Question:
I am a developer and I have arrived at a solution to a webservice authentication problem that involved ensuring Kerberos was maintained because of multiple network hops. In short:
- A separate application pool for the virtual directory hosting the webservice was established
- The Identity of this application pool is set to a configurable account (DOMAINname\username which will remain constant but the strong password is somehow changed every 90 days I think); at a given point in time, the password is known or obtainable somehow by our system admin).
Is there a script language that could be used to setup a new application pool for this application and then set the identity as described (rather than manual data entry into property pages in IIS)?
I think our system admin knows a little about Powershell but can someone help me offer him something to use (he will need to repeat this on 2 more servers as the app is rolled out). Thanks.
Answer:
You can use such PowerShell script:
|
1 2 3 4 5 6 7 |
Import-Module WebAdministration $appPool = New-WebAppPool -Name "MyAppPool" $appPool.processModel.userName = "domain\username" $appPool.processModel.password = "ReallyStrongPassword" $appPool.processModel.identityType = "SpecificUser" $appPool | Set-Item |