Figure: Ports Required
To support this initiative we employ the use of shadow accounts (mirrored local accounts). In our test case we created local accounts named “localTfsBuild” on the Team Build Server and Team Foundation Server Application Tier using identical passwords. A host entry was also added on the Team Build Server with the TCP/IP address and host name of the Team Foundation Server Application Tier.
Using the Team Foundation Server Administration Console on the TFS Application Tier we add the local account created above into the “Project Collection Build Service Accounts” group.
The Build Service is installed but not configured initially, with the Project Collection information added later. In the build configuration wizard don’t select a project collection just leave it blank, then use network service and get to the end.
Steps (performed on the Build Server)
Run the Team Foundation Server 2010 Setup
Click on the Team Foundation Build Service Checkbox
On the last install dialog uncheck the Launch Team Foundation Server Configuration Tool Checkbox and click Finish
Install TFS 2010 SP1
Install TFS 2010 SP1 Cumulative Update
Launch the Team Foundation Administration Console
Click on Build Configuration
Click Configure Installed Features
Click Start Wizard
Do not select a team project collection and Click Next
Click Stop to stop the Build Service, then Click Properties
Enter the Name or URL of your Team Foundation Server and Click OK
Enter the credentials of a user (like DOMAIN\_tfsInstaller) with Admin permissions on TFS 2010 and click OK
Select the Team Project Collection you want to add the Build Service and click Connect (You may be prompted again for credentials – just enter them a second time)
In the Credentials section select This account and enter the credentials of the build account .\localTfsBuild and the password.and click Start
If you made it here then the service should be running and configured, if you received an error connecting verify the localTfsBuild account is the same on both machines and that the passwords match, do not specify an alias for the TFS server use the real machine name and if a DNS lookup is not available make sure the name and IP address of the TFS server is defined in the local HOSTS file of the build server.
Click New Agent…
Click OK (unless you want to change any of the default settings)
The Agent should be started (indicated by the Green color)
If the Agent does not start, you must make sure your build server resolves from the TFS side of the network (try PING) if the HOST name does not resolve to an IP then add it to the DNS.
Use the Test Connection on the Build Agent Properties dialog to test communications between the Build Agent, TFS Server and Build Controller.
If you have still have connection issues verify the Windows Firewall is not causing your problem, verify the network connection shown in Network and Sharing Center is either Private Network or Domain Network otherwise inbound traffic will fail.
Below is an example of a FIREWALL issue blocking communications on TCP Port 9191
Default Agent – Not Really Ready (indicated by the Red color)
Clicking Build Agent Properties shows status as Build Agent Unavailable