如何设置" ConnectAs" IIS中的用户使用Powershell

时间:2014-08-09 05:02:16

标签: powershell iis permissions

我在IIS中嵌套Web应用程序的“ConnectAs”域用户帐户编写脚本时遇到问题。我的目标环境是带有IIS 8的MS Server 2012 R2,但是,我在IIS 7上看到了与Windows 7相同的问题。

例如,假设我有“默认网站”。在那之下,我有“MainApplication”。在那之下,我有另一个“SubApplication”的Web应用程序。

我已尝试在其他类似于以下网站上找到的建议,但取得了部分成功: 前两个陈述有效。

Set-WebConfigurationProperty "system.applicationHost/sites/site[@name='Default Web Site']/application[@path='/MainApplication']/virtualDirectory[@path='/']" -name "username" -value "mydomain\user" 
Set-WebConfigurationProperty "system.applicationHost/sites/site[@name='Default Web Site']/application[@path='/MainApplication']/virtualDirectory[@path='/']" -name "password" -value "mypassword"

我似乎无法为接下来的两个语句获得正确的语法:

Set-WebConfigurationProperty "system.applicationHost/sites/site[@name='Default Web Site']/application[@path='/MainApplication/SubApplication']/virtualDirectory[@path='/']" -name "username" -value "mydomain\user" 
Set-WebConfigurationProperty "system.applicationHost/sites/site[@name='Default Web Site']/application[@path='/MainApplication/SubApplication']/virtualDirectory[@path='/']" -name "password" -value "mypassword"

在一个完美的世界中,我可以做类似于下面的事情来快速使所有的Web应用程序在同一个域用户帐户下运行:

Get-WebApplication | ForEach-Object { $_ | Set-ItemProperty -Name "username" -Value "domain\user" }
Get-WebApplication | ForEach-Object { $_ | Set-ItemProperty -Name "password" -Value "passwordValue" }

或类似的东西:

Get-WebApplication | ForEach-Object { $_.ChildElements | Select-Object -First 1 | Get-Member -Name "Attributes" | Set-Member -Name "userName" -Value "domain\username" }

是否有一种方法可以将所有网站,应用等设置为在域用户帐户下运行?

2 个答案:

答案 0 :(得分:6)

我最终使用的解决方案是利用xpath来获取每个站点,app和&的完整路径。虚拟目录。我发现每种类型都需要独立迭代。以下是我最终创建的解决问题的功能。 

function Set-IIS-ConnectAsUser($username, $password)
{
    $dir = Get-Location

    cd IIS:\Sites

    # update all the web sites to run under the context of the specified user
    $webSites = Get-Website
    ForEach($webSite in $webSites)
    {
        $siteName = ($webSite | Select -Property "Name").name
        $fullPath = "system.applicationHost/sites/site[@name='$siteName']/application[@path='/']/virtualDirectory[@path='/']"
        Set-WebConfigurationProperty $fullPath -Name "username" -Value $username
        Set-WebConfigurationProperty $fullPath -Name "password" -Value $password
    }

    # update all the web applications to run under the context of the specified user
    $apps = Get-WebApplication
    ForEach($app in $apps)
    {
        $xpath = ($app | Select -Property "ItemXPath").ItemXPath
        $fullPath = "$xpath/virtualDirectory[@path='/']" 
        $fullPath = $fullPath.Substring(1)
        Set-WebConfigurationProperty $fullPath -Name "username" -Value $username
        Set-WebConfigurationProperty $fullPath -Name "password" -Value $password
    }

    # update all the virtual directories to run under the context of the specified user
    $virtualDirs = Get-WebVirtualDirectory
    ForEach($vdir in $virtualDirs)
    {
        $xpath = ($vdir | Select -Property "ItemXPath").ItemXPath
        $fullPath = $xpath.Substring(1)
        Set-WebConfigurationProperty $fullPath -Name "username" -Value $username
        Set-WebConfigurationProperty $fullPath -Name "password" -Value $password
    }


    cd $dir
}

答案 1 :(得分:0)

试试这个。用你的名字改变父母和子女的名字。

Set-WebConfiguration "/system.applicationHost/sites/site[@name='Default Web Site']/application[@path='/parent/child']/virtualdirectory[@path='/']" -Value @{userName='andy';password='password'}
相关问题
最新问题