Adding AppPool Identity to IIS_IUSRS group via PowerShell [Answered]RSS

1 reply

Last post Oct 06, 2013 07:38 AM by ShayL

  • Adding AppPool Identity to IIS_IUSRS group via PowerShell

    Oct 06, 2013 12:08 AM|brprvw|LINK

    I'm not sure if I'm not thinking clearly or what, but I'm having difficulty adding the AppPool identity to the local IIS_IUSRS group via PowerShell.  It's only 2 lines to add a user to a local group, whether it's a domain user or local user.  I've used the same steps as I have for other scripts to perform the same action, just not for an AppPool identity:

     

    $Group = [ADSI]"WinNT://$ComputerName/IIS_IUSRS,group"

    $User = "IIS APPPOOL\sometestsite.example.com"

    $Group.psbase.Invoke("Add",([ADSI]"WinNT://$User").path)

    I've changed the backslash to forward slash, hard-coded the user, you name it.  I gotta imagine this is something simple that I'm missing.  I can't use net localgroup because the names are going to be longer than 20 characters.  Anybody have any idea what I'm missing?  Any advice or feedback would be appreciated, thanks all!

  • Re: Adding AppPool Identity to IIS_IUSRS group via PowerShell

    Oct 06, 2013 07:38 AM|ShayL|LINK

    Do you get the user object path when you execute:

    ([ADSI]"WinNT://$User").path

    If so you can try this:

    $group.Add("WinNT://$user")

    -shay