ISAPI Filter is not configured for the Team Foundation Server Web site

  • 아티클

The information in this article applies to:

  • Visual Studio Team Foundation Server 2010

  • Windows Server 2003 and Windows Server 2008 

  • Application-tier server

  • Team Foundation Server Complete Health Check

  • Team Foundation Server Framework Health Check

The Best Practices Analyzer tool for Team Foundation Server checks for the presence of the AuthenticationFilter.ini file on the application-tier server. An error appears if the following condition is true:

  • AuthenticationFilter.ini is not present

    Internet Information Services (IIS) uses the AuthenticationFilter.inifile to configure the AuthenticationFilter.dll assembly as an ISAPI filter on the Web site for Team Foundation Server. To resolve this issue, you must create the ISAPI filter file as described later in this topic. For more information about this file, see this topic on the Microsoft Web site: Team Foundation Server, Basic Authentication, and Digest Authentication.

Required Permissions

To complete this procedure, you must be a member of the Administrators group on the application-tier server for Team Foundation.

To create the ISAPI filter file

  1. On the application-tier server, open Notepad, and copy the following text into it:

    [config]
RequireSecurePort=true
ProxyIPList=ProxyAddress
SubnetList=IP/SubnetMask

  2. Replace the following elements as indicated:

    참고

    You can specify more than one value for either ProxyAddress or IP/SubnetMask, but you must delimit multiple values with semicolons.

    • ProxyAddress: Type the IP address from which external network traffic to Team Foundation will appear to originate (usually a router). This address will use HTTPS/SSL together with Basic authentication, Digest authentication, or both. If you are not using a proxy server, provide any valid IP/subnet mask (for example, 172.16.0.0/255.255.255.255). This key takes precedence over SubnetList. If you specify the ProxyIPList key, the SubnetList key and its values are ignored.

    • IP/SubnetMask: Type the IP address/subnet mask pair or pairs for which you do not want to enforce Digest or Basic authentication (for example, 192.168.0.0/255.255.0.0). If you specify the ProxyIPList key, the SubnetList key and its values are ignored.

      중요

      Do not type a semicolon (;) at the end of each line. If you add semicolons, the ISAPI filter will fail.

  3. Save this file as AuthenticationFilter.ini in the following directory:

    Drive:\Program Files\Microsoft Team Foundation Server 2010\Tools

See Also

Other Resources

Issues That Relate to the Application Tier for Team Foundation