I'm creating a virtual folder and would like to manually set the account used for anonymous access to the user who is running the installer application. The reason for this is that in my install, I have a SQL Script that the user can run using Windows Authentication. This works fine, but for a web application, you need to set the account for the IIS application to also be the user that is logged in.
Using the "Set IIS Folder Property" command, I can set AnonymousUserName to the current user after using "Get System Setting" to retrieve the "Logged on User" and setting the IIS folder property to that. What I can't seem to access is the password of the user currently running the application, which is likely the user who should be used to run the application, as I've already connected to the database using that user account by this point.
I could (in theory) query the user for input about what their password is, or the username and password that should run the IIS application that is being created, but there's a problem in the IIS metabase. By using the "Set IIS Folder Property", the value is stored in plain text. I need to be able to set the AnonymousUserPass and also be able to set the property to be a secure property.
If you use Microsoft's IIS Metabase Explorer from the IIS 6.0 Tools, you can see that AnonymousUserPass is being set in plain text and is not secure because the password is easily visible in the Metabase.
How do I go about setting the attributes on this key to be secure and inheritable? Is there a better or recommended way to install .NET web applications and set the application owner such that it is able to access the SQL Database?
Thanks.
Setting anonymous IIS user manually
Who is online
Users browsing this forum: No registered users and 4 guests
