Can a script update the Identity tab fields of Application Pool properties in IIS 6.0+

Question

I am a developer and I have arrived at a solution to a webservice authentication problem that involved ensuring Kerberos was maintained because of multiple network hops. In short:

A separate application pool for the virtual directory hosting the webservice was established
The Identity of this application pool is set to a configurable account (DOMAINname\username which will remain constant but the strong password is somehow changed every 90 days I think); at a given point in time, the password is known or obtainable somehow by our system admin).

Is there a script language that could be used to setup a new application pool for this application and then set the identity as described (rather than manual data entry into property pages in IIS)?

I think our system admin knows a little about Powershell but can someone help me offer him something to use (he will need to repeat this on 2 more servers as the app is rolled out). Thanks.

score 7 · Answer 1 · edited May 28 '12 at 14:04

7

You can use such PowerShell script:

Import-Module WebAdministration
$appPool = New-WebAppPool -Name "MyAppPool"
$appPool.processModel.userName = "domain\username"
$appPool.processModel.password = "ReallyStrongPassword"
$appPool.processModel.identityType = "SpecificUser"
$appPool | Set-Item

edited May 28 '12 at 14:04

Roger Lipscombe

89,048
55
235
380

answered Nov 24 '11 at 23:03

Petr Felzmann

1,271
4
19
39

1

Set-Item : Provider execution stopped because the provider does not support this operation. – Roger Lipscombe May 28 '12 at 14:03
Worked for me and I added $appPool.managedRuntimeVersion ="v4.0". Windows Server 2008 R2 SP1 Powershell 3 – rob Jan 15 '14 at 14:04
see http://stackoverflow.com/a/26391894/17373 for "one-line" approach to setting identity – Greg Bray Jan 06 '16 at 00:57

Can a script update the Identity tab fields of Application Pool properties in IIS 6.0+

1 Answers1