We're trying to secure our IIS7 installation by isolating users using Application Pool Identities. This works quite successfully. The problem is, we are trying to automate the creation of websites through the use of Powershell. We can successfully create webs
and application pools using powershell, but the problem comes down to assigning ntfs permissions to the web root directory using the SSID for the Application Pool Identity. It would appear as if the Application Pool Identity is not actually created until the
website receives a request and the application pool worker process starts up. If we create a web, and an application pool, and try assign an NTFS permission to the web root directory using the application pool identity, you can't actually use "IIS AppPool\ApplicationPoolName"
until you've hit the website with a request. This makes it very difficult to automate the creation of the web. Does anyone know of a way to a. Either create the Application Pool Identity SID manually b. Force IIS to create the Application Pool Identity Or
any other solution
↧