Home All Groups Group Topic Archive Search About

Scripting Authentication and Access Control Id

microsoft.public.inetserver.iis.security
Author
24 Feb 2009 7:47 PM
Paul Bergson [MVP-DS]
I have several iis 6.0 servers (o/s W2K3) that have an asp file that runs
under elevated privileges with iis browse to the file - properties / file
security / authentication and access control.  The password of the user id
this runs under, on this asp file, needs to be changed frequently do to our
password policy.

Is anyone aware of a way that I could script the password change on this
file.  It seems like a waste of time to have to manually do this when all of
our other password changes are automated.

--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup This
posting is provided "AS IS" with no warranties, and confers no rights.

Author
2 Mar 2009 7:26 PM
Ken Schaefer
Hi Paul,

Where are you "setting" this password? Are you storing this password as the
"anonymous IIS user account"? or are you storing this in the ASP webpage
itself? Or the IIS app pool ID? or where?

IIS configuration can be programmatically changed via ADSI, WMI and so on.
If you have hard coded this into the web page itself, then you could write a
script that does some find/replace somehow and rewrites the file.

Can you elaborate where you storing the password?

Cheers
Ken

Show quoteHide quote
"Paul Bergson [MVP-DS]" <pbbergs@nopspam_msn.com> wrote in message
news:5F070F17-6D25-4CA2-A7EA-D27EE374A741@microsoft.com...
> I have several iis 6.0 servers (o/s W2K3) that have an asp file that runs
> under elevated privileges with iis browse to the file - properties / file
> security / authentication and access control.  The password of the user id
> this runs under, on this asp file, needs to be changed frequently do to
> our password policy.
>
> Is anyone aware of a way that I could script the password change on this
> file.  It seems like a waste of time to have to manually do this when all
> of our other password changes are automated.
>
> --
> Paul Bergson
> MVP - Directory Services
> MCTS, MCT, MCSE, MCSA, Security+, BS CSci
> 2008, 2003, 2000 (Early Achiever), NT4
>
> http://www.pbbergs.com
>
> Please no e-mails, any questions should be posted in the NewsGroup This
> posting is provided "AS IS" with no warranties, and confers no rights.
>
>



Post Other interesting topics
Urgent help: Possible security breach
can someone explain this weird behaviour?
IIS IUSR_ PROBLEM
UNC Virtual Directories; NTFS permission authentication not accept
Convert Self-Signed Certificate?
How to pass user credentials to IE
Certificate authority
IIS 6 and IE6 sending authentication via URL?
How to disable HTTP trace in IIS 5
How to disable SSL v2 support on IIS 6.0?