Re: IIS6 - Disaster Recovery -IISCNFG - changing Anonymous User

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: David Wang [Msft] (someone_at_online.microsoft.com)
Date: 11/06/04 

Date: Fri, 5 Nov 2004 19:39:09 -0800

Yup, we intend those scripts as "samples" and encourage their re-use. 

-- 
//David
IIS
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"Dennis Redfield" <higgs.boson@play.net> wrote in message
news:%23hRzAzzwEHA.2600@TK2MSFTNGP09.phx.gbl...
ok david, I'm convinced.  Nothing magical about ADSUTIL.VBS - frankly we
normally write our own code to do these sort of tasks (after we crib the
code from ADSUTIL.VBS :).
thank you for the clarification.
dlr
"David Wang [Msft]" <someone@online.microsoft.com> wrote in message
news:%23SztMywwEHA.2600@TK2MSFTNGP09.phx.gbl...
> From a disaster recovery perspective, the user credentials are the things
> that you should use ADSUTIL for -- since that tends to be machine-specific
> information that you cannot copy from machine to machine.  Thus, you must
> tweak it afterwards... and ADSUTIL is ideal for the job.
>
> -- 
> //David
> IIS
> This posting is provided "AS IS" with no warranties, and confers no
rights.
> //
> "Dennis Redfield" <higgs.boson@play.net> wrote in message
> news:%23$G6%23InwEHA.3528@tk2msftngp13.phx.gbl...
> Ok, David,
>     thanks for the clarification.  We have used ADSUTIL in the past but
were
> looking for ways
> to leverage the export/import file (to support disaster recovery
planning).
> ok well.
>
> dlr
>
> "David Wang [Msft]" <someone@online.microsoft.com> wrote in message
> news:eJTIoBYwEHA.4004@tk2msftngp13.phx.gbl...
> > You can easily use ADSUTIL.VBS to set the password afterwards, without
> > needing to know how private data structure is encrypted/decrypted nor
> > serialized.  This method is far better than trying to template the
Export
> > file for the username/password parameter and substituting values at
import
> > time.
> >
> > For example, suppose IIS changes how to encrypt/decrypt such secret
> > properties between different IIS versions (products have to
evolve/improve
> > over time).  You will be broken between every IIS version if you
hard-code
> > to the format.  However, if the API allows you to set a property value
> with
> > the understanding that the value will be encrypted/decrypted by IIS
> > appropriately, code using the API will not be broken between IIS
versions.
> > This is why the API exists, and this is why you should use it.  You can
> view
> > the Export XML as a "shortcut" to move IIS6 configuration around, and
not
> as
> > a generic means to configure IIS.
> >
> > ADSUTIL.VBS SET /MSFTPSVC/AnonymousUserPass "password"   ( no need to
> > encrypt/decrypt -- IIS will do it for you accordingly to the current
> > machine).
> >
> > -- 
> > //David
> > IIS
> > This posting is provided "AS IS" with no warranties, and confers no
> rights.
> > //
> > "Higgs Boson" <higgs.boson@play.net> wrote in message
> > news:eflVguOwEHA.3668@tk2msftngp13.phx.gbl...
> > In IIS6 we can use IISCNFG.VBS to export a copy of the metabase to a
> static
> > XML file.  This same file can be imported into a Web Servers Metabase.
We
> > would like to use this functionality to support disaster recovery when a
> > (non-web farm) Web Server crashes.  Using The import/export
functionality
> > may cause some problems when applied to a recovery web server whose name
> is
> > different than the source web server.  For example.  the FTP Service
> section
> > of the metabase exports looks like:
> >
> > <IIsFtpService Location="/LM/MSFTPSVC"
> >  AdminACL="49634462a00000005... (a very long number)
> >  AllowAnonymous="TRUE"
> >  AnonymousOnly="FALSE"
> >  AnonymousUserName="IUSR_SourceServerName"
> >  AnonymousUserPass="4963446270000... (a very long number)
> >
> > Prior to Import into the new "Target Machine" we would like to change
the
> > AnonymousUserName from the Source Name to the Target Name
> > (like: AnonymousUserName="IUSR_TargetServerName"   )
> >
> > But how would we change the Anonymous User Password (which is encrypted
in
> > some UNDOCUMENTED way)???
> >
> > thanks.
> >
> > dlr
> >
> >
> >
>
>
>

Relevant Pages