How to set anonymous Authentication for a vroot in IIS

 

It is always a good time to write a blog if your source code access permission expires and you wait for someone to approve your request. Since I couldn’t find a good example how to do this and spend some time this thing deserves its blog post. What I want is a very basic operation: I want to set anonymous access for a vroot and I must do this in a scriptable way so that other devs in our team can deploy the WCF service that I am developing. Before appcmd.exe to manipulate IIS configs we had adsutil.vbs scripts which is kind a straight forward. I found appcmd a little bit challenging but more powerful.

 

So here is the way to make a vroot anonymous

 

%systemroot%\system32\inetsrv\APPCMD set config "Default Web Site/myVroot" /section:system.webServer/security/authentication/anonymousAuthentication /enabled:"True" /userName:"" /commit:apphost

 

Don’t forget to do an iisreset to see the effects. As you can see the username is empty so an anonymous request will work under the identity of the appPool of this vroot but you can make it work under any other identity. And you must add /commit:apphost to make this change applied to the configuration.

If you want to change any other property take a look at the section of the property in application.config file and put it as section parameter. Never hand edit the application.config file.