project .....
Start Web Deploy Publish the Application/package to....
...
Starting Web deployment task from source:manifest(.....) to Destination:auto().
Updating setAcl (Site/app).
Updating setAcl (Site/app).
Updating setAcl (Site/app/IDAutomation). <-- Appears to be doing something??
Updating filePath......
....
Updating setAcl (Site/app).
Updating setAcl (Site/app).
Updating setAcl (Site/app/IDAutomation). <-- Appears to be doing something??
Successfully executed Web deployment task.
Publish is successfully deployed.
Task "MSdeploy" skipped, due to false condition; ($(UseMsdeployExe)) was evaluated as (False).
Done building target "MSDeployPublish" in project ...
Done building project ...
So it appears to be setting the acl on the folder (twice for some reason) as you can see, but when I go look at the folder on the remote server, the permissions have not been applied.
What am I missing here?
I'm not trying to build a package for later/manual deployment or anything involving a build server. I'm simply manually trying to Publish -> Web Deploy.
Also Web Deploy 3.0 is installed on my machine (win7) as well as the web server (Win2008R2/IIS7.5).
-- UPDATE --
I've discovered that regardless of what I set in the setAclUser element, the sitemanifest.xml file is always missing the setAclUser attribute for the folder (abbreviated paths):
<sitemanifest>
<IisApp path="C:\...\obj\...\Package\PackageTmp" managedRuntimeVersion="v4.0" />
<setAcl path="C:\...\obj\...\Package\PackageTmp" setAclResourceType="Directory" />
<setAcl path="C:\...\obj\...\Package\PackageTmp" setAclUser="anonymousAuthenticationUser" setAclResourceType="Directory" />
<setAcl path="C:\...\obj\...\Package\PackageTmp\IDAutomation" setAclResourceType="Directory" setAclAccess="Read,Write" />
</sitemanifest>
So you can see there's no setAclUser on the setAcl element for the IDAutomation folder. Hopefully that will be a clue to someone?
Thanks again-
sigh - Finally realized I was missing the setAclUser property from the AdditionalProviderSettings:
<AdditionalProviderSettings>setAclUser;setAclResourceType;setAclAccess</AdditionalProviderSettings>