Forms Auth no matter what

I have only chosen to use Windows Auth on my IIS site deploy step. I get Windows and Forms Auth every time. I can manually remove it after the deploy, but it returns on the next.

Am I missing something? I don’t see an option to remove the Forms Auth from the IIS config or an easy way (maybe PS script?) to remove it after the fact? Reviewing the logs I see OD is not explicitly adding it so I assume it’s maybe a default? I’d rather not try to disable Forms Auth by default across the server but I guess that’s another option…


Hi Matthew,

Thanks for getting in touch! Could you enable the debugging variables,then create a new release and send us a raw deployment log? I’d like to double check the values that are being passed to the deployment step.

If possible, try to just run the IIS Site deploy step to avoid the extra noise on the log :slight_smile:


yup, here ya go. thanks

ServerTasks-6086.log.txt (73 KB)

Hi Matthew,

Octopus doesnt enable Forms auth by default, and like you mentioned there are no signs on the log that this is being done during the deployment.

Is it possible that you have enabled this feature from your web.config, and IIS is inheriting that config from there? It should look something like this

<authentication mode="Forms"></authentication>

As a workaround you can always add a postdeploy PS script to disable this if you need to solve it right away.



Thanks for the reply. I’ve come to the same conclussion and added the
post-deploy script to remove the forms auth.