[英]How to set "ConnectAs" user in IIS using Powershell
I'm having trouble scripting the "ConnectAs" domain user account for nested web apps in IIS. My target environment is MS Server 2012 R2 with IIS 8, however, I see the same issues on Windows 7 with IIS 7.5.我在为 IIS 中嵌套的 web 应用编写“ConnectAs”域用户帐户脚本时遇到问题。我的目标环境是 MS Server 2012 R2 和 IIS 8,但是,我在 Windows 7 和 IIS 7.
For example, suppose I have the "Default Web Site".例如,假设我有“默认 Web 站点”。 Under that I have "MainApplication".在那之下我有“MainApplication”。 Under that I have another web application for "SubApplication".在此之下,我还有另一个 web 申请“子申请”。
I've tried suggestions found on other sites similar to below with partial success: These first 2 statements work.我尝试了在其他网站上找到的与以下类似的建议并取得了部分成功:前两个陈述有效。
Set-WebConfigurationProperty "system.applicationHost/sites/site[@name='Default Web Site']/application[@path='/MainApplication']/virtualDirectory[@path='/']" -name "username" -value "mydomain\user"
Set-WebConfigurationProperty "system.applicationHost/sites/site[@name='Default Web Site']/application[@path='/MainApplication']/virtualDirectory[@path='/']" -name "password" -value "mypassword"
I can't seem to get the syntax right for the next two statements:我似乎无法为接下来的两个语句获得正确的语法:
Set-WebConfigurationProperty "system.applicationHost/sites/site[@name='Default Web Site']/application[@path='/MainApplication/SubApplication']/virtualDirectory[@path='/']" -name "username" -value "mydomain\user"
Set-WebConfigurationProperty "system.applicationHost/sites/site[@name='Default Web Site']/application[@path='/MainApplication/SubApplication']/virtualDirectory[@path='/']" -name "password" -value "mypassword"
In a perfect world, I would be able to do something similar to below to quickly make all of the web applications run under the same domain user account:在一个完美的世界中,我将能够执行类似于下面的操作,以快速使所有 web 应用程序在同一域用户帐户下运行:
Get-WebApplication | ForEach-Object { $_ | Set-ItemProperty -Name "username" -Value "domain\user" }
Get-WebApplication | ForEach-Object { $_ | Set-ItemProperty -Name "password" -Value "passwordValue" }
or something like this:或类似这样的东西:
Get-WebApplication | ForEach-Object { $_.ChildElements | Select-Object -First 1 | Get-Member -Name "Attributes" | Set-Member -Name "userName" -Value "domain\username" }
Is there a good way to script set all sites, apps, etc to run under a domain user account?有没有一种好的方法可以将所有站点、应用程序等脚本设置为在域用户帐户下运行?
The solution I ended up using was to utilize a xpaths to get the full path for each site, app, & virtual directory. 我最终使用的解决方案是利用xpath来获取每个站点,应用程序和虚拟目录的完整路径。 I found that each type needed to be iterated independently. 我发现每种类型都需要独立迭代。 Below is the function I ended up creating to resolve the issue. 以下是我最终创建的解决问题的功能。
function Set-IIS-ConnectAsUser($username, $password)
{
$dir = Get-Location
cd IIS:\Sites
# update all the web sites to run under the context of the specified user
$webSites = Get-Website
ForEach($webSite in $webSites)
{
$siteName = ($webSite | Select -Property "Name").name
$fullPath = "system.applicationHost/sites/site[@name='$siteName']/application[@path='/']/virtualDirectory[@path='/']"
Set-WebConfigurationProperty $fullPath -Name "username" -Value $username
Set-WebConfigurationProperty $fullPath -Name "password" -Value $password
}
# update all the web applications to run under the context of the specified user
$apps = Get-WebApplication
ForEach($app in $apps)
{
$xpath = ($app | Select -Property "ItemXPath").ItemXPath
$fullPath = "$xpath/virtualDirectory[@path='/']"
$fullPath = $fullPath.Substring(1)
Set-WebConfigurationProperty $fullPath -Name "username" -Value $username
Set-WebConfigurationProperty $fullPath -Name "password" -Value $password
}
# update all the virtual directories to run under the context of the specified user
$virtualDirs = Get-WebVirtualDirectory
ForEach($vdir in $virtualDirs)
{
$xpath = ($vdir | Select -Property "ItemXPath").ItemXPath
$fullPath = $xpath.Substring(1)
Set-WebConfigurationProperty $fullPath -Name "username" -Value $username
Set-WebConfigurationProperty $fullPath -Name "password" -Value $password
}
cd $dir
}
Try this. 试试这个。 Change parent and child names with yours. 用你的名字改变父母和子女的名字。
Set-WebConfiguration "/system.applicationHost/sites/site[@name='Default Web Site']/application[@path='/parent/child']/virtualdirectory[@path='/']" -Value @{userName='andy';password='password'}
Try the below script试试下面的脚本
$deepestPath = "MACHINE/WEBROOT/APPHOST"
$sectionPath = "system.applicationHost/sites/site/application/virtualDirectory"
$appPhysicalPath = "D:\Inetpub\wwwroot\yourApp"
$userName = "domain\serviceaccount"
$password = "#######"
$fullPath=$sectionPath+"[@physicalPath='$appPhysicalPath']"
Set-WebConfigurationProperty -PSPath $deepestPath -Filter $fullPath -Name "userName" -Value $userName
Set-WebConfigurationProperty -PSPath $deepestPath -Filter $fullPath -Name "password" -Value $password
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.