Octopus introduced me to powershell and well I made a mistake i thought i would never make… I wiped out the c:\ drive of a build agent due to a bad script …
Remove-Item “$ObfuscateLocation*” -Force -Recurse -ErrorAction SilentlyContinue
and $ObfuscateLocation was never defined in octopus - D’oh!
This would not have happened had I not setup our “svc_octodeploy” service account as admin on the build agent box. (lost a few hours but everything is back up)
I’m looking for a way to have minimum privileges for this service account.
only has access to folders explicitly given access to
c:\Octopus
c:\Program Files (x86)\Octopus Tentacle
network shares are easy since share it to a specific user
since it runs a service it’s automatically given: “Log on as a service” in Local Security Policy
I did the above but it hangs on downloading packages step.
2012-08-10 15:54:06 ERROR System.ServiceModel.ServerTooBusyException: The HTTP service located at http://10.10.71.46:10933/Packages/ is too busy. —> System.Net.WebException: The remote server returned an error: (503) Server Unavailable.
at System.Net.HttpWebRequest.GetResponse()
at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
any recommendations that has worked to give the tentacle minimum privileges?
If you are getting the error “Retrieving the COM class factory for remote component with CLSID {2B72133B-3F5B-4602-8952-803546CE3344} from machine localhost failed due to the following error: 80070005 localhost.” then you will need to grant Launch and Activation Permissions and Access Permissions to the DCOM component “ahadmin” through Component Services.
If the setting are greyed out you will first need to take ownership of the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID{9fa5c497-f46d-447f-8011-05d03d7d7ddc} and give yourself full access. Then restart component services and the settings will be editable.