-
Notifications
You must be signed in to change notification settings - Fork 857
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Authentication error, while connecting to TFS from VSTS-agent installed Linux-RedHat machine #695
Comments
@sahithreddyk you should not disable windows authentication when you use negotiate. what kind of credential do you use, a domain account? |
@sahithreddyk are you able to access your TFS in browser from the redhat machine using the same credential? |
Also, would you be able to use a PAT Taken as a temporary workaround? |
Question is still open but i would just like to add that PAT token give an error of: |
@Finnegan353 PAT require your TFS server is using SSL. |
@sahithreddyk |
@TingluoHuang, Does PAT works to overcome this authentication error? Thanks in advance |
@sahithreddyk It might help, but we still need to figure out where is the problem. |
@sahithreddyk PAT require HTTPS/SSL. http://docs.telerik.com/fiddler/Configure-Fiddler/Tasks/MonitorRemoteMachine check the first link to enable fiddler to capture remote connection traffic. |
@TingluoHuang We are using TFS 2015.3 version. Thanks in advance |
@sahithreddyk don't do that step, use the second link to configure your agent to talk through the Fiddler proxy. |
@sahithreddyk doesn't matter, the proxy configure is pure agent side. BTW, are you using Redhat 7.2? |
We are using RedHat 7 only. Am deleting some of comments due to privacy Thanks |
@sahithreddyk is there any change you can setup a redhat 7.2 and take a try? the reason is dotnet core is built for 7.2, i am not sure whether 7 will work or not. |
@TingluoHuang Can you please cnofirm, Is PAT applicable for only HTTPS with SSL? and not for HTTP? |
@sahithreddyk yes, you have to use https in order to use PAT. |
@TingluoHuang
Start Fiddler on Fiddler server (the machine that will capture the traffic). Click Tools > Fiddler Options. Ensure Allow remote clients to connect is checked. I copied "copy browser proxy configuration URL" to the browser, Result: **// Autogenerated file; do not edit. Rewritten on attach and detach of Fiddler. // Get the URL to this file from Fiddler by clicking Tools > Fiddler Options > Connections > Copy Browser Proxy Configuration URL. function FindProxyForURL(url, host){ or Do I need to use my TFS url and replace 8080 port with 8888? Please confirm Thanks |
@sahithreddyk what's your Fiddler machine IP? in your agent's .proxy, set http://your fiddler machine ip:8888/ |
when I click "Copy Browser Proxy Configuration URL" and paste it on web browser and the result is // Get the URL to this file from Fiddler by clicking Tools > Fiddler Options > Connections > Copy Browser Proxy Configuration URL. function FindProxyForURL(url, host){ Can I use http://119.0.0.1:8888 as name of proxy server URL Thanks in advance |
@sahithreddyk yes. |
@TingluoHuang FYI, I installed Fiddler on my local machine and not on the Application tier (where TFS installed) and also on TFS installed server, for IIS and TFS services, I enabled "Negotiate" authentication. Is there anything I need to look on Fiddler ? Thanks in advance |
@sahithreddyk is there any http trace shows in your Fiddler? |
@TingluoHuang comes to TFS url, am just using server URL and not using any specific collection URL Thanks in advance |
@sahithreddyk the purpose of using Fiddler is to collect the http trace from your agent to your TFS server, so we can figure out what's going wrong. So, you configure the Fiddler on machine B to allow remote connection, right? have you change your windows firewall rule to allow all inbond connection? in machine A, create the .proxy file before configure the agent, and set it to use Fiddler proxy in machine B. have you try run |
a: the machine your agent at (RedHat 7 Linux machine) getting error, $ curl http://119.0.0.1:8888 Thanks in advance |
I face the same issue with Windows agent, running on same machine as TFS server is on. My TFS have to use http on public internet because https has problems for us. Now I want to set up a CI build, and found I am not able to config the agent via http. No matter which auth type I choose, I get: My repository is using Git, not TFVC, so it seems I can't set up a XAML build either. It's now a dead end... |
@EdiWang can you open a separate issue? this is a long thread and i'm not sure the current state of it. also have you tried |
try use curl hit you TFS AT directly from your Redhat box. |
close as non-active issue, reopen if needed. |
Sorry for the delay, we had issues with CURL, then we have updated to latest version and issue was resolved few days back. Ragards, |
Hello,
Am getting authentication error, while accessing TFS URL
As of now,
After executing, .\config.sh
asking below details,
Enter server URL > http://:8080/tfs/
Enter authentication type (press enter for Negotiate) > (pressed enter to negotiate)
Enter user name > xxxxxxxxxx
Enter password > ********
Connecting to server ...
VS30063: You are not authorized to access http://:8080.
Failed to connect. Try again or ctrl-c to quit
Even I tried with changing basic authentication to enable and windows authentication to disabled for Team foundation services, but still am getting error (am the collection administrator, i do have complete access rights).
We are using domain account credentials for username
Can someone advise me on this
Thanks in advance
The text was updated successfully, but these errors were encountered: