无法通过C#将IIS应用程序池添加到本地用户组

时间:2012-07-27 21:20:43

标签: c# iis permissions active-directory

我正在尝试通过C#远程将IIS应用程序池用户添加到本地用户组,​​并且遇到了一些困难。

我尝试了以下两种方法:

// This results in a ArgumentNullException because user is never set
using (PrincipalContext pc = new PrincipalContext(ContextType.Machine, serverName))
{
    UserPrincipal user = UserPrincipal.FindByIdentity(pc, String.Format(@"IIS APPPOOL\{0}", rootApplicationPoolName));
    GroupPrincipal myGroup = GroupPrincipal.FindByIdentity(pc, "mygroupname");
    myGroup.Members.Add(user);
    myGroup.Save();
}

此外:

// This results in a NoMatchingPrincipalException saying the user could not be found
using (PrincipalContext pc = new PrincipalContext(ContextType.Machine, serverName))
{
    GroupPrincipal myGroup= GroupPrincipal.FindByIdentity(pc, "mygroupname");
    myGroup.Members.Add(pc, IdentityType.Name, String.Format(@"IIS APPPOOL\{0}", appPoolName));
    myGroup.Save();
}

我可以手动将此用户添加到群组中,但效果很好。

我错过了什么?

0 个答案:

没有答案