Anonymous access - Metabase.xml

TheMSsForum.com: The Microsoft Software Forum

Hi ,

IIS 6.0 / Win 2003 Server [Ent]

We are trying to add an alternative user account [similiar
to IUSR_ComputerName but with slightly more privilidges]
to the IIS Directory Security anonymous user.

I have used VBS to change settings in MetaBase.xml already
but I am enquiring if it is possible to change the
Anonymous user by this method ?

What about the password - ISUR_ComputerName seems to have
one when viewed in the xml file but is this really a
password , can we add our user and a blank password.

Eoin
Top

RE: Anonymous access - Metabase.xml by v-wdxu

v-wdxu
Wed Nov 26 20:05:09 CST 2003

Hi Eoin,

Thank you for posing in the MSDN managed newsgroup!

From my experience on this issue, you can specify one account for the anonymous users in IIS. In IIS mmc, please go to the security tab of the
site's property. In authentication and access control, press the "edit..." button. Authentication methods window will pop up. You can select one
account for the anonymous access.

For script, you can use Windows Management Instrumentation (WMI) or Microsoft Active Directory Service Interfaces (ADSI) which will help you a
lot on the management of IIS. Based on my experience, I'd suggest you can use WMI to build the management vbs for the account management.
WMI is a component of the Microsoft Windows operating system and is the Microsoft implementation of Web-Based Enterprise Management
(WBEM), which is an industry initiative to develop a standard technology for accessing management information in an enterprise environment. All
the management script of IIS6 located in %SYSTEMROOT%\System32\IIS*.vbs from Windows 2003 are built with WMI. You will obtain a lot
regarding the usage of WMI from these files.

Furthermore, I'd suggest you can obtain more information from msdn.microsoft.com. Please go to:
Using WMI to Manage IIS
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/iisref/htm/prog_wmi_using.asp

Using ADSI to Manage IIS
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/iisref/htm/TheIISADSIProvider.asp

There are also some samples for you to manage the IIS Programmatically.
Windows Scripting Samples for Programmatic Administration
http://msdn.microsoft.com/library/en-us/iisref/htm/samp_adminsamples.asp?frame=true

In addition, if you can create one account without password in the server or domain (without any restriction of domain policy for the user name
password), you can specify this account to IIS directly.

Please feel free to let me know if you have any further questions.

Does this answer your question? Thank you for using Microsoft NewsGroup!

Wei-Dong Xu
Microsoft Product Support Services
Get Secure! - www.microsoft.com/security
This posting is provided "AS IS" with no warranties, and confers no rights.


Top