Iis 将应用程序池的标识设置为Azure中的LocalSystem
在Iis 将应用程序池的标识设置为Azure中的LocalSystem,iis,azure,localsystem,Iis,Azure,Localsystem,在ServiceDefinition.csdef或其他地方有没有办法做到这一点,而不用去IIS手动调整 我尝试了webrole的executionContext=“hiveled”,但没有成功 更新 如果在Azure IIS上安装“IIS 6元数据库兼容性”,下面显示的错误将消失 这引发了另一个问题,即如何在Azure上的部署阶段自动安装“IIS 6元数据库兼容性”。 @astaykov,我喜欢评论,但是下面的代码太大了,所以我用这个地方 我使用的代码与Wade Wagner编写的代码相同:
ServiceDefinition.csdef
或其他地方有没有办法做到这一点,而不用去IIS手动调整
我尝试了webrole的executionContext=“hiveled”
,但没有成功
更新
如果在Azure IIS上安装“IIS 6元数据库兼容性”,下面显示的错误将消失
这引发了另一个问题,即如何在Azure上的部署阶段自动安装“IIS 6元数据库兼容性”。
@astaykov,我喜欢评论,但是下面的代码太大了,所以我用这个地方 我使用的代码与Wade Wagner编写的代码相同:
public override bool OnStart()
{
// http://code.msdn.microsoft.com/windowsazure/CSAzureChangeAppPoolIdentit-27099828
// This variable is used to iterate through list of Application pools
string metabasePath = "IIS://localhost/W3SVC/AppPools";
string appPoolName;
using (ServerManager serverManager = new ServerManager())
{
//Get the name of the appPool that is created by Azure
appPoolName = serverManager.Sites[RoleEnvironment.CurrentRoleInstance.Id + "_Web"].Applications.First().ApplicationPoolName;
// Get list of appPools at specified metabasePath location
using (DirectoryEntry appPools = new DirectoryEntry(metabasePath))
{
// From the list of appPools, Search and get the appPool that is created by Azure
using (DirectoryEntry azureAppPool = appPools.Children.Find(appPoolName, "IIsApplicationPool"))
{
if (azureAppPool != null)
{
// Refer to:
// http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/e3a60d16-1f4d-44a4-9866-5aded450956f.mspx?mfr=true,
// http://learn.iis.net/page.aspx/624/application-pool-identities/
// for more info on AppPoolIdentityType
azureAppPool.InvokeSet("AppPoolIdentityType", new Object[] { 0 }); // MD_APPPOOL_IDENTITY_TYPE_LOCALSYSTEM
// Write above settings to IIS metabase
azureAppPool.Invoke("SetInfo", null);
// Commit the above configuration changes that are written to metabase
azureAppPool.CommitChanges();
}
}
}
}
RoleInRun = true;
TaskInRun = false;
return base.OnStart();
}
我可以在appPoolName
处获取rigth值,但此处发生错误:
使用(DirectoryEntry azureAppPool=appPools.Children.Find(appPoolName,“IIsApplicationPool”)
我到处寻找解决方案,但仍然找不到线索
以下错误来自IIS事件:
Application: WaIISHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.InteropServices.COMException
Stack:
at System.DirectoryServices.DirectoryEntry.Bind(Boolean)
at System.DirectoryServices.DirectoryEntry.Bind()
at System.DirectoryServices.DirectoryEntry.get_IsContainer()
at System.DirectoryServices.DirectoryEntries.Find(System.String, System.String)
at GimmeRank.Redirector.WebRole.OnStart()
at Microsoft.WindowsAzure.ServiceRuntime.RoleEnvironment.InitializeRoleInternal(Microsoft.WindowsAzure.ServiceRuntime.Implementation.Loader.RoleType)
at Microsoft.WindowsAzure.ServiceRuntime.Implementation.Loader.RoleRuntimeBridge.<InitializeRole>b__0()
at System.Threading.ExecutionContext.runTryCode(System.Object)
at System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode, CleanupCode, System.Object)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()
应用程序:WaIISHost.exe
框架版本:v4.0.30319
描述:由于未处理的异常,进程已终止。
异常信息:System.Runtime.InteropServices.COMException
堆栈:
位于System.DirectoryServices.DirectoryEntry.Bind(布尔值)
位于System.DirectoryServices.DirectoryEntry.Bind()处
在System.DirectoryServices.DirectoryEntry.get_IsContainer()中
位于System.DirectoryServices.DirectoryEntries.Find(System.String,System.String)
在GimmeRank.Redirector.WebRole.OnStart()上
位于Microsoft.WindowsAzure.ServiceRuntime.RoleEnvironment.InitializeRoleInternal(Microsoft.WindowsAzure.ServiceRuntime.Implementation.Loader.RoleType)
在Microsoft.WindowsAzure.ServiceRuntime.Implementation.Loader.RoleRuntimeBridge.b_u0()中
位于System.Threading.ExecutionContext.runTryCode(System.Object)
在System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuarantedCleanup(TryCode,CleanupCode,System.Object)中
在System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext,System.Threading.ContextCallback,System.Object,布尔值)
在System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext,System.Threading.ContextCallback,System.Object)上运行
位于System.Threading.ThreadHelper.ThreadStart()处
Anyideas?executionContext=“Highted”将仅以本地系统帐户的身份运行RoleEntryPoint,但它不是IIS池标识
你可能想退房。他在那里描述的内容可以在OnStart方法中与executionContext=“Highted”一起运行(因为只有管理员可以更改池标识)。如果这对本地系统不起作用,您可以为RDP创建一个用户,它将添加到Administrators组中,并且您可以为该用户设置iis应用程序池标识
更新
嗯,我使用了以下方法(类似),效果很好:
private void SetAppPoolIdentity()
{
string appPoolUser = "myRDP_admin_user";
string appPoolPass = "my_super_secure_password";
Action<string> iis7fix = (appPoolName) =>
{
bool committed = false;
while (!committed)
{
try
{
using (ServerManager sm = new ServerManager())
{
var applicationPool = sm.ApplicationPools[appPoolName];
applicationPool.ProcessModel.IdentityType = ProcessModelIdentityType.SpecificUser;
applicationPool.ProcessModel.UserName = appPoolUser;
applicationPool.ProcessModel.Password = appPoolPass;
sm.CommitChanges();
committed = true;
}
}
catch (FileLoadException fle)
{
Trace.TraceError("Trying again because: " + fle.Message);
}
}
};
// ServerManager in %WinDir%System32InetSrvMicrosoft.Web.Administration.dll
var sitename = RoleEnvironment.CurrentRoleInstance.Id + "_Web";
var appPoolNames = new ServerManager().Sites[sitename].Applications.Select(app => app.ApplicationPoolName).ToList();
appPoolNames.ForEach(iis7fix);
}
private void SetAppPoolIdentity()
{
字符串appPoolUser=“myRDP\u admin\u user”;
字符串appPoolPass=“我的超级安全密码”;
操作iis7fix=(appPoolName)=>
{
bool-committed=false;
当(!承诺)
{
尝试
{
使用(ServerManager sm=new ServerManager())
{
var applicationPool=sm.ApplicationPools[appPoolName];
applicationPool.ProcessModel.IdentityType=ProcessModelIdentityType.SpecificUser;
applicationPool.ProcessModel.UserName=appPoolUser;
applicationPool.ProcessModel.Password=appPoolPass;
sm.CommitChanges();
承诺=真实;
}
}
捕获(FileLoadException fle)
{
Trace.TraceError(“重试原因:”+fle.Message);
}
}
};
//%WinDir%System32InetSrvMicrosoft.Web.Administration.dll中的服务器管理器
var sitename=RoleEnvironment.CurrentRoleInstance.Id+“_-Web”;
var apppoolname=new ServerManager().Sites[sitename].Applications.Select(app=>app.ApplicationPoolName.ToList();
appPoolNames.ForEach(iis7fix);
}
你能试试吗?请注意,它不适用于本地系统帐户,因为它不是真实的帐户,我们不能这样设置(至少我不知道如何设置,但对于RDP的特定帐户,它可以正常工作)。Create start.cmd:
FOR /F "tokens=*" %%A IN ('%windir%/system32/inetsrv/APPCMD list wp /text:apppool.name') DO (
%systemroot%/system32/inetsrv/APPCMD set config /section:applicationPools /[name='%%A%':'].processModel.identityType:LocalSystem
)