Introduction
Foremost, I would like to sincerely thank codeproject and all the contributors for great articles, I learn alot from this site, so am really short of words to express my thanks and this is my first attempt to post a very small article but am sure this will help developers when they want to perform IIS settings programatically.
The article helps developers set the authentication and permissions for a website using installer class.
It is indeed very helpful to simplify the deployment process specially in cases when developers have less or no control over the deployment once the setup is handed over to deployment team.
Background
There are scenarios where developers want to ensure that a web site must have specific types of authentication enable/disabled etc as shown in following snap
I had two requirements
1. Windows Authentication to be enabled in IIS and all other authentication to be disabled as shown in above snap.
2. Network ,Network Service and Everyone should have full control to the site
And both of the above should happen without doing maual settings meaning once the deployment setup is over engineer should not manually change the settings, they should be applied automatically.
Before moving forward, I would like to mention that I reffered different sites and my own logic to reach this stage so as of now I dont have referece to respective URL but would like to thank them in case they come across this article.
For performing the above tasks, developer needs to refernce the two dlls namely:
Microsoft.Web.Management.dll and Microsoft.Web.Administration and the same can be located at
Using the code
Please find attached zip file for all the complete sample code, ReadMe.txt and document suggesting detailed steps showing all the steps as how to set the permissions for virtual directory during the setup. Also how to set desired authentication during the setup.
[System.Security.Permissions.SecurityPermission(System.Security.Permissions.SecurityAction.Demand)]
public override void Install(IDictionary stateSaver)
{
base.Install(stateSaver);
stateSaver.Add("targetvdir", Context.Parameters["targetvdir"].ToString());
configureIIS(Context.Parameters["targetvdir"].ToString());
if (!EventLog.SourceExists("SampleApplication"))
{
EventSourceCreationData mySource =
new EventSourceCreationData("SampleApplication", "SampleApplicationLogs");
EventLog.CreateEventSource(mySource);
EventLog.WriteEntry("SampleApplication", "SampleApplication IIS Settings done.");
EventLog.WriteEntry("SampleApplication", "targetvdir..." +
Context.Parameters["targetvdir"].ToString());
}
else
{
EventLog.WriteEntry("SampleApplication", "SampleApplication IIS Settings done.");
EventLog.WriteEntry("SampleApplication",
"targetvdir..." + Context.Parameters["targetvdir"].ToString());
}
stateSaver.Add("targetdir", Context.Parameters["targetdir"].ToString());
DirectorySecurity dirSec = Directory.GetAccessControl(@Context.Parameters["targetdir"].ToString());
FileSystemAccessRule fsar = new FileSystemAccessRule("Everyone",
FileSystemRights.FullControl,
InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit,
PropagationFlags.None,
AccessControlType.Allow);
dirSec.AddAccessRule(fsar);
FileSystemAccessRule fNet = new FileSystemAccessRule("NETWORK",
FileSystemRights.FullControl,
InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit,
PropagationFlags.None,
AccessControlType.Allow);
dirSec.AddAccessRule(fNet);
FileSystemAccessRule fNetServ = new FileSystemAccessRule("NETWORK SERVICE",
FileSystemRights.FullControl,
InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit,
PropagationFlags.None,
AccessControlType.Allow);
dirSec.AddAccessRule(fNetServ);
Directory.SetAccessControl(@Context.Parameters["targetdir"].ToString(), dirSec);
}
private void configureIIS(string vdName)
{
using (ServerManager serverManager = new ServerManager())
{
Microsoft.Web.Administration.Configuration config =
serverManager.GetApplicationHostConfiguration();
Microsoft.Web.Administration.ConfigurationSection anonymousAuthenticationSection =
config.GetSection("system.webServer/security/authentication/anonymousAuthentication",
"Default Web Site/" + vdName);
anonymousAuthenticationSection["enabled"] = false;
Microsoft.Web.Administration.ConfigurationSection windowsAuthenticationSection =
config.GetSection("system.webServer/security/authentication/windowsAuthentication",
"Default Web Site/" + vdName);
windowsAuthenticationSection["enabled"] = true;
serverManager.CommitChanges();
}
}
One can easily identify ConfigureIIS method ensures that windows authentication property is set and anonymous is set to false.
In order to create deployment it is a pre-requisite that developer should have deployment type of project setup installed. This can be downloaded from
here
Once the deployment package is installed, developer can add the deployment type of project as
Assuming you have a web solution ready, as shown in above snap you can add the deployment type project
Ensure the application is set in Release mode
Build the Solution.
Now let us add the installer class which can be done by adding the class library and then adding installer class in it.
Delete the default class and add the installer class as shown in following snap;
Add the code shown above.
Right click Solution file and add the Web Setup project:
Right click the web setup -> add-> Project output as shown
Following pop up will appear add the primary output from deployment project and from installer class. Following figure shows adding from Installer class,
Click OK.
Please add the Primary output from deployment project also the same way as shown in snap.
Click OK.
Right Click the Web Setup project and add custom action as follows:
Rigth click the Install node in Custom Actions and add as shown in following:
Click on Properties or Hit F7 key and add the following custom Action data (ref figure below)
Right click the solution file in solution Explorer and build the solution.
Upon successful build. Open the setup folder:
Run the setup from the Release folder.
That's it friends..........we are all set to deploy the application from the Release folder of the setup project;
Points of Interest
The most interesting part of this article was learning that I had to find out the location where the Virtual directory is getting installed and then set the permission on that folder, so you can identify this part of the code"
Microsoft.Web.Administration.Configuration config = serverManager.GetApplicationHostConfiguration();
Microsoft.Web.Administration.ConfigurationSection anonymousAuthenticationSection =
config.GetSection("system.webServer/security/authentication/anonymousAuthentication",
"Default Web Site/" + vdName);
anonymousAuthenticationSection["enabled"] = false;
Microsoft.Web.Administration.ConfigurationSection windowsAuthenticationSection =
config.GetSection("system.webServer/security/authentication/windowsAuthentication",
"Default Web Site/" + vdName);
windowsAuthenticationSection["enabled"] = true;
serverManager.CommitChanges();
