Dear support,
We faced with the following problem: we need to specify only NTLM authentication provider for the Web application during its installation.
The Web application is installed on the separate Web site.
Both Web application and Web site are created during the installation and use ASP.NET v4.0.
Moreover, the separate application pool for the Web application is created during the installation (it uses .NET v4.0 too).
Only integrated Windows authentication is enabled for the Web application (anonymous is disabled).
We need to specify only NTLM authentication provider for the Web application and Kerberos should be removed.
I know it is very easy to do that manually in IIS after installation of change the Web.config, but is there any way to do that automatically during the installation using Advanced Installer?
Looking forward to your reply.
Thank you.
Kind regards,
Oleksandr
Suggested Articles
Re: Can I set NTLM authentication provider only for Web app?
Hello Oleksandr and welcome to Advanced Installer forums,
Thank you for your interest in Advanced Installer.
I'm afraid we don't a predefined have support for this. We have added it on our TODO list and will be available in a future version of Advanced Installer. Thank you for your suggestion.
Until then, as a workaround you can use a custom action in order to achieve this. For example you can use a VBScript custom action like this:
Here are the steps to proceed:
- Go to "Custom Actions" page and add the above VBScript as a "Launch attached file" custom action with sequence like this:
- Drag and drop the VBScript custom action just before InstallFinalize standard action.
- Build and run your project.
Let us know if this helped.
All the best,
Daniel
Thank you for your interest in Advanced Installer.
I'm afraid we don't a predefined have support for this. We have added it on our TODO list and will be available in a future version of Advanced Installer. Thank you for your suggestion.
Until then, as a workaround you can use a custom action in order to achieve this. For example you can use a VBScript custom action like this:
Code: Select all
Sub IIsCustomAction()
Set adminManager = CreateObject("Microsoft.ApplicationHost.WritableAdminManager")
adminManager.CommitPath = "MACHINE/WEBROOT/APPHOST"
Set authenticationSection = adminManager.GetAdminSection("system.webServer/security/authentication/windowsAuthentication", "MACHINE/WEBROOT/APPHOST/YourWebSiteName")
Set providersCollection = authenticationSection.ChildElements.Item("providers").Collection
providersCollection.Clear()
Set addElement = providersCollection.CreateNewElement("add")
addElement.Properties.Item("value").Value = "NTLM"
providersCollection.AddElement(addElement)
adminManager.CommitChanges()
End Sub- Go to "Custom Actions" page and add the above VBScript as a "Launch attached file" custom action with sequence like this:
- Function: IIsCustomAction
Execution Options: Deferred with no impersonation
Execution Stage Condition: Install
- Drag and drop the VBScript custom action just before InstallFinalize standard action.
- Build and run your project.
Let us know if this helped.
All the best,
Daniel
Re: Can I set NTLM authentication provider only for Web app?
Dear support,
Thank you for the reply.
But unfortunately we cannot use the suggested solution since we can't guarantee that VBScript will be available on the target machine.
For the current moment we'll perform this step manually after installation.
Would you be so kind to let us know in what release (according to your roadmap) this feature will be available?
Looking forward to your reply.
Thank you.
Kind regards,
Oleksandr
Thank you for the reply.
But unfortunately we cannot use the suggested solution since we can't guarantee that VBScript will be available on the target machine.
For the current moment we'll perform this step manually after installation.
Would you be so kind to let us know in what release (according to your roadmap) this feature will be available?
Looking forward to your reply.
Thank you.
Kind regards,
Oleksandr
Re: Can I set NTLM authentication provider only for Web app?
Hello Oleksandr,
All the best,
Daniel
Please keep in mind that when you are using a "Launch attached file" custom action the source file will be embedded in the MSI file. Therefore, it will be no need that VBScript to be available on the target machine at install time.But unfortunately we cannot use the suggested solution since we can't guarantee that VBScript will be available on the target machine.
Unfortunately, since this is the only request the improvement was postponed due to low priority. Perhaps in the future we will increase its priority, but for the moment there are not immediate plans. Also, I'm afraid that we cannot give you an ETA for now.Would you be so kind to let us know in what release (according to your roadmap) this feature will be available?
All the best,
Daniel
Re: Can I set NTLM authentication provider only for Web app?
I know this thread is kind of old, but I had the same issue and was able to set NTLM as the only provider by using Advanced Installer IIS configuration. You set it by using the custom properties as below:
- Attachments
-
- 2017-05-15_12-43-34.jpg (16.33 KiB) Viewed 5376 times
Re: Can I set NTLM authentication provider only for Web app?
Hello,
Thank you for your follow up and for sharing the solution with us.
Indeed, starting with the newer versions of Advanced Installer (v10.6 and newer) you can achieve this by using our "IIS Custom Properties" support.
All the best,
Daniel
Thank you for your follow up and for sharing the solution with us.
Indeed, starting with the newer versions of Advanced Installer (v10.6 and newer) you can achieve this by using our "IIS Custom Properties" support.
All the best,
Daniel