app pool permissions to virtual directory

Welcome Forums DSC (Desired State Configuration) app pool permissions to virtual directory

This topic contains 7 replies, has 3 voices, and was last updated by

 
Participant
5 months ago.

  • Author
    Posts
  • #151814

    Participant
    Topics: 30
    Replies: 13
    Points: 56
    Rank: Member

    how can i assign the AppPool identity to a virtual directory?

    this is what i have to create the virtual

    @{
      Name = 'test'
      PhysicalPath = 'c:\download\test'
      Ensure = 'Present'
      IISAnonymousAuth = 'Enabled'
      IISAnonymousUser = ''
    }
    

     

     

  • #151820

    Participant
    Topics: 0
    Replies: 113
    Points: 589
    Helping Hand
    Rank: Major Contributor

    Is this for a DSC Configuration?

    pwshliquori

  • #151874

    Participant
    Topics: 4
    Replies: 54
    Points: 382
    Helping Hand
    Rank: Contributor

    If this is normal PS then

    
    $DB = 'Application_name'
    
    New-Item IIS:\appPools\$DB'_2019'
    #Set the idle time to 90(off)
    Set-ItemProperty IIS:\AppPools\$DB'_2019' -Name processModel.idleTimeout -value ( [TimeSpan]::FromMinutes(90))
    #disable the regular time of 1740 minutes
    Set-ItemProperty IIS:\AppPools\$DB'_2019' -Name Recycling.periodicRestart.time -Value "00:00:00"
    #Clear any scheduled restart times
    Clear-ItemProperty IIS:\AppPools\$DB'_2019' -Name Recycling.periodicRestart.schedule
    #Set scheduled restart times
    Set-ItemProperty IIS:\AppPools\$DB'_2019' -Name Recycling.periodicRestart.schedule -value @{value="07:00:00"}
    #endregion
    
    New-Item "IIS:\Sites\Default Web Site\$DB" -physicalPath $DBPath -type Application
    Set-ItemProperty "IIS:\Sites\Default Web Site\$DB" -name applicationPool -value $DB'_2019'
    
    
  • #151895

    Participant
    Topics: 0
    Replies: 113
    Points: 589
    Helping Hand
    Rank: Major Contributor

    I do not believe you can set the app pool identity on a virtual directory. The app pool identity is inherited from the website or web application. You can set the app pool identity using the xWebAppPool DSC Resource and then assign the app pool to the website or web application.

    $Credential = Get-Credential -Message 'Enter app pool identity credential'
    xWebAppPool appPool1 {
        Ensure = 'Present'
        Name = 'myAppPool'
        IdentityType = 'SpecificUser'
        Credential = $Credential
    }
    

    The IdentityType parameter tells the app pool which account identity to run under. The acceptable values are: ApplicationPoolIdentity, LocalService, LocalSystem, NetworkService, and SpecificUser. Please refer to the GitHub documentation on xWebAdministration to learn how to apply the resources.

    xWebAdministration

    pwshliquori

  • #151922

    Participant
    Topics: 30
    Replies: 13
    Points: 56
    Rank: Member

    this is how i normally create a site under the DSC configuration, i just want to change permission on the virtual directory , that can be done under the GUI.

    
    @{
    ShortName = 'test'
    DNSSuffix = '123.com'
    SiteAuthors = ('webdude')
    State = 'Started'
    Certificate = 'sdfadsffadsfasdfdsC387F7788DF212B4F'
    RuntimeVersion = 'v4.0'
    Enable32Bit = 'Disabled'
    HSTS = 'Present'
    HSTSAge = '128000'
    Nodes = ('server1', 'server2')
    IISAnonymousAuth = 'Enabled'
    IISAnonymousUser = "
    IISWindowsAuth = 'Disabled'
    Applications = @()
    VirtualDirectories = @(
    @{
    Name = 'share'
    PhysicalPath = "\\windows2016.123.com\sdev"
    Ensure = "Present"
    }
    )
    }
    
    
  • #151929

    Participant
    Topics: 0
    Replies: 113
    Points: 589
    Helping Hand
    Rank: Major Contributor

    Unfortunately, there is not a way of doing this using the xWebVirtualDirectory resource at the time of writing this. You should be able to use the xWebConfigProperty which uses the Get/Set-WebConfigurationProperty Cmdlet that should allow you to set the identity of the virtual directory.

    @{
        WebSitePath = 'MACHINE/WEBROOT/APPHOST'
        Filter = "/system.applicationHost/sites/site[@name='test']/application/virtualdirectory[@path='/share']"
        PropertyName = 'username'
        Value = 'domain\user'
        Ensure = 'Present'
    }
    

    pwshliquori

  • #151937

    Participant
    Topics: 30
    Replies: 13
    Points: 56
    Rank: Member

    thank you.

    what should i be looking for to see if a module has the ability to handle a resource going forward?

     

  • #151938

    Participant
    Topics: 0
    Replies: 113
    Points: 589
    Helping Hand
    Rank: Major Contributor

    DSC Resources are documented in GitHub and I believe still updated Monthly. All of the resources are located here:

    GitHub – DSCResources

    GitHub – xDscResources

    pwshliquori

The topic ‘app pool permissions to virtual directory’ is closed to new replies.