community.windows icon indicating copy to clipboard operation
community.windows copied to clipboard

Published 20 hours ago verified publisher icon ansible-collections

win_iis_website: No option to change Ananymous and Windows authentication

Open Udayendu opened this issue 2 years ago • 2 comments

SUMMARY

Currently there is no option to change the anonymous and windows authentication using win_iis_website module

ISSUE TYPE
  • Feature Request
COMPONENT NAME
  • win_iis_website
ANSIBLE VERSION
$ pip3 show ansible
Name: ansible
Version: 5.8.0
Summary: Radically simple IT automation
Home-page: https://ansible.com/
Author: Ansible, Inc.
Author-email: [email protected]
License: GPLv3+
Location: /usr/local/lib/python3.8/dist-packages
Requires: ansible-core
Required-by:
COLLECTION VERSION
$ ansible-galaxy collection list community.windows

# /usr/local/lib/python3.8/dist-packages/ansible_collections
Collection        Version
----------------- -------
community.windows 1.10.0
CONFIGURATION
  • NO specific configuration
OS / ENVIRONMENT
  • Ubuntu 20.04 LTS as ansible provision Server
  • Windows Server 2016 as Target vm
EXPECTED RESULTS
  • win_iis_website module should have some option to change the authentication type of a website and its applictaion
ACTUAL RESULTS
  • Currently there is no option to change the authentication type. But following powershell coammnds can be used to change the authentictaion:
- name: Unlock IIS anonymous Authentication property
  win_shell: Set-WebConfiguration -Filter "/system.webserver/security/authentication/anonymousAuthentication" -PSPath "machine/webroot/apphost" -Metadata "overrideMode" -Value "Allow"

- name: Disable IIS MyWebApp Site Anonymous Authentication
  win_shell: Set-WebConfigurationProperty -Filter "/system.webServer/security/authentication/anonymousAuthentication" -Name Enabled -Value False -PSPath "IIS:\Sites\MyWebApp"
  register: result

- name: Unlock IIS Windows Authentication property
  win_shell: Set-WebConfiguration -Filter "/system.webserver/security/authentication/windowsAuthentication" -PSPath "machine/webroot/apphost" -Metadata "overrideMode" -Value "Allow"

- name: Enable IIS MyWebApp Site Windows Authentication
  win_shell: Set-WebConfigurationProperty -Filter "/system.webServer/security/authentication/windowsAuthentication" -Name Enabled -Value True -PSPath "IIS:\Sites\MyWebApp"
  register: result

Udayendu avatar Jul 11 '22 09:07 Udayendu

@Udayendu I would like to see that functionality as well, but in the meantime, you can use the win_dsc module to accomplish this. An example for a web application is here:

- name: Install xWebAdministration module 
  win_psmodule: 
    name: xWebAdministration 
    state: present 

- name: "Setting Windows Auth as 'Enabled' and Anonymous Auth as 'Disabled'..." 
  win_dsc: 
    resource_name: xWebApplication
    Name: MyWebSite
    Ensure: Present
    PhysicalPath: C:\inetpub\wwwroot\
    Website: 'Default Web Site'
    WebAppPool: {{ app_pool }}
    AuthenticationInfo:
      Windows: yes
      Anonymous: no

jeremyhallock avatar Jul 22 '22 13:07 jeremyhallock

Thanks @jeremyhallock :)

Udayendu avatar Aug 02 '22 12:08 Udayendu