I would like to change some application configurations, mainly the authentication types - instead of using Anonymous, use Windows Authentication.
Looks like this works ok with the root Default Website as shown in my working example below.
However I have tried the same with applications on the Default Website and only been able to update one. There are 30 apps that require the authentication method change. I've created a script that works fine in Powershell (tested on windows 10 and windows server 2019) but when it's imported into the Advanced Installer inline Powershell script field, then built and run it continues to fail and roll-back. Strangely when i run it as a 'run powershell script file (attached file .PS1)' custom action instead, it does complete. I'm wondering if there is a particular method or layout, vocabulary or form within the custom action that i'm missing. Again, it works perfectly from Powershell ISE and results are good there.
This works perfectly well but the bigger changes in the other script do not. Note, the param is imported correctly and "WAUTH_ON" is one of the reponses to a radio button choice during install.
#Import variables from installer to PowerShell
Param ($SetWinAuth)
# Set Opt-in Web Apps to Windows Authentication
If
($SetWinAuth -eq "WAUTH_ON")
{Set-WebConfigurationProperty -filter "/system.webServer/security/authentication/AnonymousAuthentication" -name enabled -value false -Location "Default Web Site" -PSPath IIS:\
Set-WebConfigurationProperty -filter /system.web/identity -name impersonate -value false -PSPath 'IIS:\Sites\Default Web Site'
Set-WebConfigurationProperty -filter /system.web/authentication -name mode -value Windows -PSPath 'IIS:\Sites\Default Web Site'
Set-WebConfigurationProperty -filter "/system.webServer/security/authentication/windowsAuthentication" -name enabled -value true -location "Default Web Site" -PSPath IIS:\}
# Set Opt-in Web Apps to Anonymous Authentication
ElseIf
($SetWinAuth -eq "WAUTH_OFF")
{Set-WebConfigurationProperty -filter "/system.webServer/security/authentication/AnonymousAuthentication" -name enabled -value true -Location "Default Web Site" -PSPath IIS:\
Set-WebConfigurationProperty -filter /system.web/identity -name impersonate -value false -PSPath 'IIS:\Sites\Default Web Site'
Set-WebConfigurationProperty -filter /system.web/authentication -name mode -value Windows -PSPath 'IIS:\Sites\Default Web Site'
Set-WebConfigurationProperty -filter "/system.webServer/security/authentication/windowsAuthentication" -name enabled -value false -location "Default Web Site" -PSPath IIS:\}
The method i'm using in the 'run powershell inline script' is as follows:
1. Use the custom action tool
2. Set it to 64-bit
3. No import variable required this time.
4. Set up variables
5. I unlock the config file with: cmd.exe /c %windir%/system32/inetsrv/appcmd unlock config /section:anonymousAuthentication (for example)
6. I then use the following code and repeat it for each application within the same script.
# Set Authentication Method for EFT
$PSPathFull = Join-Path -Path $PSApertaRoot -ChildPath $PSPathAEFT
Set-WebConfigurationProperty -pspath $PSPathFull -filter $filterAnon -name $propertyName -value $propertyFValue
Set-WebConfigurationProperty -filter $filterImpers -name $propertyImpers -value $propertyFValue -PSPath $PSPathFull
Set-WebConfigurationProperty -pspath $PSPathFull -filter $filterWin -name $propertyName -value $propertyTValue
Notes:
$PSPathFull is the full path to the property i want to change (eg: $PSApertaRoot = 'IIS:\Sites\Default Web Site\' joined with $PSPathAEFT )
$PSPathAEFT is the application identity (eg: $PSPathAEFT = 'ApertaActiveEFT')
$filterAnon is the filter path (eg: $filterAnon = "/system.webServer/security/authentication/anonymousAuthentication")
$propertyName is the name of the property i want to change (eg: $propertyName = "enabled")
$propertyFValue is the property value i want to change it to (eg: $propertyTValue = "true" or $propertyFValue = "false")
Thanks for your help and if you need any further info, please ask.