以编程方式编辑IIS IPGrant表

Question

我一直致力于在IIS中编辑IPGrant表的程序化解决方案。

目前，我可以正确查看IPGrant列表，并添加CAN。

但是，我无法删除或替换IPGrant列表中的项目。

MSDN等建议您将（旧列表的值+新值）写入List，但是我发现我得到了“无法使用该名称创建文件，文件已存在”的HResult 。 添加到列表只适用于我如果我只传入新值。

经过一番阅读：

http://www.west-wind.com/weblog/posts/59731.aspx
http://www.aspdev.org/articles/web.config/
http://www.codeproject.com/KB/security/iiswmi.aspx
http://www.codeproject.com/KB/security/iiswmi.aspx?msg=1739049
http://blogs.msdn.com/b/shawnfa/archive/0001/01/01/400749.aspx
http://msdn.microsoft.com/en-us/library/ms524322%28VS.90%29.aspx
http://www.eggheadcafe.com/software/aspnet/33215307/setting-ip-restrictions-in-iis-7.aspx

我发现IIS 7/6与使用元数据库存在兼容性问题 - 因为只能添加，而不是删除。

是否有更新的IIS 7 / 7.5方法可以使用（在c＃中）管理IPGrant表。

Answer 1

您可以使用Microsoft.Web.Administration，或AppCmd或Javascript（COM-AHADMIN）来执行此操作，以下是有关如何删除的一些示例：

private static void Main() {

    using(ServerManager serverManager = new ServerManager()) { 
        Configuration config = serverManager.GetApplicationHostConfiguration();

        ConfigurationSection ipSecuritySection = config.GetSection("system.webServer/security/ipSecurity");

        ConfigurationElementCollection ipSecurityCollection = ipSecuritySection.GetCollection();

        ConfigurationElement addElement = FindElement(ipSecurityCollection, "add", "ipAddress", @"169.132.124.234", "subnetMask", @"255.255.255.255", "domainName", @"");
        if (addElement == null) throw new InvalidOperationException("Element not found!");

        ipSecurityCollection.Remove(addElement);

        serverManager.CommitChanges();
    }
}

private static ConfigurationElement FindElement(ConfigurationElementCollection collection, string elementTagName, params string[] keyValues) {
    foreach (ConfigurationElement element in collection) {
        if (String.Equals(element.ElementTagName, elementTagName, StringComparison.OrdinalIgnoreCase)) {
            bool matches = true;

            for (int i = 0; i < keyValues.Length; i += 2) {
                object o = element.GetAttributeValue(keyValues[i]);
                string value = null;
                if (o != null) {
                    value = o.ToString();
                }

                if (!String.Equals(value, keyValues[i + 1], StringComparison.OrdinalIgnoreCase)) {
                    matches = false;
                    break;
                }
            }
            if (matches) {
                return element;
            }
        }
    }
    return null;
}

使用Javascript：

var adminManager = new ActiveXObject（'Microsoft.ApplicationHost.WritableAdminManager'）; adminManager.CommitPath =“MACHINE / WEBROOT / APPHOST”;

var ipSecuritySection = adminManager.GetAdminSection（“system.webServer / security / ipSecurity”，“MACHINE / WEBROOT / APPHOST”）;

var ipSecurityCollection = ipSecuritySection.Collection;

var addElementPos = FindElement（ipSecurityCollection，“add”，[“ipAddress”，“169.132.124.234”，“subnetMask”，“255.255.255.255”，“domainName”，“”]）; if（addElementPos == -1）抛出“未找到元素！”;

ipSecurityCollection.DeleteElement（addElementPos）;

adminManager.CommitChanges（）;

function FindElement（collection，elementTagName，valuesToMatch）{     for（var i = 0; i＆lt; collection.Count; i ++）{         var element = collection.Item（i）;

    if (element.Name == elementTagName) {
        var matches = true;
        for (var iVal = 0; iVal < valuesToMatch.length; iVal += 2) {
            var property = element.GetPropertyByName(valuesToMatch[iVal]);
            var value = property.Value;
            if (value != null) {
                value = value.toString();
            }
            if (value != valuesToMatch[iVal + 1]) {
                matches = false;
                break;
            }
        }
        if (matches) {
            return i;
        }
    }
}

return -1;

}

最后AppCmd.exe：
appcmd.exe set config -section：system.webServer / security / ipSecurity /-"[ipAddress='169.132.124.234',subnetMask='255.255.255.255',domainName='']“/ commit：apphost