0

Is it possible to configure IIS to always default the identity settings for Anonymous authentication to use application pool identity?

There is never a reason I would want it otherwise so it's frustrating to be continuously required to flip this setting for any web application I create.

Chris Marisic
  • 1,424
  • 8
  • 33
  • 51

1 Answers1

4

You can do that using appcmd from the command line. Run the following:

c:\windows\system32\inetsrv\appcmd.exe set config  -section:system.webServer/security/authentication/anonymousAuthentication /userName:""  /commit:apphost

Be careful because it will update all existing sites, so if you have any sites that you don't want this applied to, make sure to specifically 'change something' with anonymous auth for those sites first. That will ensure that the setting is specifically set at the site level so that changing the default won't affect that site.

Scott Forsyth
  • 16,449
  • 3
  • 37
  • 56
  • Perfect, exactly what i was looking for. I only use IIS to host ASP.NET so there is never value to me to not run as the app identity. – Chris Marisic Feb 23 '11 at 15:39
  • Just ran it and it looks like it worked fine – Chris Marisic Feb 23 '11 at 15:44
  • Great. Glad that worked. As long as you don't share app pools with sites that don't trust each other (i.e. bulk shared hosting), you're good doing what you did. I always do the same. – Scott Forsyth Feb 23 '11 at 21:33