Unable to access IIsCertMapper object through ADSI

Today, I was working on an issue where we were trying to add mapping for client certificate for a windows account using ADSI and VBScript. Something similar as below:

<%
  Dim CertObj, vCert
  vCert = Request.ClientCertificate("CERTIFICATE")
  Set CertObj = GetObject("IIS://<path>/IIsCertMapper")
  CertObj.CreateMapping vCert, "MYACCT", "MYPASS", "My Name", True
%>

where path is in the format: "<IISServerName>/W3SVC/<Identifier>"
However, script was failing on the 3rd line,

Set CertObj = GetObject("IIS://<path>/IIsCertMapper")

We get “Path not found error”, 80070003. Now this is an expected behavior if this object type is not found in the IIS's metabase. You can search for the above in metabase.xml file. Ideally this should have been there, but since we did not have this, to make it work we had to manually create this for a website in question.

You can try this to have the necessary object type:

> cscript adsutil.vbs CREATE w3svc/1/IIsCertMapper  "IIsCertMapper"     

Microsoft (R) Windows Script Host Version 5.6

Copyright (C) Microsoft Corporation 1996-2001. All rights reserved.

created "w3svc/1/IIsCertMapper"

>

Here 1 is the identifier for the website in question and "IIsCertMapper" is the Object type.

Once done, try restarting IIS services as like (IISRESET from the cmd prompt).

Open the metabase.xml and now we should see an entry as below:

<IIsCertMapper    Location ="/LM/W3SVC/1/IIsCertMapper"
    >
</IIsCertMapper>

Once this entry was created in the metabase.xml we should be able to access this object via ADSI script. This is not only applicable to a specific object type like IIsCertMapper but any other object type associated with IIS.

Hope this helps someone, somewhere, somehow ;-)