The Web Deployment Tool will be releasing a brand new feature in the newest version 1.1. This new feature will allow users to store their passwords in Window’s credential store on command-line using Web Deploy and / or access credential stored password information via command-line. This is very useful if you do not want to expose your password on command-line and keep it from showing up in any of your log files that may capture command line input.
The way to accomplish this is two new switches ( straight from command-line help ):
Target identifies the credentials (username
and password) in the Windows Credential
Manager to be used when connecting to
Username and password will be stored in the
Windows Credential Manager under the target
Example of “storeCredentials” is as follows:
msdeploy.exe –verb:dump –source:iisapp=”Default Web Site/”,computername=MachineName,username=User,password=Password,storeCredentials=UserCredential
Now to get the above credential back using the “getCredentials”.
msdeploy.exe –verb:dump –source:iisapp=”Default Web Site/”,computername=MachineName,getCredentials=UserCredential
In the above examples there is a few things to take note of starting with the “storeCredential” switch.
> Regardless of the output, the target credential will be stored if Web Deploy can interpret the command successfully.
> “storeCredential” is very useful in XP environments as there is no UI for credential store in XP.
> You can view credentials you store in non-XP operating systems in a UI like this one, ( 2008 example ) by navigating “User Accounts > Manage your network passwords”
Some notes about “getCredentials”:
> You can only do a “getCredentials” on credentials that your user account stored, so if any user stores credentials in the credential store, you will not be able to use this target under a different user who did not store the credentials. And actually, Web Deploy will give no indication whether or not the target existed in the store.
> A downside to this is you will have to perform a storeCredentials on any targets you use when you switch to other user accounts.