How TO: Change Application Pool Identity Programmatically

  • Article

A few days back I had a thought that how a System Administrator tend to have the same settings on all his thousand-plus servers. Definitely he wouldn't go around in each and every server of his and try creating a new virtual directory or an application pool. He will have some script written that will replicate the settings in every server.

So, there came a thought why don’t I write an ASP.NET2.0 code that might be used as a starter for everyone who is interested doing the same and SO, here I am with my new blog.

Before I start please take a few minutes to go through this MSDN article. I know it will take days together to go through every metabase property, but take this few minutes to have this article added to your favorites J

IIS Metabase Properties

https://msdn2.microsoft.com/en-us/library/ms525644.aspx

I started my application with the initial thoughts that I will focus majorly on changing the application pool identity programmatically. But I have included a few basic operations like creating/deleting or starting/stopping the application pool. So here goes my code. Create a new ASP.NET2.0 website and add these lines of code in the code behind.

using System.DirectoryServices;

public partial class _Default : System.Web.UI.Page

{

    protected void Page_Load(object sender, EventArgs e)

    {

        //Initialize the metabase path

        string metabasePath = "IIS://localhost/W3SVC/AppPools";

        //Specify the name for your application pool

        string appPoolName = "testAppPool"; //specify the domain account as domain\username

        //Specify the identity that will run the application pool

        string appPoolUser = "User1";

        //Specify the password for the user

        string appPoolPass = "Password1";

        DirectoryEntry pool1;

        DirectoryEntry apppools = new DirectoryEntry(metabasePath);

        pool1 = apppools.Children.Find(appPoolName, "IIsApplicationPool");

        /*Change Application Pool Identity*/

        pool1.InvokeSet("AppPoolIdentityType", new Object[] { 3 });

        pool1.InvokeSet("WAMUserName", new Object[] { Environment.MachineName + @"\" + appPoolUser }); //If you are using a local account

        pool1.InvokeSet("WAMUserPass", new Object[] { appPoolPass });

       

        /*Commit changes*/

        pool1.CommitChanges();

    }

}

That’s it!!! Go ahead and check the IIS admin to make sure that the identity is set to run under the desired user. J

THINGS THAT NEEDS TO BE TAKEN CARE OF:

Ø Make a copy of the metabase before making any changes.

Ø Make sure that the identity running the application has necessary permissions to access the metabase, generally should be an Administrator account.

Ø Make sure that the identity that you are using is a part of IIS_WPG group

FEW MORE TIPS:

I need to –

Ø Create new application pool

pool1 = apppools.Children.Add(appPoolName, "IIsApplicationPool");

Ø Start application pool

pool1.Invoke("start", new object[] { });

Ø Stop application pool

pool1.Invoke("stop", new object[] { });

Ø Delete application pool.

apppools.Children.Remove(pool1);

Note: Make sure to find the application pool first and be sure not to commit changes after removing

Ø Change Recycle Worker Process(in minutes)

pool1.InvokeSet("PeriodicRestartTime", new Object[] { 2400 });

Please let me know if I have missed something, any feedback appreciated!

Have fun coding!!!